Examples with WonSignatureData won.protocol.message.WonSignatureData used on opensource projects

Search in sources :

Example 11 with WonSignatureData

use of won.protocol.message.WonSignatureData in project webofneeds by researchstudio-sat.

the class WonVerifier method verify.

// TODO exceptions
public boolean verify(Map<String, PublicKey> publicKeys) throws Exception {
    // check if there are any signatures at all
    if (verificationState.getSignatures().size() == 0) {
        verificationState.verificationFailed("No signatures found");
        return verificationState.isVerificationPassed();
    }
    // check that the default graph is empty
    if (dataset.getDefaultModel().listStatements().hasNext()) {
        verificationState.verificationFailed("unsigned data found in default graph");
        return verificationState.isVerificationPassed();
    }
    if (!checkMessageURI()) {
        return verificationState.isVerificationPassed();
    }
    // verify each signature's graph
    for (WonSignatureData wonSignatureData : verificationState.getSignatures()) {
        // extract signature graph, signature data and corresponding signed graph
        if (logger.isDebugEnabled()) {
            String loaded = publicKeys.containsKey(wonSignatureData.getVerificationCertificateUri()) ? "loaded" : "NOT LOADED";
            logger.debug("checking signature {} by certificate {}, which is {}", new Object[] { wonSignatureData.getSignatureUri(), wonSignatureData.getVerificationCertificateUri(), loaded });
        }
        // make sure the signed graph specified in signature exists in the message
        List<String> signedGraphs = wonSignatureData.getSignedGraphUris();
        for (String signedGraph : signedGraphs) {
            if (!dataset.containsNamedModel(signedGraph)) {
                verificationState.verificationFailed("Found signature of graph " + signedGraph + " that is not part of this message");
            }
        }
        // is the signature there?
        String sigString = wonSignatureData.getSignatureValue();
        if (sigString == null) {
            verificationState.setVerificationFailed(wonSignatureData.getSignatureUri(), "Failed to compute a signature value " + wonSignatureData.getSignatureUri());
            return verificationState.isVerificationPassed();
        }
        if (sigString.length() == 0) {
            verificationState.setVerificationFailed(wonSignatureData.getSignatureUri(), "Computed an empty signature value " + wonSignatureData.getSignatureUri());
            return verificationState.isVerificationPassed();
        }
        // do we have the public key?
        PublicKey publicKey = publicKeys.get(wonSignatureData.getVerificationCertificateUri());
        if (publicKey == null) {
            verificationState.setVerificationFailed(wonSignatureData.getSignatureUri(), "No public key found for " + wonSignatureData.getVerificationCertificateUri());
            if (logger.isDebugEnabled()) {
                logger.debug("offending message:\n" + RdfUtils.toString(Prefixer.setPrefixes(dataset)));
            }
            return verificationState.isVerificationPassed();
        }
        // check if its fingerprint matches the fingerprint in the signature
        String fingerprint = WonHasher.hashToString(publicKey.getEncoded());
        if (!wonSignatureData.getPublicKeyFingerprint().equals(fingerprint)) {
            verificationState.setVerificationFailed(wonSignatureData.getSignatureUri(), "Fingerprint computed for the " + "specified public key " + wonSignatureData.getVerificationCertificateUri() + " is " + fingerprint + ", " + "which differs from the value found in signature " + wonSignatureData.getSignatureUri());
            return verificationState.isVerificationPassed();
        }
        // normalize, hash and post-hash signed graph data
        GraphCollection inputGraph = ModelConverter.modelsToGraphCollection(dataset, wonSignatureData.getSignedGraphUris().toArray(new String[wonSignatureData.getSignedGraphUris().size()]));
        SignatureData sigData = hasher.hashNamedGraphForSigning(inputGraph);
        // check the hash of the data. It must be identical to the hash in the signature
        BigInteger hashValue = sigData.getHash();
        String hashString = WonHasher.hashToString(hashValue);
        if (!wonSignatureData.getHash().equals(hashString)) {
            verificationState.setVerificationFailed(wonSignatureData.getSignatureUri(), "Computed hash value " + hashString + " differs from value " + wonSignatureData.getHash() + " found in signature " + wonSignatureData.getSignatureUri());
            if (logger.isDebugEnabled()) {
                StringWriter sw = new StringWriter();
                for (String signedGraphUri : wonSignatureData.getSignedGraphUris()) {
                    RDFDataMgr.write(sw, dataset.getNamedModel(signedGraphUri), Lang.TRIG);
                }
                logger.debug("wrong signature hash for graphs {} with content: {}", wonSignatureData.getSignedGraphUris(), sw.toString());
            }
            return verificationState.isVerificationPassed();
        }
        // verify the signature
        Signature sig = Signature.getInstance(WonSigner.SIGNING_ALGORITHM_NAME, SIGNING_ALGORITHM_PROVIDER);
        sig.initVerify(publicKey);
        sig.update(hashValue.toByteArray());
        // Verify
        byte[] sigBytes = Base58.decode(sigString);
        if (!sig.verify(sigBytes)) {
            verificationState.setVerificationFailed(wonSignatureData.getSignatureUri(), "Failed to verify " + wonSignatureData.getSignatureUri() + " with public key " + wonSignatureData.getVerificationCertificateUri());
            // interrupt verification process if one of the graph's verification fails
            return verificationState.isVerificationPassed();
        }
    }
    return verificationState.isVerificationPassed();
}
Also used : GraphCollection(de.uni_koblenz.aggrimm.icp.crypto.sign.graph.GraphCollection) WonSignatureData(won.protocol.message.WonSignatureData) SignatureData(de.uni_koblenz.aggrimm.icp.crypto.sign.graph.SignatureData) StringWriter(java.io.StringWriter) PublicKey(java.security.PublicKey) Signature(java.security.Signature) WonSignatureData(won.protocol.message.WonSignatureData) BigInteger(java.math.BigInteger)

Aggregations

WonSignatureData (won.protocol.message.WonSignatureData)11 GraphCollection (de.uni_koblenz.aggrimm.icp.crypto.sign.graph.GraphCollection)4 SignatureData (de.uni_koblenz.aggrimm.icp.crypto.sign.graph.SignatureData)4 StringWriter (java.io.StringWriter)4 BigInteger (java.math.BigInteger)1 PublicKey (java.security.PublicKey)1 Signature (java.security.Signature)1 ArrayList (java.util.ArrayList)1 RDFNode (org.apache.jena.rdf.model.RDFNode)1 StmtIterator (org.apache.jena.rdf.model.StmtIterator)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial