use of org.xdi.oxauth.model.exception.SignatureException in project oxAuth by GluuFederation.
the class RawAuthenticationService method checkSignature.
public void checkSignature(String appId, ClientData clientData, RawAuthenticateResponse rawAuthenticateResponse, byte[] publicKey) throws BadInputException {
String rawClientData = clientData.getRawClientData();
byte[] signedBytes = packBytesToSign(signatureVerification.hash(appId), rawAuthenticateResponse.getUserPresence(), rawAuthenticateResponse.getCounter(), signatureVerification.hash(rawClientData));
try {
signatureVerification.checkSignature(signatureVerification.decodePublicKey(publicKey), signedBytes, rawAuthenticateResponse.getSignature());
} catch (SignatureException ex) {
throw new BadInputException("Failed to checkSignature", ex);
}
}
use of org.xdi.oxauth.model.exception.SignatureException in project oxAuth by GluuFederation.
the class RawRegistrationService method checkSignature.
public void checkSignature(String appId, ClientData clientData, RawRegisterResponse rawRegisterResponse) throws BadInputException {
String rawClientData = clientData.getRawClientData();
byte[] signedBytes = packBytesToSign(signatureVerification.hash(appId), signatureVerification.hash(rawClientData), rawRegisterResponse.getKeyHandle(), rawRegisterResponse.getUserPublicKey());
try {
signatureVerification.checkSignature(rawRegisterResponse.getAttestationCertificate(), signedBytes, rawRegisterResponse.getSignature());
} catch (SignatureException ex) {
throw new BadInputException("Failed to checkSignature", ex);
}
}
use of org.xdi.oxauth.model.exception.SignatureException in project oxAuth by GluuFederation.
the class SHA256withECDSASignatureVerification method checkSignature.
@Override
public boolean checkSignature(PublicKey publicKey, byte[] signedBytes, byte[] signature) throws SignatureException {
boolean isValid = false;
try {
Signature ecdsaSignature = Signature.getInstance("SHA256withECDSA", "BC");
ecdsaSignature.initVerify(publicKey);
ecdsaSignature.update(signedBytes);
isValid = ecdsaSignature.verify(signature);
} catch (GeneralSecurityException ex) {
throw new SignatureException(ex);
}
return isValid;
}
use of org.xdi.oxauth.model.exception.SignatureException in project oxAuth by GluuFederation.
the class SHA256withECDSASignatureVerification method decodePublicKey.
@Override
public PublicKey decodePublicKey(byte[] encodedPublicKey) throws SignatureException {
X9ECParameters curve = SECNamedCurves.getByName("secp256r1");
ECPoint point = curve.getCurve().decodePoint(encodedPublicKey);
try {
return KeyFactory.getInstance("ECDSA").generatePublic(new ECPublicKeySpec(point, new ECParameterSpec(curve.getCurve(), curve.getG(), curve.getN(), curve.getH())));
} catch (GeneralSecurityException ex) {
throw new SignatureException(ex);
}
}
Aggregations