Examples with DigestInfo - com.github.zhenwei.core.asn1.x509.DigestInfo

Example 21 with DigestInfo

use of com.github.zhenwei.core.asn1.x509.DigestInfo in project jss by dogtagpki.

the class PFX method verifyAuthSafes.

/**
 * Verifies the HMAC on the authenticated safes, using the password
 * provided.
 *
 * @param password The password to use to compute the HMAC.
 * @param reason If supplied, the reason for the verification failure
 *      will be appended to this StringBuffer.
 * @return true if the MAC verifies correctly, false otherwise. If
 *      this PFX does not contain a MacData, returns false.
 */
public boolean verifyAuthSafes(Password password, StringBuffer reason) throws NotInitializedException {
    try {
        if (reason == null) {
            // this is just so we don't get a null pointer exception
            reason = new StringBuffer();
        }
        if (macData == null) {
            reason.append("No MAC present in PFX");
            return false;
        }
        if (encodedAuthSafes == null) {
            // We weren't decoded from a template, we were constructed,
            // so just verify the encoding of the AuthSafes provided to
            // the constructor.
            encodedAuthSafes = ASN1Util.encode(authSafes);
        }
        // create a new MacData based on the encoded Auth Safes
        DigestInfo macDataMac = macData.getMac();
        MacData testMac = new MacData(password, macData.getMacSalt().toByteArray(), macData.getMacIterationCount().intValue(), encodedAuthSafes);
        if (testMac.getMac().equals(macDataMac)) {
            return true;
        } else {
            reason.append("Digests do not match");
            return false;
        }
    } catch (java.security.DigestException e) {
        e.printStackTrace();
        reason.append("A DigestException occurred");
        return false;
    } catch (TokenException e) {
        reason.append("A TokenException occurred");
        return false;
    } catch (CharConversionException e) {
        reason.append("An exception occurred converting the password from chars to bytes");
        return false;
    }
}

Also used : DigestInfo(org.mozilla.jss.pkcs7.DigestInfo) TokenException(org.mozilla.jss.crypto.TokenException) DigestException(java.security.DigestException) CharConversionException(java.io.CharConversionException)

Aggregations

IOException (java.io.IOException)13 DigestInfo (com.github.zhenwei.core.asn1.x509.DigestInfo)7 KeyStoreException (java.security.KeyStoreException)6 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6 PrivateKey (java.security.PrivateKey)6 UnrecoverableKeyException (java.security.UnrecoverableKeyException)6 Certificate (java.security.cert.Certificate)6 CertificateEncodingException (java.security.cert.CertificateEncodingException)6 CertificateException (java.security.cert.CertificateException)6 X509Certificate (java.security.cert.X509Certificate)6 Enumeration (java.util.Enumeration)6 Hashtable (java.util.Hashtable)6 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)6 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)6 DigestInfo (org.bouncycastle.asn1.x509.DigestInfo)6 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)5 OutputStream (java.io.OutputStream)5 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)5 ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)4 DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)4