use of com.owncloud.android.datamodel.SignatureVerification in project android by nextcloud.
the class NotificationJob method onRunJob.
@NonNull
@Override
protected Result onRunJob(Params params) {
Context context = getContext();
PersistableBundleCompat persistableBundleCompat = getParams().getExtras();
String subject = persistableBundleCompat.getString(KEY_NOTIFICATION_SUBJECT, "");
String signature = persistableBundleCompat.getString(KEY_NOTIFICATION_SIGNATURE, "");
if (!TextUtils.isEmpty(subject) && !TextUtils.isEmpty(signature)) {
try {
byte[] base64DecodedSubject = Base64.decode(subject, Base64.DEFAULT);
byte[] base64DecodedSignature = Base64.decode(signature, Base64.DEFAULT);
PushUtils pushUtils = new PushUtils();
PrivateKey privateKey = (PrivateKey) PushUtils.readKeyFromFile(false);
try {
SignatureVerification signatureVerification = pushUtils.verifySignature(context, base64DecodedSignature, base64DecodedSubject);
if (signatureVerification.isSignatureValid()) {
Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding");
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] decryptedSubject = cipher.doFinal(base64DecodedSubject);
Gson gson = new Gson();
DecryptedPushMessage decryptedPushMessage = gson.fromJson(new String(decryptedSubject), DecryptedPushMessage.class);
// We ignore Spreed messages for now
if (!decryptedPushMessage.getApp().equals("spreed")) {
sendNotification(decryptedPushMessage.getSubject(), signatureVerification.getAccount());
}
}
} catch (NoSuchAlgorithmException e1) {
Log.d(TAG, "No proper algorithm to decrypt the message " + e1.getLocalizedMessage());
} catch (NoSuchPaddingException e1) {
Log.d(TAG, "No proper padding to decrypt the message " + e1.getLocalizedMessage());
} catch (InvalidKeyException e1) {
Log.d(TAG, "Invalid private key " + e1.getLocalizedMessage());
}
} catch (Exception exception) {
Log.d(TAG, "Something went very wrong" + exception.getLocalizedMessage());
}
}
return Result.SUCCESS;
}
use of com.owncloud.android.datamodel.SignatureVerification in project android by nextcloud.
the class PushUtils method verifySignature.
public SignatureVerification verifySignature(Context context, byte[] signatureBytes, byte[] subjectBytes) {
Signature signature = null;
PublicKey publicKey;
SignatureVerification signatureVerification = new SignatureVerification();
signatureVerification.setSignatureValid(false);
Account[] accounts = AccountUtils.getAccounts(context);
ArbitraryDataProvider arbitraryDataProvider = new ArbitraryDataProvider(context.getContentResolver());
String arbitraryValue;
Gson gson = new Gson();
PushConfigurationState pushArbitraryData;
try {
signature = Signature.getInstance("SHA512withRSA");
if (accounts.length > 0) {
for (Account account : accounts) {
if (!TextUtils.isEmpty(arbitraryValue = arbitraryDataProvider.getValue(account, KEY_PUSH))) {
pushArbitraryData = gson.fromJson(arbitraryValue, PushConfigurationState.class);
if (!pushArbitraryData.isShouldBeDeleted()) {
publicKey = (PublicKey) readKeyFromString(true, pushArbitraryData.getUserPublicKey());
signature.initVerify(publicKey);
signature.update(subjectBytes);
if (signature.verify(signatureBytes)) {
signatureVerification.setSignatureValid(true);
signatureVerification.setAccount(account);
return signatureVerification;
}
}
}
}
}
} catch (NoSuchAlgorithmException e) {
Log.d(TAG, "No such algorithm");
} catch (InvalidKeyException e) {
Log.d(TAG, "Invalid key while trying to verify");
} catch (SignatureException e) {
Log.d(TAG, "Signature exception while trying to verify");
}
return signatureVerification;
}
use of com.owncloud.android.datamodel.SignatureVerification in project android by nextcloud.
the class PushUtils method verifySignature.
public static SignatureVerification verifySignature(final Context context, final UserAccountManager accountManager, final byte[] signatureBytes, final byte[] subjectBytes) {
Signature signature;
PublicKey publicKey;
Account[] accounts = accountManager.getAccounts();
ArbitraryDataProvider arbitraryDataProvider = new ArbitraryDataProvider(context.getContentResolver());
String arbitraryValue;
Gson gson = new Gson();
PushConfigurationState pushArbitraryData;
try {
signature = Signature.getInstance("SHA512withRSA");
if (accounts.length > 0) {
for (Account account : accounts) {
if (!TextUtils.isEmpty(arbitraryValue = arbitraryDataProvider.getValue(account.name, KEY_PUSH))) {
pushArbitraryData = gson.fromJson(arbitraryValue, PushConfigurationState.class);
if (!pushArbitraryData.isShouldBeDeleted()) {
publicKey = (PublicKey) readKeyFromString(true, pushArbitraryData.getUserPublicKey());
signature.initVerify(publicKey);
signature.update(subjectBytes);
if (signature.verify(signatureBytes)) {
return new SignatureVerification(true, account);
}
}
}
}
}
} catch (NoSuchAlgorithmException e) {
Log.d(TAG, "No such algorithm");
} catch (InvalidKeyException e) {
Log.d(TAG, "Invalid key while trying to verify");
} catch (SignatureException e) {
Log.d(TAG, "Signature exception while trying to verify");
}
return new SignatureVerification(false, null);
}
Aggregations