Examples with Signature java.security.Signature used on opensource projects

Search in sources :

Example 16 with Signature

use of java.security.Signature in project hudson-2.x by hudson.

the class UpdateSite method verifySignature.

/**
     * Verifies the signature in the update center data file.
     */
private boolean verifySignature(JSONObject o) throws GeneralSecurityException, IOException {
    JSONObject signature = o.getJSONObject("signature");
    if (signature.isNullObject()) {
        LOGGER.severe("No signature block found");
        return false;
    }
    o.remove("signature");
    List<X509Certificate> certs = new ArrayList<X509Certificate>();
    {
        // load and verify certificates
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        for (Object cert : o.getJSONArray("certificates")) {
            X509Certificate c = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(Base64.decode(cert.toString().toCharArray())));
            c.checkValidity();
            certs.add(c);
        }
        // all default root CAs in JVM are trusted, plus certs bundled in Hudson
        Set<TrustAnchor> anchors = CertificateUtil.getDefaultRootCAs();
        ServletContext context = Hudson.getInstance().servletContext;
        for (String cert : (Set<String>) context.getResourcePaths("/WEB-INF/update-center-rootCAs")) {
            // skip text files that are meant to be documentation
            if (cert.endsWith(".txt"))
                continue;
            anchors.add(new TrustAnchor((X509Certificate) cf.generateCertificate(context.getResourceAsStream(cert)), null));
        }
        CertificateUtil.validatePath(certs);
    }
    // this is for computing a digest to check sanity
    MessageDigest sha1 = MessageDigest.getInstance("SHA1");
    DigestOutputStream dos = new DigestOutputStream(new NullOutputStream(), sha1);
    // this is for computing a signature
    Signature sig = Signature.getInstance("SHA1withRSA");
    sig.initVerify(certs.get(0));
    SignatureOutputStream sos = new SignatureOutputStream(sig);
    JSONCanonicalUtils.write(o, new OutputStreamWriter(new TeeOutputStream(dos, sos), "UTF-8"));
    // did the digest match? this is not a part of the signature validation, but if we have a bug in the c14n
    // (which is more likely than someone tampering with update center), we can tell
    String computedDigest = new String(Base64.encode(sha1.digest()));
    String providedDigest = signature.getString("digest");
    if (!computedDigest.equalsIgnoreCase(providedDigest)) {
        LOGGER.severe("Digest mismatch: " + computedDigest + " vs " + providedDigest);
        return false;
    }
    if (!sig.verify(Base64.decode(signature.getString("signature").toCharArray()))) {
        LOGGER.severe("Signature in the update center doesn't match with the certificate");
        return false;
    }
    return true;
}
Also used : TeeOutputStream(org.apache.commons.io.output.TeeOutputStream) Set(java.util.Set) ArrayList(java.util.ArrayList) TrustAnchor(java.security.cert.TrustAnchor) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) JSONObject(net.sf.json.JSONObject) SignatureOutputStream(org.jvnet.hudson.crypto.SignatureOutputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) DigestOutputStream(java.security.DigestOutputStream) Signature(java.security.Signature) ServletContext(javax.servlet.ServletContext) JSONObject(net.sf.json.JSONObject) OutputStreamWriter(java.io.OutputStreamWriter) MessageDigest(java.security.MessageDigest) NullOutputStream(org.apache.commons.io.output.NullOutputStream)

Example 17 with Signature

use of java.security.Signature in project qksms by moezbhatti.

the class Security method verify.

/**
     * Verifies that the signature from the server matches the computed
     * signature on the data.  Returns true if the data is correctly signed.
     *
     * @param publicKey public key associated with the developer account
     * @param signedData signed data from server
     * @param signature server signature
     * @return true if the data and signature match
     */
public static boolean verify(PublicKey publicKey, String signedData, String signature) {
    Signature sig;
    try {
        sig = Signature.getInstance(SIGNATURE_ALGORITHM);
        sig.initVerify(publicKey);
        sig.update(signedData.getBytes());
        if (!sig.verify(Base64.decode(signature))) {
            Log.e(TAG, "Signature verification failed.");
            return false;
        }
        return true;
    } catch (NoSuchAlgorithmException e) {
        Log.e(TAG, "NoSuchAlgorithmException.");
    } catch (InvalidKeyException e) {
        Log.e(TAG, "Invalid key specification.");
    } catch (SignatureException e) {
        Log.e(TAG, "Signature exception.");
    } catch (Base64DecoderException e) {
        Log.e(TAG, "Base64 decoding failed.");
    }
    return false;
}
Also used : Signature(java.security.Signature) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SignatureException(java.security.SignatureException) InvalidKeyException(java.security.InvalidKeyException)

Example 18 with Signature

use of java.security.Signature in project JamsMusicPlayer by psaravan.

the class Security method verify.

