use of java.security.spec.InvalidKeySpecException in project oxAuth by GluuFederation.
the class RSASigner method validateSignature.
@Override
public boolean validateSignature(String signingInput, String signature) throws SignatureException {
if (getSignatureAlgorithm() == null) {
throw new SignatureException("The signature algorithm is null");
}
if (rsaPublicKey == null) {
throw new SignatureException("The RSA public key is null");
}
if (signingInput == null) {
throw new SignatureException("The signing input is null");
}
String algorithm = null;
switch(getSignatureAlgorithm()) {
case RS256:
algorithm = "SHA-256";
break;
case RS384:
algorithm = "SHA-384";
break;
case RS512:
algorithm = "SHA-512";
break;
default:
throw new SignatureException("Unsupported signature algorithm");
}
ASN1InputStream aIn = null;
try {
byte[] sigBytes = Base64Util.base64urldecode(signature);
byte[] sigInBytes = signingInput.getBytes(Util.UTF8_STRING_ENCODING);
RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent());
KeyFactory keyFactory = KeyFactory.getInstance("RSA", "BC");
PublicKey publicKey = keyFactory.generatePublic(rsaPublicKeySpec);
Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC");
cipher.init(Cipher.DECRYPT_MODE, publicKey);
byte[] decSig = cipher.doFinal(sigBytes);
aIn = new ASN1InputStream(decSig);
ASN1Sequence seq = (ASN1Sequence) aIn.readObject();
MessageDigest hash = MessageDigest.getInstance(algorithm, "BC");
hash.update(sigInBytes);
ASN1OctetString sigHash = (ASN1OctetString) seq.getObjectAt(1);
return MessageDigest.isEqual(hash.digest(), sigHash.getOctets());
} catch (IOException e) {
throw new SignatureException(e);
} catch (NoSuchAlgorithmException e) {
throw new SignatureException(e);
} catch (InvalidKeyException e) {
throw new SignatureException(e);
} catch (InvalidKeySpecException e) {
throw new SignatureException(e);
} catch (NoSuchPaddingException e) {
throw new SignatureException(e);
} catch (BadPaddingException e) {
throw new SignatureException(e);
} catch (NoSuchProviderException e) {
throw new SignatureException(e);
} catch (IllegalBlockSizeException e) {
throw new SignatureException(e);
} catch (Exception e) {
throw new SignatureException(e);
} finally {
IOUtils.closeQuietly(aIn);
}
}
use of java.security.spec.InvalidKeySpecException in project gerrit by GerritCodeReview.
the class SshKeyCreatorImpl method create.
@Override
public AccountSshKey create(AccountSshKey.Id id, String encoded) throws InvalidSshKeyException {
try {
AccountSshKey key = new AccountSshKey(id, SshUtil.toOpenSshPublicKey(encoded));
SshUtil.parse(key);
return key;
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
throw new InvalidSshKeyException();
} catch (NoSuchProviderException e) {
log.error("Cannot parse SSH key", e);
throw new InvalidSshKeyException();
}
}
use of java.security.spec.InvalidKeySpecException in project jackrabbit-oak by apache.
the class PasswordUtil method generatePBKDF2.
@Nonnull
private static String generatePBKDF2(@Nonnull String pwd, @Nonnull String salt, @Nonnull String algorithm, int iterations, int keyLength) throws NoSuchAlgorithmException {
// for example PBKDF2WithHmacSHA1
SecretKeyFactory factory = SecretKeyFactory.getInstance(algorithm);
byte[] saltBytes = convertHexToBytes(salt);
KeySpec keyspec = new PBEKeySpec(pwd.toCharArray(), saltBytes, iterations, keyLength);
try {
Key key = factory.generateSecret(keyspec);
byte[] bytes = key.getEncoded();
return convertBytesToHex(bytes);
} catch (InvalidKeySpecException e) {
throw new NoSuchAlgorithmException(algorithm, e);
}
}
use of java.security.spec.InvalidKeySpecException in project sling by apache.
the class TopologyRequestValidator method encodeMessage.
/**
* Encodes a request returning the encoded body
*
* @param body
* @return the encoded body.
* @throws IOException
*/
public String encodeMessage(String body) throws IOException {
checkActive();
if (encryptionEnabled) {
try {
JsonObjectBuilder json = Json.createObjectBuilder();
JsonArrayBuilder array = Json.createArrayBuilder();
for (String value : encrypt(body)) {
array.add(value);
}
json.add("payload", array);
StringWriter writer = new StringWriter();
Json.createGenerator(writer).write(json.build()).close();
return writer.toString();
} catch (InvalidKeyException e) {
e.printStackTrace();
throw new IOException("Unable to Encrypt Message " + e.getMessage());
} catch (IllegalBlockSizeException e) {
throw new IOException("Unable to Encrypt Message " + e.getMessage());
} catch (BadPaddingException e) {
throw new IOException("Unable to Encrypt Message " + e.getMessage());
} catch (UnsupportedEncodingException e) {
throw new IOException("Unable to Encrypt Message " + e.getMessage());
} catch (NoSuchAlgorithmException e) {
throw new IOException("Unable to Encrypt Message " + e.getMessage());
} catch (NoSuchPaddingException e) {
throw new IOException("Unable to Encrypt Message " + e.getMessage());
} catch (JsonException e) {
throw new IOException("Unable to Encrypt Message " + e.getMessage());
} catch (InvalidKeySpecException e) {
throw new IOException("Unable to Encrypt Message " + e.getMessage());
} catch (InvalidParameterSpecException e) {
throw new IOException("Unable to Encrypt Message " + e.getMessage());
}
}
return body;
}
use of java.security.spec.InvalidKeySpecException in project cloudstack by apache.
the class SAMLUtils method savePublicKey.
public static String savePublicKey(PublicKey key) {
try {
KeyFactory keyFactory = SAMLUtils.getKeyFactory();
if (keyFactory == null)
return null;
X509EncodedKeySpec spec = keyFactory.getKeySpec(key, X509EncodedKeySpec.class);
return new String(org.bouncycastle.util.encoders.Base64.encode(spec.getEncoded()), Charset.forName("UTF-8"));
} catch (InvalidKeySpecException e) {
s_logger.error("Unable to create KeyFactory:" + e.getMessage());
}
return null;
}
Aggregations