Example 21 with AlgorithmParameterSpec
use of java.security.spec.AlgorithmParameterSpec in project robovm by robovm.
the class myAlgPG method testAlgorithmParameterGenerator12.
/**
* Test for <code>init(AlgorithmParameterSpec param)</code> and
* <code>init(AlgorithmParameterSpec param, SecureRandom random<code>
* methods
* Assertion: throws InvalidAlgorithmParameterException when param is null
*/
public void testAlgorithmParameterGenerator12() {
if (!DSASupported) {
fail(validAlgName + " algorithm is not supported");
return;
}
SecureRandom random = new SecureRandom();
AlgorithmParameterSpec aps = null;
AlgorithmParameterGenerator[] apgs = createAPGen();
assertNotNull("AlgorithmParameterGenerator objects were not created", apgs);
for (int i = 0; i < apgs.length; i++) {
try {
apgs[i].init(aps);
fail("InvalidAlgorithmParameterException expected for null argument.");
} catch (InvalidAlgorithmParameterException e) {
//expected
}
try {
apgs[i].init(aps, random);
fail("InvalidAlgorithmParameterException expected for null argument.");
} catch (InvalidAlgorithmParameterException e) {
//expected
}
}
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
SecureRandom(java.security.SecureRandom)
AlgorithmParameterGenerator(java.security.AlgorithmParameterGenerator)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
Example 22 with AlgorithmParameterSpec
use of java.security.spec.AlgorithmParameterSpec in project robovm by robovm.
the class AlgorithmParameterGenerator2Test method checkResult.
private void checkResult(AlgorithmParameterGenerator algParGen) throws InvalidAlgorithmParameterException {
AlgorithmParameters param = algParGen.generateParameters();
assertNull("Not null parameters", param);
AlgorithmParameterSpec pp = null;
algParGen.init(pp, new SecureRandom());
algParGen.init(pp);
try {
algParGen.init(pp, null);
fail("IllegalArgumentException must be thrown");
} catch (IllegalArgumentException e) {
}
pp = new tmpAlgorithmParameterSpec("Proba");
algParGen.init(pp, new SecureRandom());
algParGen.init(pp);
algParGen.init(0, null);
algParGen.init(0, new SecureRandom());
try {
algParGen.init(-10, null);
fail("IllegalArgumentException must be thrown");
} catch (IllegalArgumentException e) {
}
try {
algParGen.init(-10, new SecureRandom());
fail("IllegalArgumentException must be thrown");
} catch (IllegalArgumentException e) {
}
}
Also used :
SecureRandom(java.security.SecureRandom)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
AlgorithmParameters(java.security.AlgorithmParameters)
Example 23 with AlgorithmParameterSpec
use of java.security.spec.AlgorithmParameterSpec in project robovm by robovm.
the class AlgorithmParametersTest method test_getParameterSpecLjava_lang_Class.
/**
* java.security.AlgorithmParameters#getParameterSpec(Class)
*/
public void test_getParameterSpecLjava_lang_Class() throws Exception {
final MyAlgorithmParameterSpec myParamSpec = new MyAlgorithmParameterSpec();
MyAlgorithmParameters paramSpi = new MyAlgorithmParameters() {
protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) {
return myParamSpec;
}
};
AlgorithmParameters params = new DummyAlgorithmParameters(paramSpi, p, "algorithm");
//
try {
params.getParameterSpec(null);
fail("No expected InvalidParameterSpecException");
} catch (InvalidParameterSpecException e) {
// expected
}
try {
params.getParameterSpec(MyAlgorithmParameterSpec.class);
fail("No expected InvalidParameterSpecException");
} catch (InvalidParameterSpecException e) {
// expected
}
//
// test: corresponding spi method is invoked
//
params.init(new MyAlgorithmParameterSpec());
assertSame(myParamSpec, params.getParameterSpec(MyAlgorithmParameterSpec.class));
//
// test: if paramSpec is null
// Regression test for HARMONY-2733
//
paramSpi = new MyAlgorithmParameters() {
protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) {
// null is passed to spi-provider
assertNull(paramSpec);
return null;
}
};
params = new DummyAlgorithmParameters(paramSpi, p, "algorithm");
params.init(new MyAlgorithmParameterSpec());
assertNull(params.getParameterSpec(null));
}
Also used :
InvalidParameterSpecException(java.security.spec.InvalidParameterSpecException)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
AlgorithmParameters(java.security.AlgorithmParameters)
Example 24 with AlgorithmParameterSpec
use of java.security.spec.AlgorithmParameterSpec in project robovm by robovm.
the class AlgorithmParametersTest method test_initLjava_security_spec_AlgorithmParameterSpec.
/**
* java.security.AlgorithmParameters#init(java.security.spec.AlgorithmParameterSpec)
*/
public void test_initLjava_security_spec_AlgorithmParameterSpec() throws Exception {
//
// test: corresponding spi method is invoked
//
final MyAlgorithmParameterSpec spec = new MyAlgorithmParameterSpec();
MyAlgorithmParameters paramSpi = new MyAlgorithmParameters() {
protected void engineInit(AlgorithmParameterSpec paramSpec) throws InvalidParameterSpecException {
assertSame(spec, paramSpec);
runEngineInit_AlgParamSpec = true;
}
};
AlgorithmParameters params = new DummyAlgorithmParameters(paramSpi, p, "algorithm");
params.init(spec);
assertTrue(paramSpi.runEngineInit_AlgParamSpec);
//
try {
params.init(spec);
fail("No expected InvalidParameterSpecException");
} catch (InvalidParameterSpecException e) {
// expected
}
params = new DummyAlgorithmParameters(paramSpi, p, "algorithm");
params.init(new byte[0]);
try {
params.init(spec);
fail("No expected InvalidParameterSpecException");
} catch (InvalidParameterSpecException e) {
// expected
}
params = new DummyAlgorithmParameters(paramSpi, p, "algorithm");
params.init(new byte[0], "format");
try {
params.init(spec);
fail("No expected InvalidParameterSpecException");
} catch (InvalidParameterSpecException e) {
// expected
}
//
// test: if paramSpec is null
//
paramSpi = new MyAlgorithmParameters() {
protected void engineInit(AlgorithmParameterSpec paramSpec) throws InvalidParameterSpecException {
// null is passed to spi-provider
assertNull(paramSpec);
runEngineInit_AlgParamSpec = true;
}
};
params = new DummyAlgorithmParameters(paramSpi, p, "algorithm");
params.init((AlgorithmParameterSpec) null);
assertTrue(paramSpi.runEngineInit_AlgParamSpec);
}
Also used :
InvalidParameterSpecException(java.security.spec.InvalidParameterSpecException)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
AlgorithmParameters(java.security.AlgorithmParameters)
Example 25 with AlgorithmParameterSpec
use of java.security.spec.AlgorithmParameterSpec in project platform_frameworks_base by android.
the class ApkSignatureSchemeV2Verifier method verifySigner.
private static X509Certificate[] verifySigner(ByteBuffer signerBlock, Map<Integer, byte[]> contentDigests, CertificateFactory certFactory) throws SecurityException, IOException {
ByteBuffer signedData = getLengthPrefixedSlice(signerBlock);
ByteBuffer signatures = getLengthPrefixedSlice(signerBlock);
byte[] publicKeyBytes = readLengthPrefixedByteArray(signerBlock);
int signatureCount = 0;
int bestSigAlgorithm = -1;
byte[] bestSigAlgorithmSignatureBytes = null;
List<Integer> signaturesSigAlgorithms = new ArrayList<>();
while (signatures.hasRemaining()) {
signatureCount++;
try {
ByteBuffer signature = getLengthPrefixedSlice(signatures);
if (signature.remaining() < 8) {
throw new SecurityException("Signature record too short");
}
int sigAlgorithm = signature.getInt();
signaturesSigAlgorithms.add(sigAlgorithm);
if (!isSupportedSignatureAlgorithm(sigAlgorithm)) {
continue;
}
if ((bestSigAlgorithm == -1) || (compareSignatureAlgorithm(sigAlgorithm, bestSigAlgorithm) > 0)) {
bestSigAlgorithm = sigAlgorithm;
bestSigAlgorithmSignatureBytes = readLengthPrefixedByteArray(signature);
}
} catch (IOException | BufferUnderflowException e) {
throw new SecurityException("Failed to parse signature record #" + signatureCount, e);
}
}
if (bestSigAlgorithm == -1) {
if (signatureCount == 0) {
throw new SecurityException("No signatures found");
} else {
throw new SecurityException("No supported signatures found");
}
}
String keyAlgorithm = getSignatureAlgorithmJcaKeyAlgorithm(bestSigAlgorithm);
Pair<String, ? extends AlgorithmParameterSpec> signatureAlgorithmParams = getSignatureAlgorithmJcaSignatureAlgorithm(bestSigAlgorithm);
String jcaSignatureAlgorithm = signatureAlgorithmParams.first;
AlgorithmParameterSpec jcaSignatureAlgorithmParams = signatureAlgorithmParams.second;
boolean sigVerified;
try {
PublicKey publicKey = KeyFactory.getInstance(keyAlgorithm).generatePublic(new X509EncodedKeySpec(publicKeyBytes));
Signature sig = Signature.getInstance(jcaSignatureAlgorithm);
sig.initVerify(publicKey);
if (jcaSignatureAlgorithmParams != null) {
sig.setParameter(jcaSignatureAlgorithmParams);
}
sig.update(signedData);
sigVerified = sig.verify(bestSigAlgorithmSignatureBytes);
} catch (NoSuchAlgorithmException | InvalidKeySpecException | InvalidKeyException | InvalidAlgorithmParameterException | SignatureException e) {
throw new SecurityException("Failed to verify " + jcaSignatureAlgorithm + " signature", e);
}
if (!sigVerified) {
throw new SecurityException(jcaSignatureAlgorithm + " signature did not verify");
}
// Signature over signedData has verified.
byte[] contentDigest = null;
signedData.clear();
ByteBuffer digests = getLengthPrefixedSlice(signedData);
List<Integer> digestsSigAlgorithms = new ArrayList<>();
int digestCount = 0;
while (digests.hasRemaining()) {
digestCount++;
try {
ByteBuffer digest = getLengthPrefixedSlice(digests);
if (digest.remaining() < 8) {
throw new IOException("Record too short");
}
int sigAlgorithm = digest.getInt();
digestsSigAlgorithms.add(sigAlgorithm);
if (sigAlgorithm == bestSigAlgorithm) {
contentDigest = readLengthPrefixedByteArray(digest);
}
} catch (IOException | BufferUnderflowException e) {
throw new IOException("Failed to parse digest record #" + digestCount, e);
}
}
if (!signaturesSigAlgorithms.equals(digestsSigAlgorithms)) {
throw new SecurityException("Signature algorithms don't match between digests and signatures records");
}
int digestAlgorithm = getSignatureAlgorithmContentDigestAlgorithm(bestSigAlgorithm);
byte[] previousSignerDigest = contentDigests.put(digestAlgorithm, contentDigest);
if ((previousSignerDigest != null) && (!MessageDigest.isEqual(previousSignerDigest, contentDigest))) {
throw new SecurityException(getContentDigestAlgorithmJcaDigestAlgorithm(digestAlgorithm) + " contents digest does not match the digest specified by a preceding signer");
}
ByteBuffer certificates = getLengthPrefixedSlice(signedData);
List<X509Certificate> certs = new ArrayList<>();
int certificateCount = 0;
while (certificates.hasRemaining()) {
certificateCount++;
byte[] encodedCert = readLengthPrefixedByteArray(certificates);
X509Certificate certificate;
try {
certificate = (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(encodedCert));
} catch (CertificateException e) {
throw new SecurityException("Failed to decode certificate #" + certificateCount, e);
}
certificate = new VerbatimX509Certificate(certificate, encodedCert);
certs.add(certificate);
}
if (certs.isEmpty()) {
throw new SecurityException("No certificates listed");
}
X509Certificate mainCertificate = certs.get(0);
byte[] certificatePublicKeyBytes = mainCertificate.getPublicKey().getEncoded();
if (!Arrays.equals(publicKeyBytes, certificatePublicKeyBytes)) {
throw new SecurityException("Public key mismatch between certificate and signature record");
}
return certs.toArray(new X509Certificate[certs.size()]);
}
Also used :
ArrayList(java.util.ArrayList)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SignatureException(java.security.SignatureException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
BufferUnderflowException(java.nio.BufferUnderflowException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
PublicKey(java.security.PublicKey)
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
IOException(java.io.IOException)
InvalidKeyException(java.security.InvalidKeyException)
DirectByteBuffer(java.nio.DirectByteBuffer)
ByteBuffer(java.nio.ByteBuffer)
X509Certificate(java.security.cert.X509Certificate)
BigInteger(java.math.BigInteger)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Signature(java.security.Signature)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
Aggregations
AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)186
IvParameterSpec (javax.crypto.spec.IvParameterSpec)59
Cipher (javax.crypto.Cipher)55
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)51
InvalidKeyException (java.security.InvalidKeyException)42
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)37
SecureRandom (java.security.SecureRandom)27
SecretKey (javax.crypto.SecretKey)27
IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)24
BigInteger (java.math.BigInteger)21
BadPaddingException (javax.crypto.BadPaddingException)21
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)20
RSAKeyGenParameterSpec (java.security.spec.RSAKeyGenParameterSpec)19
ShortBufferException (javax.crypto.ShortBufferException)19
Key (java.security.Key)18
SecretKeySpec (javax.crypto.spec.SecretKeySpec)18
AlgorithmParameters (java.security.AlgorithmParameters)17
KeyGenerator (javax.crypto.KeyGenerator)17
OAEPParameterSpec (javax.crypto.spec.OAEPParameterSpec)15
IOException (java.io.IOException)14