/**
     * Verifies that the signature from the server matches the computed
     * signature on the data.  Returns true if the data is correctly signed.
     *
     * @param publicKey public key associated with the developer account
     * @param signedData signed data from server
     * @param signature server signature
     * @return true if the data and signature match
     */
public static boolean verify(PublicKey publicKey, String signedData, String signature) {
    Signature sig;
    try {
        sig = Signature.getInstance(SIGNATURE_ALGORITHM);
        sig.initVerify(publicKey);
        sig.update(signedData.getBytes());
        if (!sig.verify(Base64.decode(signature))) {
            Log.e(TAG, "Signature verification failed.");
            return false;
        }
        return true;
    } catch (NoSuchAlgorithmException e) {
        Log.e(TAG, "NoSuchAlgorithmException.");
    } catch (InvalidKeyException e) {
        Log.e(TAG, "Invalid key specification.");
    } catch (SignatureException e) {
        Log.e(TAG, "Signature exception.");
    } catch (Base64DecoderException e) {
        Log.e(TAG, "Base64 decoding failed.");
    }
    return false;
}
Also used : Signature(java.security.Signature) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SignatureException(java.security.SignatureException) InvalidKeyException(java.security.InvalidKeyException)

Example 19 with Signature

use of java.security.Signature in project dex2jar by pxb1988.

the class AbstractJarSign method sign.

public void sign(File in, File out) throws IOException, GeneralSecurityException {
    JarFile inputJar = null;
    JarOutputStream outputJar = null;
    FileOutputStream outputFile = null;
    try {
        // Assume the certificate is valid for at least an hour.
        long timestamp = System.currentTimeMillis();
        // Don't verify.
        inputJar = new JarFile(in, false);
        OutputStream outputStream = outputFile = new FileOutputStream(out);
        outputJar = new JarOutputStream(outputStream);
        outputJar.setLevel(9);
        JarEntry je;
        // MANIFEST.MF
        Manifest manifest = addDigestsToManifest(inputJar);
        je = new JarEntry(JarFile.MANIFEST_NAME);
        je.setTime(timestamp);
        outputJar.putNextEntry(je);
        manifest.write(outputJar);
        // CERT.SF
        Signature signature = Signature.getInstance(signAlg);
        signature.initSign(privateKey);
        je = new JarEntry("META-INF/CERT.SF");
        je.setTime(timestamp);
        outputJar.putNextEntry(je);
        writeSignatureFile(manifest, new SignatureOutputStream(outputJar, signature));
        int i = digestAlg.toLowerCase().indexOf("with");
        String ext;
        if (i > 0) {
            ext = digestAlg.substring(i + 4);
        } else {
            ext = "RSA";
        }
        // CERT.RSA
        je = new JarEntry("META-INF/CERT." + ext);
        je.setTime(timestamp);
        outputJar.putNextEntry(je);
        writeSignatureBlock(signature.sign(), outputJar);
        // Everything else
        copyFiles(manifest, inputJar, outputJar, timestamp);
        outputJar.close();
        outputJar = null;
        outputStream.flush();
    } finally {
        try {
            if (inputJar != null) {
                inputJar.close();
            }
            if (outputFile != null) {
                outputFile.close();
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
}
Also used : FileOutputStream(java.io.FileOutputStream) JarOutputStream(java.util.jar.JarOutputStream) OutputStream(java.io.OutputStream) FileOutputStream(java.io.FileOutputStream) FilterOutputStream(java.io.FilterOutputStream) DigestOutputStream(java.security.DigestOutputStream) Signature(java.security.Signature) JarOutputStream(java.util.jar.JarOutputStream) IOException(java.io.IOException) JarFile(java.util.jar.JarFile) JarEntry(java.util.jar.JarEntry) Manifest(java.util.jar.Manifest)

Example 20 with Signature

use of java.security.Signature in project robovm by robovm.

the class PKCS10CertificationRequest method verify.

/**
     * verify the request using the passed in public key and the provider..
     */
public boolean verify(PublicKey pubKey, String provider) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
    Signature sig;
    try {
        if (provider == null) {
            sig = Signature.getInstance(getSignatureName(sigAlgId));
        } else {
            sig = Signature.getInstance(getSignatureName(sigAlgId), provider);
        }
    } catch (NoSuchAlgorithmException e) {
        //
        if (oids.get(sigAlgId.getObjectId()) != null) {
            String signatureAlgorithm = (String) oids.get(sigAlgId.getObjectId());
            if (provider == null) {
                sig = Signature.getInstance(signatureAlgorithm);
            } else {
                sig = Signature.getInstance(signatureAlgorithm, provider);
            }
        } else {
            throw e;
        }
    }
    setSignatureParameters(sig, sigAlgId.getParameters());
    sig.initVerify(pubKey);
    try {
        sig.update(reqInfo.getEncoded(ASN1Encoding.DER));
    } catch (Exception e) {
        throw new SignatureException("exception encoding TBS cert request - " + e);
    }
    return sig.verify(sigBits.getBytes());
}
Also used : Signature(java.security.Signature) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) DERBitString(org.bouncycastle.asn1.DERBitString) SignatureException(java.security.SignatureException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) GeneralSecurityException(java.security.GeneralSecurityException) SignatureException(java.security.SignatureException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) NoSuchProviderException(java.security.NoSuchProviderException)

Aggregations

Signature (java.security.Signature)242 SignatureException (java.security.SignatureException)84 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)69 InvalidKeyException (java.security.InvalidKeyException)61 PublicKey (java.security.PublicKey)59 KeyFactory (java.security.KeyFactory)41 PrivateKey (java.security.PrivateKey)38 IOException (java.io.IOException)36 X509Certificate (java.security.cert.X509Certificate)24 RSAPublicKeySpec (java.security.spec.RSAPublicKeySpec)23 KeyPair (java.security.KeyPair)19 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)18 KeyPairGenerator (java.security.KeyPairGenerator)16 MySignature1 (org.apache.harmony.security.tests.support.MySignature1)16 GeneralSecurityException (java.security.GeneralSecurityException)15 ByteArrayInputStream (java.io.ByteArrayInputStream)14 BigInteger (java.math.BigInteger)14 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)14 CertificateException (java.security.cert.CertificateException)14 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)14
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial