Search in sources :

Example 31 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project GNS by MobilityFirst.

the class KeyPairUtilsAndroid method getAllGuids.

/**
   * Return the list of all GUIDs stored locally that belong to a particular GNS
   * instance
   *
   * @param gnsName the GNS host:port
   * @return all matching GUIDs
   */
public static List<GuidEntry> getAllGuids(String gnsName) {
    List<GuidEntry> guids = new LinkedList<>();
    File gnsFolder = new File(GNS_KEY_DIR);
    // Save the path as a string value
    String extStorageDirectory = gnsFolder.toString();
    File file = new File(extStorageDirectory, GNS_KEYS_FILENAME);
    try {
        BufferedReader br = new BufferedReader(new FileReader(file));
        String line;
        while ((line = br.readLine()) != null) {
            String aliasKey = line;
            String guid = br.readLine();
            String publicString = br.readLine();
            String privateString = br.readLine();
            if (aliasKey.contains(gnsName) && !publicString.isEmpty() && !privateString.isEmpty()) {
                try {
                    byte[] encodedPublicKey = DatatypeConverter.parseHexBinary(publicString);
                    byte[] encodedPrivateKey = DatatypeConverter.parseHexBinary(privateString);
                    //byte[] encodedPublicKey = ByteUtils.hexStringToByteArray(publicString);
                    //byte[] encodedPrivateKey = ByteUtils.hexStringToByteArray(privateString);
                    KeyFactory keyFactory = KeyFactory.getInstance(GNSProtocol.RSA_ALGORITHM.toString());
                    X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(encodedPublicKey);
                    PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
                    PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(encodedPrivateKey);
                    PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);
                    // Strip gnsName from stored alias to only return the entity name
                    guids.add(new GuidEntry(aliasKey.substring(gnsName.length() + 1), guid, publicKey, privateKey));
                } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                    Log.e(KeyPairUtilsAndroid.class.getName(), "Cannot decode keys", e);
                } catch (EncryptionException e) {
                    // TODO Auto-generated catch block
                    e.printStackTrace();
                }
            }
        }
    } catch (IOException e) {
        e.printStackTrace();
    // You'll need to add proper error handling here
    }
    return guids;
}
Also used : PrivateKey(java.security.PrivateKey) PublicKey(java.security.PublicKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) LinkedList(java.util.LinkedList) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) BufferedReader(java.io.BufferedReader) EncryptionException(edu.umass.cs.gnscommon.exceptions.client.EncryptionException) FileReader(java.io.FileReader) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) File(java.io.File) KeyFactory(java.security.KeyFactory)

Example 32 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project intellij-community by JetBrains.

the class Asn1Object method read.

private static PrivateKey read(String fileName) throws IOException {
    KeyFactory factory;
    try {
        factory = KeyFactory.getInstance("RSA");
    } catch (NoSuchAlgorithmException e) {
        throw new IOException("JCE error: " + e.getMessage());
    }
    List<String> lines = FileUtilRt.loadLines(fileName, "UTF-8");
    for (int i = 0; i < lines.size(); i++) {
        String line = lines.get(i);
        if (line.contains(P1_BEGIN_MARKER)) {
            List<String> strings = lines.subList(i + 1, lines.size());
            byte[] keyBytes = readKeyMaterial(P1_END_MARKER, strings);
            RSAPrivateCrtKeySpec keySpec = getRSAKeySpec(keyBytes);
            try {
                return factory.generatePrivate(keySpec);
            } catch (InvalidKeySpecException e) {
                throw new IOException("Invalid PKCS#1 PEM file: " + e.getMessage());
            }
        }
        if (line.contains(P8_BEGIN_MARKER)) {
            List<String> strings = lines.subList(i + 1, lines.size());
            byte[] keyBytes = readKeyMaterial(P8_END_MARKER, strings);
            EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
            try {
                return factory.generatePrivate(keySpec);
            } catch (InvalidKeySpecException e) {
                throw new IOException("Invalid PKCS#8 PEM file: " + e.getMessage());
            }
        }
    }
    throw new IOException("Invalid PEM file: no begin marker");
}
Also used : RSAPrivateCrtKeySpec(java.security.spec.RSAPrivateCrtKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyFactory(java.security.KeyFactory) EncodedKeySpec(java.security.spec.EncodedKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)

Example 33 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project oxAuth by GluuFederation.

the class TokenSignaturesHttpTest method testES512.

@Parameters({ "clientJwksUri", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void testES512(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException {
    try {
        showTitle("Test ES512");
        JwkClient jwkClient = new JwkClient(clientJwksUri);
        JwkResponse jwkResponse = jwkClient.exec();
        String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
        OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
        String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.ES512);
        System.out.println("Encoded Signature: " + encodedSignature);
        boolean signatureVerified = cryptoProvider.verifySignature(signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.ES512);
        assertTrue(signatureVerified, "Invalid signature");
    } catch (Exception e) {
        fail(e.getMessage(), e);
    }
}
Also used : OxAuthCryptoProvider(org.xdi.oxauth.model.crypto.OxAuthCryptoProvider) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 34 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project oxAuth by GluuFederation.

the class TokenSignaturesHttpTest method testRS512.

@Parameters({ "clientJwksUri", "RS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void testRS512(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException {
    try {
        showTitle("Test RS512");
        JwkClient jwkClient = new JwkClient(clientJwksUri);
        JwkResponse jwkResponse = jwkClient.exec();
        String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
        OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
        String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS512);
        System.out.println("Encoded Signature: " + encodedSignature);
        boolean signatureVerified = cryptoProvider.verifySignature(signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS512);
        assertTrue(signatureVerified, "Invalid signature");
    } catch (Exception e) {
        fail(e.getMessage(), e);
    }
}
Also used : OxAuthCryptoProvider(org.xdi.oxauth.model.crypto.OxAuthCryptoProvider) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 35 with InvalidKeySpecException

use of java.security.spec.InvalidKeySpecException in project oxAuth by GluuFederation.

the class TokenSignaturesHttpTest method testRS256.

@Parameters({ "clientJwksUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void testRS256(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException {
    try {
        showTitle("Test RS256");
        JwkClient jwkClient = new JwkClient(clientJwksUri);
        JwkResponse jwkResponse = jwkClient.exec();
        String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
        OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
        String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS256);
        System.out.println("Encoded Signature: " + encodedSignature);
        boolean signatureVerified = cryptoProvider.verifySignature(signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS256);
        assertTrue(signatureVerified, "Invalid signature");
    } catch (Exception e) {
        fail(e.getMessage(), e);
    }
}
Also used : OxAuthCryptoProvider(org.xdi.oxauth.model.crypto.OxAuthCryptoProvider) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Aggregations

InvalidKeySpecException (java.security.spec.InvalidKeySpecException)483 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)306 KeyFactory (java.security.KeyFactory)199 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)155 InvalidKeyException (java.security.InvalidKeyException)116 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)108 IOException (java.io.IOException)98 PublicKey (java.security.PublicKey)90 PrivateKey (java.security.PrivateKey)77 SecretKeyFactory (javax.crypto.SecretKeyFactory)66 PBEKeySpec (javax.crypto.spec.PBEKeySpec)59 BigInteger (java.math.BigInteger)45 SignatureException (java.security.SignatureException)39 SecretKey (javax.crypto.SecretKey)38 BadPaddingException (javax.crypto.BadPaddingException)36 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)36 RSAPublicKeySpec (java.security.spec.RSAPublicKeySpec)35 NoSuchProviderException (java.security.NoSuchProviderException)34 KeySpec (java.security.spec.KeySpec)32 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)30