Search in sources :

Example 66 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project oxAuth by GluuFederation.

the class RSASigner method validateSignature.

@Override
public boolean validateSignature(String signingInput, String signature) throws SignatureException {
    if (getSignatureAlgorithm() == null) {
        throw new SignatureException("The signature algorithm is null");
    }
    if (rsaPublicKey == null) {
        throw new SignatureException("The RSA public key is null");
    }
    if (signingInput == null) {
        throw new SignatureException("The signing input is null");
    }
    String algorithm = null;
    switch(getSignatureAlgorithm()) {
        case RS256:
            algorithm = "SHA-256";
            break;
        case RS384:
            algorithm = "SHA-384";
            break;
        case RS512:
            algorithm = "SHA-512";
            break;
        default:
            throw new SignatureException("Unsupported signature algorithm");
    }
    ASN1InputStream aIn = null;
    try {
        byte[] sigBytes = Base64Util.base64urldecode(signature);
        byte[] sigInBytes = signingInput.getBytes(Util.UTF8_STRING_ENCODING);
        RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent());
        KeyFactory keyFactory = KeyFactory.getInstance("RSA", "BC");
        PublicKey publicKey = keyFactory.generatePublic(rsaPublicKeySpec);
        Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC");
        cipher.init(Cipher.DECRYPT_MODE, publicKey);
        byte[] decSig = cipher.doFinal(sigBytes);
        aIn = new ASN1InputStream(decSig);
        ASN1Sequence seq = (ASN1Sequence) aIn.readObject();
        MessageDigest hash = MessageDigest.getInstance(algorithm, "BC");
        hash.update(sigInBytes);
        ASN1OctetString sigHash = (ASN1OctetString) seq.getObjectAt(1);
        return MessageDigest.isEqual(hash.digest(), sigHash.getOctets());
    } catch (IOException e) {
        throw new SignatureException(e);
    } catch (NoSuchAlgorithmException e) {
        throw new SignatureException(e);
    } catch (InvalidKeyException e) {
        throw new SignatureException(e);
    } catch (InvalidKeySpecException e) {
        throw new SignatureException(e);
    } catch (NoSuchPaddingException e) {
        throw new SignatureException(e);
    } catch (BadPaddingException e) {
        throw new SignatureException(e);
    } catch (NoSuchProviderException e) {
        throw new SignatureException(e);
    } catch (IllegalBlockSizeException e) {
        throw new SignatureException(e);
    } catch (Exception e) {
        throw new SignatureException(e);
    } finally {
        IOUtils.closeQuietly(aIn);
    }
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) RSAPublicKey(org.xdi.oxauth.model.crypto.signature.RSAPublicKey) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) Cipher(javax.crypto.Cipher) InvalidKeySpecException(java.security.spec.InvalidKeySpecException)

Example 67 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project gerrit by GerritCodeReview.

the class SshKeyCreatorImpl method create.

@Override
public AccountSshKey create(AccountSshKey.Id id, String encoded) throws InvalidSshKeyException {
    try {
        AccountSshKey key = new AccountSshKey(id, SshUtil.toOpenSshPublicKey(encoded));
        SshUtil.parse(key);
        return key;
    } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
        throw new InvalidSshKeyException();
    } catch (NoSuchProviderException e) {
        log.error("Cannot parse SSH key", e);
        throw new InvalidSshKeyException();
    }
}
Also used : InvalidSshKeyException(com.google.gerrit.common.errors.InvalidSshKeyException) AccountSshKey(com.google.gerrit.reviewdb.client.AccountSshKey) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchProviderException(java.security.NoSuchProviderException)

Example 68 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project jackrabbit-oak by apache.

the class PasswordUtil method generatePBKDF2.

@Nonnull
private static String generatePBKDF2(@Nonnull String pwd, @Nonnull String salt, @Nonnull String algorithm, int iterations, int keyLength) throws NoSuchAlgorithmException {
    // for example PBKDF2WithHmacSHA1
    SecretKeyFactory factory = SecretKeyFactory.getInstance(algorithm);
    byte[] saltBytes = convertHexToBytes(salt);
    KeySpec keyspec = new PBEKeySpec(pwd.toCharArray(), saltBytes, iterations, keyLength);
    try {
        Key key = factory.generateSecret(keyspec);
        byte[] bytes = key.getEncoded();
        return convertBytesToHex(bytes);
    } catch (InvalidKeySpecException e) {
        throw new NoSuchAlgorithmException(algorithm, e);
    }
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) KeySpec(java.security.spec.KeySpec) PBEKeySpec(javax.crypto.spec.PBEKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SecretKeyFactory(javax.crypto.SecretKeyFactory) Key(java.security.Key) Nonnull(javax.annotation.Nonnull)

Example 69 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project sling by apache.

the class TopologyRequestValidator method encodeMessage.

/**
     * Encodes a request returning the encoded body
     *
     * @param body
     * @return the encoded body.
     * @throws IOException
     */
public String encodeMessage(String body) throws IOException {
    checkActive();
    if (encryptionEnabled) {
        try {
            JsonObjectBuilder json = Json.createObjectBuilder();
            JsonArrayBuilder array = Json.createArrayBuilder();
            for (String value : encrypt(body)) {
                array.add(value);
            }
            json.add("payload", array);
            StringWriter writer = new StringWriter();
            Json.createGenerator(writer).write(json.build()).close();
            return writer.toString();
        } catch (InvalidKeyException e) {
            e.printStackTrace();
            throw new IOException("Unable to Encrypt Message " + e.getMessage());
        } catch (IllegalBlockSizeException e) {
            throw new IOException("Unable to Encrypt Message " + e.getMessage());
        } catch (BadPaddingException e) {
            throw new IOException("Unable to Encrypt Message " + e.getMessage());
        } catch (UnsupportedEncodingException e) {
            throw new IOException("Unable to Encrypt Message " + e.getMessage());
        } catch (NoSuchAlgorithmException e) {
            throw new IOException("Unable to Encrypt Message " + e.getMessage());
        } catch (NoSuchPaddingException e) {
            throw new IOException("Unable to Encrypt Message " + e.getMessage());
        } catch (JsonException e) {
            throw new IOException("Unable to Encrypt Message " + e.getMessage());
        } catch (InvalidKeySpecException e) {
            throw new IOException("Unable to Encrypt Message " + e.getMessage());
        } catch (InvalidParameterSpecException e) {
            throw new IOException("Unable to Encrypt Message " + e.getMessage());
        }
    }
    return body;
}
Also used : JsonException(javax.json.JsonException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) StringWriter(java.io.StringWriter) JsonArrayBuilder(javax.json.JsonArrayBuilder) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidParameterSpecException(java.security.spec.InvalidParameterSpecException) JsonObjectBuilder(javax.json.JsonObjectBuilder)

Example 70 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project cloudstack by apache.

the class SAMLUtils method savePublicKey.

public static String savePublicKey(PublicKey key) {
    try {
        KeyFactory keyFactory = SAMLUtils.getKeyFactory();
        if (keyFactory == null)
            return null;
        X509EncodedKeySpec spec = keyFactory.getKeySpec(key, X509EncodedKeySpec.class);
        return new String(org.bouncycastle.util.encoders.Base64.encode(spec.getEncoded()), Charset.forName("UTF-8"));
    } catch (InvalidKeySpecException e) {
        s_logger.error("Unable to create KeyFactory:" + e.getMessage());
    }
    return null;
}
Also used : X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyFactory(java.security.KeyFactory)

Aggregations

InvalidKeySpecException (java.security.spec.InvalidKeySpecException)237 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)147 KeyFactory (java.security.KeyFactory)99 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)93 InvalidKeyException (java.security.InvalidKeyException)62 PublicKey (java.security.PublicKey)57 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)56 IOException (java.io.IOException)51 PrivateKey (java.security.PrivateKey)40 SecretKeyFactory (javax.crypto.SecretKeyFactory)30 PBEKeySpec (javax.crypto.spec.PBEKeySpec)27 SignatureException (java.security.SignatureException)22 UnsupportedEncodingException (java.io.UnsupportedEncodingException)21 KeySpec (java.security.spec.KeySpec)19 BadPaddingException (javax.crypto.BadPaddingException)19 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)19 BigInteger (java.math.BigInteger)17 SecretKeySpec (javax.crypto.spec.SecretKeySpec)16 NoSuchProviderException (java.security.NoSuchProviderException)15 RSAPublicKey (java.security.interfaces.RSAPublicKey)15