Example 11 with Signature
use of java.security.Signature in project Klyph by jonathangerbaud.
the class LicenseValidator method verify.
/**
* Verifies the response from server and calls appropriate callback method.
*
* @param publicKey public key associated with the developer account
* @param responseCode server response code
* @param signedData signed data from server
* @param signature server signature
*/
public void verify(PublicKey publicKey, int responseCode, String signedData, String signature) {
String userId = null;
// Skip signature check for unsuccessful requests
ResponseData data = null;
if (responseCode == LICENSED || responseCode == NOT_LICENSED || responseCode == LICENSED_OLD_KEY) {
// Verify signature.
try {
Signature sig = Signature.getInstance(SIGNATURE_ALGORITHM);
sig.initVerify(publicKey);
sig.update(signedData.getBytes());
if (!sig.verify(Base64.decode(signature))) {
Log.e(TAG, "Signature verification failed.");
handleInvalidResponse();
return;
}
} catch (NoSuchAlgorithmException e) {
// This can't happen on an Android compatible device.
throw new RuntimeException(e);
} catch (InvalidKeyException e) {
handleApplicationError(LicenseCheckerCallback.ERROR_INVALID_PUBLIC_KEY);
return;
} catch (SignatureException e) {
throw new RuntimeException(e);
} catch (Base64DecoderException e) {
Log.e(TAG, "Could not Base64-decode signature.");
handleInvalidResponse();
return;
}
// Parse and validate response.
try {
data = ResponseData.parse(signedData);
} catch (IllegalArgumentException e) {
Log.e(TAG, "Could not parse response.");
handleInvalidResponse();
return;
}
if (data.responseCode != responseCode) {
Log.e(TAG, "Response codes don't match.");
handleInvalidResponse();
return;
}
if (data.nonce != mNonce) {
Log.e(TAG, "Nonce doesn't match.");
handleInvalidResponse();
return;
}
if (!data.packageName.equals(mPackageName)) {
Log.e(TAG, "Package name doesn't match.");
handleInvalidResponse();
return;
}
if (!data.versionCode.equals(mVersionCode)) {
Log.e(TAG, "Version codes don't match.");
handleInvalidResponse();
return;
}
// Application-specific user identifier.
userId = data.userId;
if (TextUtils.isEmpty(userId)) {
Log.e(TAG, "User identifier is empty.");
handleInvalidResponse();
return;
}
}
switch(responseCode) {
case LICENSED:
case LICENSED_OLD_KEY:
int limiterResponse = mDeviceLimiter.isDeviceAllowed(userId);
handleResponse(limiterResponse, data);
break;
case NOT_LICENSED:
handleResponse(Policy.NOT_LICENSED, data);
break;
case ERROR_CONTACTING_SERVER:
Log.w(TAG, "Error contacting licensing server.");
handleResponse(Policy.RETRY, data);
break;
case ERROR_SERVER_FAILURE:
Log.w(TAG, "An error has occurred on the licensing server.");
handleResponse(Policy.RETRY, data);
break;
case ERROR_OVER_QUOTA:
Log.w(TAG, "Licensing server is refusing to talk to this device, over quota.");
handleResponse(Policy.RETRY, data);
break;
case ERROR_INVALID_PACKAGE_NAME:
handleApplicationError(LicenseCheckerCallback.ERROR_INVALID_PACKAGE_NAME);
break;
case ERROR_NON_MATCHING_UID:
handleApplicationError(LicenseCheckerCallback.ERROR_NON_MATCHING_UID);
break;
case ERROR_NOT_MARKET_MANAGED:
handleApplicationError(LicenseCheckerCallback.ERROR_NOT_MARKET_MANAGED);
break;
default:
Log.e(TAG, "Unknown response code for license check.");
handleInvalidResponse();
}
}
Also used :
Base64DecoderException(com.google.android.vending.licensing.util.Base64DecoderException)
Signature(java.security.Signature)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SignatureException(java.security.SignatureException)
InvalidKeyException(java.security.InvalidKeyException)
Example 12 with Signature
use of java.security.Signature in project jjwt by jwtk.
