use of java.security.spec.InvalidKeySpecException in project GNS by MobilityFirst.
the class KeyPairUtilsAndroid method getAllGuids.
/**
* Return the list of all GUIDs stored locally that belong to a particular GNS
* instance
*
* @param gnsName the GNS host:port
* @return all matching GUIDs
*/
public static List<GuidEntry> getAllGuids(String gnsName) {
List<GuidEntry> guids = new LinkedList<>();
File gnsFolder = new File(GNS_KEY_DIR);
// Save the path as a string value
String extStorageDirectory = gnsFolder.toString();
File file = new File(extStorageDirectory, GNS_KEYS_FILENAME);
try {
BufferedReader br = new BufferedReader(new FileReader(file));
String line;
while ((line = br.readLine()) != null) {
String aliasKey = line;
String guid = br.readLine();
String publicString = br.readLine();
String privateString = br.readLine();
if (aliasKey.contains(gnsName) && !publicString.isEmpty() && !privateString.isEmpty()) {
try {
byte[] encodedPublicKey = DatatypeConverter.parseHexBinary(publicString);
byte[] encodedPrivateKey = DatatypeConverter.parseHexBinary(privateString);
//byte[] encodedPublicKey = ByteUtils.hexStringToByteArray(publicString);
//byte[] encodedPrivateKey = ByteUtils.hexStringToByteArray(privateString);
KeyFactory keyFactory = KeyFactory.getInstance(GNSProtocol.RSA_ALGORITHM.toString());
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(encodedPublicKey);
PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(encodedPrivateKey);
PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);
// Strip gnsName from stored alias to only return the entity name
guids.add(new GuidEntry(aliasKey.substring(gnsName.length() + 1), guid, publicKey, privateKey));
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
Log.e(KeyPairUtilsAndroid.class.getName(), "Cannot decode keys", e);
} catch (EncryptionException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
} catch (IOException e) {
e.printStackTrace();
// You'll need to add proper error handling here
}
return guids;
}
use of java.security.spec.InvalidKeySpecException in project intellij-community by JetBrains.
the class Asn1Object method read.
private static PrivateKey read(String fileName) throws IOException {
KeyFactory factory;
try {
factory = KeyFactory.getInstance("RSA");
} catch (NoSuchAlgorithmException e) {
throw new IOException("JCE error: " + e.getMessage());
}
List<String> lines = FileUtilRt.loadLines(fileName, "UTF-8");
for (int i = 0; i < lines.size(); i++) {
String line = lines.get(i);
if (line.contains(P1_BEGIN_MARKER)) {
List<String> strings = lines.subList(i + 1, lines.size());
byte[] keyBytes = readKeyMaterial(P1_END_MARKER, strings);
RSAPrivateCrtKeySpec keySpec = getRSAKeySpec(keyBytes);
try {
return factory.generatePrivate(keySpec);
} catch (InvalidKeySpecException e) {
throw new IOException("Invalid PKCS#1 PEM file: " + e.getMessage());
}
}
if (line.contains(P8_BEGIN_MARKER)) {
List<String> strings = lines.subList(i + 1, lines.size());
byte[] keyBytes = readKeyMaterial(P8_END_MARKER, strings);
EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
try {
return factory.generatePrivate(keySpec);
} catch (InvalidKeySpecException e) {
throw new IOException("Invalid PKCS#8 PEM file: " + e.getMessage());
}
}
}
throw new IOException("Invalid PEM file: no begin marker");
}
use of java.security.spec.InvalidKeySpecException in project oxAuth by GluuFederation.
the class TokenSignaturesHttpTest method testES512.
@Parameters({ "clientJwksUri", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void testES512(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException {
try {
showTitle("Test ES512");
JwkClient jwkClient = new JwkClient(clientJwksUri);
JwkResponse jwkResponse = jwkClient.exec();
String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.ES512);
System.out.println("Encoded Signature: " + encodedSignature);
boolean signatureVerified = cryptoProvider.verifySignature(signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.ES512);
assertTrue(signatureVerified, "Invalid signature");
} catch (Exception e) {
fail(e.getMessage(), e);
}
}
use of java.security.spec.InvalidKeySpecException in project oxAuth by GluuFederation.
the class TokenSignaturesHttpTest method testRS512.
@Parameters({ "clientJwksUri", "RS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void testRS512(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException {
try {
showTitle("Test RS512");
JwkClient jwkClient = new JwkClient(clientJwksUri);
JwkResponse jwkResponse = jwkClient.exec();
String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS512);
System.out.println("Encoded Signature: " + encodedSignature);
boolean signatureVerified = cryptoProvider.verifySignature(signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS512);
assertTrue(signatureVerified, "Invalid signature");
} catch (Exception e) {
fail(e.getMessage(), e);
}
}
use of java.security.spec.InvalidKeySpecException in project oxAuth by GluuFederation.
the class TokenSignaturesHttpTest method testRS256.
@Parameters({ "clientJwksUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void testRS256(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException {
try {
showTitle("Test RS256");
JwkClient jwkClient = new JwkClient(clientJwksUri);
JwkResponse jwkResponse = jwkClient.exec();
String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS256);
System.out.println("Encoded Signature: " + encodedSignature);
boolean signatureVerified = cryptoProvider.verifySignature(signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS256);
assertTrue(signatureVerified, "Invalid signature");
} catch (Exception e) {
fail(e.getMessage(), e);
}
}
Aggregations