use of com.google.crypto.tink.subtle.EcdsaSignJce in project tink by google.
the class RewardedAdsVerifierTest method testShouldVerifyWithEncodedUrl.
@Test
public void testShouldVerifyWithEncodedUrl() throws Exception {
RewardedAdsVerifier verifier = new RewardedAdsVerifier.Builder().setVerifyingPublicKeys(GOOGLE_VERIFYING_PUBLIC_KEYS_JSON).build();
String rewardUrl = "https://publisher.com/path?foo=hello%20world&bar=user%40gmail.com";
String decodedQueryString = "foo=hello world&bar=user@gmail.com";
EcdsaSignJce signer = new EcdsaSignJce(EllipticCurves.getEcPrivateKey(Base64.decode(GOOGLE_SIGNING_PRIVATE_KEY_PKCS8_BASE64)), "SHA256WithECDSA");
byte[] signature = signer.sign(decodedQueryString.getBytes(UTF_8));
String signedUrl = buildUrl(rewardUrl, signature, KEY_ID);
verifier.verify(signedUrl);
}
use of com.google.crypto.tink.subtle.EcdsaSignJce in project tink by google.
the class RewardedAdsVerifierTest method signUrl.
private static String signUrl(String rewardUrl, String privateKey, long keyId) throws Exception {
EcdsaSignJce signer = new EcdsaSignJce(EllipticCurves.getEcPrivateKey(Base64.decode(privateKey)), "SHA256WithECDSA");
String queryString = new URI(rewardUrl).getQuery();
return buildUrl(rewardUrl, signer.sign(queryString.getBytes(UTF_8)), keyId);
}
use of com.google.crypto.tink.subtle.EcdsaSignJce in project tink by google.
the class RewardedAdsVerifierTest method testShouldFailIfSignatureWasChanged.
@Test
public void testShouldFailIfSignatureWasChanged() throws Exception {
EcdsaSignJce signer = new EcdsaSignJce(EllipticCurves.getEcPrivateKey(Base64.decode(GOOGLE_SIGNING_PRIVATE_KEY_PKCS8_BASE64)), "SHA256WithECDSA");
RewardedAdsVerifier verifier = new RewardedAdsVerifier.Builder().setVerifyingPublicKeys(GOOGLE_VERIFYING_PUBLIC_KEYS_JSON).build();
byte[] validSig = signer.sign(REWARD_URL.getBytes(UTF_8));
for (int i = 0; i < validSig.length; i++) {
byte[] modifiedSig = Arrays.copyOf(validSig, validSig.length);
modifiedSig[i] = (byte) (modifiedSig[i] ^ 0xff);
String modifiedUrl = buildUrl(REWARD_URL, modifiedSig, KEY_ID);
try {
verifier.verify(modifiedUrl);
fail("Expected GeneralSecurityException");
} catch (GeneralSecurityException e) {
// Expected.
System.out.println(e);
}
}
}
use of com.google.crypto.tink.subtle.EcdsaSignJce in project tink by google.
the class EcdsaSignKeyManager method getPrimitive.
/**
* @param key {@code EcdsaPrivateKey} proto
*/
@Override
public PublicKeySign getPrimitive(MessageLite key) throws GeneralSecurityException {
if (!(key instanceof EcdsaPrivateKey)) {
throw new GeneralSecurityException("expected EcdsaPrivateKey proto");
}
EcdsaPrivateKey keyProto = (EcdsaPrivateKey) key;
validateKey(keyProto);
ECPrivateKey privateKey = EllipticCurves.getEcPrivateKey(SigUtil.toCurveType(keyProto.getPublicKey().getParams().getCurve()), keyProto.getKeyValue().toByteArray());
return new EcdsaSignJce(privateKey, SigUtil.toEcdsaAlgo(keyProto.getPublicKey().getParams().getHashType()));
}
Aggregations