the class EllipticCurveSigner method doSign.
protected byte[] doSign(byte[] data) throws InvalidKeyException, java.security.SignatureException, JwtException {
PrivateKey privateKey = (PrivateKey) key;
Signature sig = createSignatureInstance();
sig.initSign(privateKey);
sig.update(data);
return transcodeSignatureToConcat(sig.sign(), getSignatureByteArrayLength(alg));
}
Also used :
PrivateKey(java.security.PrivateKey)
ECPrivateKey(java.security.interfaces.ECPrivateKey)
Signature(java.security.Signature)
Example 13 with Signature
use of java.security.Signature in project jjwt by jwtk.
the class RsaProvider method createSignatureInstance.
protected Signature createSignatureInstance() {
Signature sig = super.createSignatureInstance();
PSSParameterSpec spec = PSS_PARAMETER_SPECS.get(alg);
if (spec != null) {
setParameter(sig, spec);
}
return sig;
}
Also used :
PSSParameterSpec(java.security.spec.PSSParameterSpec)
Signature(java.security.Signature)
Example 14 with Signature
use of java.security.Signature in project jjwt by jwtk.
the class RsaSigner method doSign.
protected byte[] doSign(byte[] data) throws InvalidKeyException, java.security.SignatureException {
PrivateKey privateKey = (PrivateKey) key;
Signature sig = createSignatureInstance();
sig.initSign(privateKey);
sig.update(data);
return sig.sign();
}
Also used :
PrivateKey(java.security.PrivateKey)
Signature(java.security.Signature)
Example 15 with Signature
use of java.security.Signature in project jjwt by jwtk.
the class EllipticCurveSignatureValidator method isValid.
@Override
public boolean isValid(byte[] data, byte[] signature) {
Signature sig = createSignatureInstance();
PublicKey publicKey = (PublicKey) key;
try {
int expectedSize = getSignatureByteArrayLength(alg);
/**
*
* If the expected size is not valid for JOSE, fall back to ASN.1 DER signature.
* This fallback is for backwards compatibility ONLY (to support tokens generated by previous versions of jjwt)
* and backwards compatibility will possibly be removed in a future version of this library.
*
* **/
byte[] derSignature = expectedSize != signature.length && signature[0] == 0x30 ? signature : EllipticCurveProvider.transcodeSignatureToDER(signature);
return doVerify(sig, publicKey, data, derSignature);
} catch (Exception e) {
String msg = "Unable to verify Elliptic Curve signature using configured ECPublicKey. " + e.getMessage();
throw new SignatureException(msg, e);
}
}
Also used :
PublicKey(java.security.PublicKey)
ECPublicKey(java.security.interfaces.ECPublicKey)
Signature(java.security.Signature)
SignatureException(io.jsonwebtoken.SignatureException)
SignatureException(io.jsonwebtoken.SignatureException)
InvalidKeyException(java.security.InvalidKeyException)
Aggregations
Signature (java.security.Signature)242
SignatureException (java.security.SignatureException)84
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)69
InvalidKeyException (java.security.InvalidKeyException)61
PublicKey (java.security.PublicKey)59
KeyFactory (java.security.KeyFactory)41
PrivateKey (java.security.PrivateKey)38
IOException (java.io.IOException)36
X509Certificate (java.security.cert.X509Certificate)24
RSAPublicKeySpec (java.security.spec.RSAPublicKeySpec)23
KeyPair (java.security.KeyPair)19
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)18
KeyPairGenerator (java.security.KeyPairGenerator)16
MySignature1 (org.apache.harmony.security.tests.support.MySignature1)16
GeneralSecurityException (java.security.GeneralSecurityException)15
ByteArrayInputStream (java.io.ByteArrayInputStream)14
BigInteger (java.math.BigInteger)14
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)14
CertificateException (java.security.cert.CertificateException)14
X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)14
