Example 76 with SignatureException
use of java.security.SignatureException in project GNS by MobilityFirst.
the class SimpleClientExample method main.
/**
*
* @param args
* @throws IOException
* @throws InvalidKeySpecException
* @throws NoSuchAlgorithmException
* @throws ClientException
* @throws InvalidKeyException
* @throws SignatureException
* @throws Exception
*/
public static void main(String[] args) throws IOException, InvalidKeySpecException, NoSuchAlgorithmException, ClientException, InvalidKeyException, SignatureException, Exception {
// Create the client. Connects to a default reconfigurator as specified in gigapaxos.properties file.
client = new GNSClientCommands();
try {
// Create an account guid if one doesn't already exists.
// The true makes it verbosely print out what it is doing.
// The password is for future use.
// Note that lookupOrCreateAccountGuid "cheats" by bypassing the account verification
// mechanisms.
accountGuid = GuidUtils.lookupOrCreateAccountGuid(client, ACCOUNT_ALIAS, PASSWORD, true);
} catch (Exception e) {
System.out.println("Exception during accountGuid creation: " + e);
System.exit(1);
}
System.out.println("Client connected to GNS");
// Retrive the GUID using the account id
String guid = client.lookupGuid(ACCOUNT_ALIAS);
System.out.println("Retrieved GUID for " + ACCOUNT_ALIAS + ": " + guid);
// Get the public key from the GNS
PublicKey publicKey = client.publicKeyLookupFromGuid(guid);
System.out.println("Retrieved public key: " + publicKey.toString());
// Use the GuidEntry create an new record in the GNS
client.fieldUpdate(accountGuid, "homestate", "Florida");
System.out.println("Added homestate -> Florida record to the GNS for GUID " + accountGuid.getGuid());
// Retrive that record from the GNS
String result = client.fieldRead(accountGuid.getGuid(), "homestate", accountGuid);
System.out.println("Result of read location: " + result);
System.exit(0);
}
Also used :
GNSClientCommands(edu.umass.cs.gnsclient.client.GNSClientCommands)
PublicKey(java.security.PublicKey)
ClientException(edu.umass.cs.gnscommon.exceptions.client.ClientException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SignatureException(java.security.SignatureException)
IOException(java.io.IOException)
InvalidKeyException(java.security.InvalidKeyException)
Example 77 with SignatureException
use of java.security.SignatureException in project GNS by MobilityFirst.
the class CryptoUtils method signDigestOfMessage.
/**
* Signs a digest of a message using private key of the given guid.
*
* @param guidEntry
* @param message
* @return a signed digest of the message string encoded as a hex string
* @throws InvalidKeyException
* @throws NoSuchAlgorithmException
* @throws SignatureException
* @throws java.io.UnsupportedEncodingException
*
* arun: This method need to be synchronized over the signature
* instance, otherwise it will result in corrupted signatures.
*/
public static String signDigestOfMessage(GuidEntry guidEntry, String message) throws ClientException {
try {
Signature signatureInstance = getSignatureInstance();
synchronized (signatureInstance) {
signatureInstance.initSign(guidEntry.getPrivateKey());
// iOS client uses UTF-8 - should switch to ISO-8859-1 to be consistent with
// secret key version
signatureInstance.update(message.getBytes("UTF-8"));
byte[] signedString = signatureInstance.sign();
// We used to encode this as a hex so we could send it with the html without
// encoding. Not really necessary anymore for the socket based client,
// but the iOS client does as well so we need to keep it like this.
// Also note that the secret based method doesn't do this - it just returns a string
// using the ISO-8859-1 charset.
String result = DatatypeConverter.printHexBinary(signedString);
//String result = ByteUtils.toHex(signedString);
return result;
}
} catch (InvalidKeyException | UnsupportedEncodingException | SignatureException e) {
throw new ClientException("Error encoding message", e);
}
}
Also used :
Signature(java.security.Signature)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
SignatureException(java.security.SignatureException)
ClientException(edu.umass.cs.gnscommon.exceptions.client.ClientException)
InvalidKeyException(java.security.InvalidKeyException)
Example 78 with SignatureException
use of java.security.SignatureException in project GNS by MobilityFirst.
the class Select method aclCheckFilterFields.
/**
* This filters individual fields if the cannot be accessed by the reader.
*
* @param packet
* @param records
* @param reader
* @param app
* @return
*/
private static JSONArray aclCheckFilterFields(SelectRequestPacket packet, JSONArray records, String reader, GNSApplicationInterface<String> app) {
for (int i = 0; i < records.length(); i++) {
try {
JSONObject record = records.getJSONObject(i);
String guid = record.getString(NameRecord.NAME.getName());
// Look at the keys in the values map
JSONObject valuesMap = record.getJSONObject(NameRecord.VALUES_MAP.getName());
Iterator<?> keys = valuesMap.keys();
while (keys.hasNext()) {
String field = (String) keys.next();
if (!InternalField.isInternalField(field)) {
LOGGER.log(Level.FINE, "{0} Checking: {1}", new Object[] { app.getNodeID(), field });
ResponseCode responseCode = NSAuthentication.signatureAndACLCheck(null, guid, field, null, reader, null, null, MetaDataTypeName.READ_WHITELIST, app, true);
if (!responseCode.isOKResult()) {
LOGGER.log(Level.FINE, "{0} Removing: {1}", new Object[] { app.getNodeID(), field });
// removing the offending field
keys.remove();
}
}
}
} catch (JSONException | InvalidKeyException | InvalidKeySpecException | SignatureException | NoSuchAlgorithmException | FailedDBOperationException | UnsupportedEncodingException e) {
// ignore json errros
LOGGER.log(Level.FINE, "{0} Problem getting guid from json: {1}", new Object[] { app.getNodeID(), e.getMessage() });
}
}
return records;
}
Also used :
ResponseCode(edu.umass.cs.gnscommon.ResponseCode)
JSONException(org.json.JSONException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
FailedDBOperationException(edu.umass.cs.gnscommon.exceptions.server.FailedDBOperationException)
JSONObject(org.json.JSONObject)
JSONObject(org.json.JSONObject)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
Example 79 with SignatureException
use of java.security.SignatureException in project GNS by MobilityFirst.
the class Select method aclCheckFilterForRecordsArray.
/**
* This filters entire records if the query uses fields that cannot be accessed in the
* returned record by the reader. Otherwise the user would be able to determine that
* some GUIDS contain specific values for fields they can't access.
*
* @param packet
* @param records
* @param reader
* @param app
* @return
*/
private static JSONArray aclCheckFilterForRecordsArray(SelectRequestPacket packet, JSONArray records, String reader, GNSApplicationInterface<String> app) {
JSONArray result = new JSONArray();
for (int i = 0; i < records.length(); i++) {
try {
JSONObject record = records.getJSONObject(i);
String guid = record.getString(NameRecord.NAME.getName());
List<String> queryFields = getFieldsForQueryType(packet);
ResponseCode responseCode = NSAuthentication.signatureAndACLCheck(null, guid, null, queryFields, reader, null, null, MetaDataTypeName.READ_WHITELIST, app, true);
LOGGER.log(Level.FINE, "{0} ACL check for select: guid={0} queryFields={1} responsecode={2}", new Object[] { app.getNodeID(), guid, queryFields, responseCode });
if (responseCode.isOKResult()) {
result.put(record);
}
} catch (JSONException | InvalidKeyException | InvalidKeySpecException | SignatureException | NoSuchAlgorithmException | FailedDBOperationException | UnsupportedEncodingException e) {
// ignore json errros
LOGGER.log(Level.FINE, "{0} Problem getting guid from json: {1}", new Object[] { app.getNodeID(), e.getMessage() });
}
}
return result;
}
Also used :
ResponseCode(edu.umass.cs.gnscommon.ResponseCode)
JSONArray(org.json.JSONArray)
JSONException(org.json.JSONException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
FailedDBOperationException(edu.umass.cs.gnscommon.exceptions.server.FailedDBOperationException)
JSONObject(org.json.JSONObject)
JSONObject(org.json.JSONObject)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
Example 80 with SignatureException
use of java.security.SignatureException in project OpenAM by OpenRock.
the class RestAuthenticationHandler method authenticate.
/**
* Handles either the creation or retrieval of the Login Process, dependent on if the request is a new
* authentication request or a continuation of one.
*
* @param request The HttpServletRequest.
* @param response The HttpServletResponse.
* @param postBody The post body of the request.
* @param authIndexType The authentication index type.
* @param indexValue The authentication index value.
* @param sessionUpgradeSSOTokenId The SSO Token Id of the user's current session, null if not performing a session
* upgrade.
* @return The Response of the authentication request.
*/
private JsonValue authenticate(HttpServletRequest request, HttpServletResponse response, JsonValue postBody, String authIndexType, String indexValue, String sessionUpgradeSSOTokenId) throws RestAuthException {
LoginProcess loginProcess = null;
try {
AuthIndexType indexType = getAuthIndexType(authIndexType);
String authId = null;
String sessionId = null;
if (postBody != null) {
authId = getAuthId(postBody);
if (authId != null) {
SignedJwt jwt = authIdHelper.reconstructAuthId(authId);
sessionId = getSessionId(jwt);
indexType = getAuthIndexType(jwt);
indexValue = getAuthIndexValue(jwt);
String realmDN = getRealmDomainName(jwt);
AuditRequestContext.putProperty(SESSION_ID, sessionId);
authIdHelper.verifyAuthId(realmDN, authId);
}
}
LoginConfiguration loginConfiguration = new LoginConfiguration().httpRequest(request).httpResponse(response).indexType(indexType).indexValue(indexValue).sessionId(sessionId).forceAuth(request.getParameter(AuthUtils.FORCE_AUTH)).sessionUpgrade(sessionUpgradeSSOTokenId);
loginProcess = loginAuthenticator.getLoginProcess(loginConfiguration);
return processAuthentication(request, response, postBody, authId, loginProcess, loginConfiguration);
} catch (RestAuthException e) {
if (loginProcess != null) {
String failureUrl = urlValidator.getRedirectUrl(loginProcess.getAuthContext().getOrgDN(), loginProcess.getFailureURL(), null);
e.setFailureUrl(failureUrl);
}
throw e;
} catch (L10NMessageImpl e) {
throw new RestAuthException(amAuthErrorCodeResponseStatusMapping.getAuthLoginExceptionResponseStatus(e.getErrorCode()), e);
} catch (JsonException e) {
throw new RestAuthException(ResourceException.INTERNAL_ERROR, e);
} catch (SignatureException e) {
throw new RestAuthException(ResourceException.INTERNAL_ERROR, e);
} catch (AuthLoginException e) {
throw new RestAuthException(amAuthErrorCodeResponseStatusMapping.getAuthLoginExceptionResponseStatus(e.getErrorCode()), e);
} catch (JwsSigningException jse) {
DEBUG.error("JwsSigningException", jse);
throw new RestAuthException(ResourceException.INTERNAL_ERROR, "JwsSigningException, " + jse.getMessage());
}
}
Also used :
RestAuthException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthException)
JsonException(org.forgerock.json.JsonException)
JwsSigningException(org.forgerock.json.jose.exceptions.JwsSigningException)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
AuthIndexType(org.forgerock.openam.core.rest.authn.core.AuthIndexType)
LoginConfiguration(org.forgerock.openam.core.rest.authn.core.LoginConfiguration)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SignedJwt(org.forgerock.json.jose.jws.SignedJwt)
SignatureException(java.security.SignatureException)
LoginProcess(org.forgerock.openam.core.rest.authn.core.LoginProcess)
Aggregations
SignatureException (java.security.SignatureException)196
InvalidKeyException (java.security.InvalidKeyException)94
Signature (java.security.Signature)80
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)66
IOException (java.io.IOException)51
PublicKey (java.security.PublicKey)34
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)26
X509Certificate (java.security.cert.X509Certificate)19
ByteArrayInputStream (java.io.ByteArrayInputStream)16
BigInteger (java.math.BigInteger)16
CertificateException (java.security.cert.CertificateException)16
ArrayList (java.util.ArrayList)14
MySignature1 (org.apache.harmony.security.tests.support.MySignature1)14
ClientException (edu.umass.cs.gnscommon.exceptions.client.ClientException)12
NoSuchProviderException (java.security.NoSuchProviderException)12
PrivateKey (java.security.PrivateKey)12
KeyStoreException (android.security.KeyStoreException)10
KeyFactory (java.security.KeyFactory)10
UnsupportedEncodingException (java.io.UnsupportedEncodingException)9
CertificateEncodingException (java.security.cert.CertificateEncodingException)9
