use of org.bouncycastle.asn1.ocsp.Signature in project athenz by yahoo.
the class CryptoTest method testSignVerifyECParamMixCurvesFail.
@Test
public void testSignVerifyECParamMixCurvesFail() {
PrivateKey privateKey = Crypto.loadPrivateKey(ecPrivateParamPrime256v1Key);
assertNotNull(privateKey);
String signature = Crypto.sign(serviceToken, privateKey);
PublicKey publicKey = Crypto.loadPublicKey(ecPublicParamSecp384r1Key);
assertNotNull(publicKey);
assertFalse(Crypto.verify(serviceToken, publicKey, signature));
}
use of org.bouncycastle.asn1.ocsp.Signature in project athenz by yahoo.
the class CryptoTest method testValidateJWSDocumentInvalidPublicKey.
@Test
public void testValidateJWSDocumentInvalidPublicKey() {
// we're going to return different public key for id
Map<String, PublicKey> keyMap = new HashMap<>();
keyMap.put("rsa-0", Crypto.loadPublicKey(ecPublicKey));
keyMap.put("ec-0", Crypto.loadPublicKey(rsaPublicKey));
Function<String, PublicKey> keyGetter = keyMap::get;
final Base64.Encoder encoder = Base64.getUrlEncoder().withoutPadding();
final String protectedHeader = "{\"kid\":\"ec-0\",\"alg\":\"ES256\"}";
final byte[] encodedHeader = encoder.encode(protectedHeader.getBytes(StandardCharsets.UTF_8));
final String payload = "{\"domainName\":\"athenz\"}";
final byte[] encodedPayload = encoder.encode(payload.getBytes(StandardCharsets.UTF_8));
PrivateKey privateKey = Crypto.loadPrivateKey(ecPrivateKey);
final byte[] signature = encoder.encode(Crypto.sign(Bytes.concat(encodedHeader, PERIOD, encodedPayload), privateKey, Crypto.SHA256));
assertFalse(Crypto.validateJWSDocument(new String(encodedHeader), new String(encodedPayload), new String(signature), keyGetter));
}
use of org.bouncycastle.asn1.ocsp.Signature in project athenz by yahoo.
the class CryptoTest method testSignVerifyECParamsKey.
@Test
public void testSignVerifyECParamsKey() {
PrivateKey privateKey = Crypto.loadPrivateKey(ecPrivateParamsKey);
assertNotNull(privateKey);
String signature = Crypto.sign(serviceToken, privateKey);
PublicKey publicKey = Crypto.loadPublicKey(ecPublicParamsKey);
assertNotNull(publicKey);
assertTrue(Crypto.verify(serviceToken, publicKey, signature));
}
use of org.bouncycastle.asn1.ocsp.Signature in project athenz by yahoo.
the class CryptoTest method testSignVerifyECParamSecp384r1Key.
@Test
public void testSignVerifyECParamSecp384r1Key() {
PrivateKey privateKey = Crypto.loadPrivateKey(ecPrivateParamSecp384r1Key);
assertNotNull(privateKey);
String signature = Crypto.sign(serviceToken, privateKey);
PublicKey publicKey = Crypto.loadPublicKey(ecPublicParamSecp384r1Key);
assertNotNull(publicKey);
assertTrue(Crypto.verify(serviceToken, publicKey, signature));
}
use of org.bouncycastle.asn1.ocsp.Signature in project athenz by yahoo.
the class CryptoTest method validateJWSDocumentMissingKid.
@Test
public void validateJWSDocumentMissingKid() {
Function<String, PublicKey> keyGetter = (String keyId) -> null;
final Base64.Encoder encoder = Base64.getUrlEncoder().withoutPadding();
final String protectedHeader = "{\"alg\":\"ES256\"}";
final byte[] encodedHeader = encoder.encode(protectedHeader.getBytes(StandardCharsets.UTF_8));
final String payload = "{\"domainName\":\"athenz\"}";
final byte[] encodedPayload = encoder.encode(payload.getBytes(StandardCharsets.UTF_8));
PrivateKey privateKey = Crypto.loadPrivateKey(rsaPrivateKey);
final byte[] signature = encoder.encode(Crypto.sign(Bytes.concat(encodedHeader, PERIOD, encodedPayload), privateKey, Crypto.SHA256));
assertFalse(Crypto.validateJWSDocument(new String(encodedHeader), new String(encodedPayload), new String(signature), keyGetter));
}
Aggregations