Search in sources :

Example 6 with NoSuchPaddingException

use of javax.crypto.NoSuchPaddingException in project LolliPin by OrangeGangsters.

the class FingerprintUiHelper method initCipher.

/**
     * Initialize the {@link Cipher} instance with the created key in the {@link #createKey()}
     * method.
     *
     * @return {@code true} if initialization is successful, {@code false} if the lock screen has
     * been disabled or reset after the key was generated, or if a fingerprint got enrolled after
     * the key was generated.
     */
private boolean initCipher() {
    try {
        if (mKeyStore == null) {
            mKeyStore = KeyStore.getInstance("AndroidKeyStore");
        }
        createKey();
        mKeyStore.load(null);
        SecretKey key = (SecretKey) mKeyStore.getKey(KEY_NAME, null);
        mCipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        mCipher.init(Cipher.ENCRYPT_MODE, key);
        return true;
    } catch (NoSuchPaddingException | KeyStoreException | CertificateException | UnrecoverableKeyException | IOException | NoSuchAlgorithmException | InvalidKeyException e) {
        return false;
    }
}
Also used : SecretKey(javax.crypto.SecretKey) UnrecoverableKeyException(java.security.UnrecoverableKeyException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException)

Example 7 with NoSuchPaddingException

use of javax.crypto.NoSuchPaddingException in project oxAuth by GluuFederation.

the class TokenSignaturesHttpTest method testES512.

@Parameters({ "clientJwksUri", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void testES512(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException {
    try {
        showTitle("Test ES512");
        JwkClient jwkClient = new JwkClient(clientJwksUri);
        JwkResponse jwkResponse = jwkClient.exec();
        String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
        OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
        String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.ES512);
        System.out.println("Encoded Signature: " + encodedSignature);
        boolean signatureVerified = cryptoProvider.verifySignature(signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.ES512);
        assertTrue(signatureVerified, "Invalid signature");
    } catch (Exception e) {
        fail(e.getMessage(), e);
    }
}
Also used : OxAuthCryptoProvider(org.xdi.oxauth.model.crypto.OxAuthCryptoProvider) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 8 with NoSuchPaddingException

use of javax.crypto.NoSuchPaddingException in project oxAuth by GluuFederation.

the class TokenSignaturesHttpTest method testRS512.

@Parameters({ "clientJwksUri", "RS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void testRS512(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException {
    try {
        showTitle("Test RS512");
        JwkClient jwkClient = new JwkClient(clientJwksUri);
        JwkResponse jwkResponse = jwkClient.exec();
        String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
        OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
        String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS512);
        System.out.println("Encoded Signature: " + encodedSignature);
        boolean signatureVerified = cryptoProvider.verifySignature(signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS512);
        assertTrue(signatureVerified, "Invalid signature");
    } catch (Exception e) {
        fail(e.getMessage(), e);
    }
}
Also used : OxAuthCryptoProvider(org.xdi.oxauth.model.crypto.OxAuthCryptoProvider) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 9 with NoSuchPaddingException

use of javax.crypto.NoSuchPaddingException in project oxAuth by GluuFederation.

the class TokenSignaturesHttpTest method testRS256.

@Parameters({ "clientJwksUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void testRS256(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException {
    try {
        showTitle("Test RS256");
        JwkClient jwkClient = new JwkClient(clientJwksUri);
        JwkResponse jwkResponse = jwkClient.exec();
        String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
        OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
        String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS256);
        System.out.println("Encoded Signature: " + encodedSignature);
        boolean signatureVerified = cryptoProvider.verifySignature(signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS256);
        assertTrue(signatureVerified, "Invalid signature");
    } catch (Exception e) {
        fail(e.getMessage(), e);
    }
}
Also used : OxAuthCryptoProvider(org.xdi.oxauth.model.crypto.OxAuthCryptoProvider) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 10 with NoSuchPaddingException

use of javax.crypto.NoSuchPaddingException in project oxAuth by GluuFederation.

the class RSASigner method validateSignature.

@Override
public boolean validateSignature(String signingInput, String signature) throws SignatureException {
    if (getSignatureAlgorithm() == null) {
        throw new SignatureException("The signature algorithm is null");
    }
    if (rsaPublicKey == null) {
        throw new SignatureException("The RSA public key is null");
    }
    if (signingInput == null) {
        throw new SignatureException("The signing input is null");
    }
    String algorithm = null;
    switch(getSignatureAlgorithm()) {
        case RS256:
            algorithm = "SHA-256";
            break;
        case RS384:
            algorithm = "SHA-384";
            break;
        case RS512:
            algorithm = "SHA-512";
            break;
        default:
            throw new SignatureException("Unsupported signature algorithm");
    }
    ASN1InputStream aIn = null;
    try {
        byte[] sigBytes = Base64Util.base64urldecode(signature);
        byte[] sigInBytes = signingInput.getBytes(Util.UTF8_STRING_ENCODING);
        RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent());
        KeyFactory keyFactory = KeyFactory.getInstance("RSA", "BC");
        PublicKey publicKey = keyFactory.generatePublic(rsaPublicKeySpec);
        Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC");
        cipher.init(Cipher.DECRYPT_MODE, publicKey);
        byte[] decSig = cipher.doFinal(sigBytes);
        aIn = new ASN1InputStream(decSig);
        ASN1Sequence seq = (ASN1Sequence) aIn.readObject();
        MessageDigest hash = MessageDigest.getInstance(algorithm, "BC");
        hash.update(sigInBytes);
        ASN1OctetString sigHash = (ASN1OctetString) seq.getObjectAt(1);
        return MessageDigest.isEqual(hash.digest(), sigHash.getOctets());
    } catch (IOException e) {
        throw new SignatureException(e);
    } catch (NoSuchAlgorithmException e) {
        throw new SignatureException(e);
    } catch (InvalidKeyException e) {
        throw new SignatureException(e);
    } catch (InvalidKeySpecException e) {
        throw new SignatureException(e);
    } catch (NoSuchPaddingException e) {
        throw new SignatureException(e);
    } catch (BadPaddingException e) {
        throw new SignatureException(e);
    } catch (NoSuchProviderException e) {
        throw new SignatureException(e);
    } catch (IllegalBlockSizeException e) {
        throw new SignatureException(e);
    } catch (Exception e) {
        throw new SignatureException(e);
    } finally {
        IOUtils.closeQuietly(aIn);
    }
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) RSAPublicKey(org.xdi.oxauth.model.crypto.signature.RSAPublicKey) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) Cipher(javax.crypto.Cipher) InvalidKeySpecException(java.security.spec.InvalidKeySpecException)

Aggregations

NoSuchPaddingException (javax.crypto.NoSuchPaddingException)259 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)237 InvalidKeyException (java.security.InvalidKeyException)216 Cipher (javax.crypto.Cipher)187 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)181 BadPaddingException (javax.crypto.BadPaddingException)180 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)119 SecretKeySpec (javax.crypto.spec.SecretKeySpec)91 IOException (java.io.IOException)83 IvParameterSpec (javax.crypto.spec.IvParameterSpec)66 SecretKey (javax.crypto.SecretKey)45 KeyStoreException (java.security.KeyStoreException)40 CertificateException (java.security.cert.CertificateException)40 UnrecoverableKeyException (java.security.UnrecoverableKeyException)35 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)30 UnsupportedEncodingException (java.io.UnsupportedEncodingException)27 NoSuchProviderException (java.security.NoSuchProviderException)27 GCMParameterSpec (javax.crypto.spec.GCMParameterSpec)18 FileNotFoundException (java.io.FileNotFoundException)16 SecureRandom (java.security.SecureRandom)16