Beispiel #1
0
 static {
   try {
     SIGNATURE_KEY_PAIR = CryptoUtils.generateDSAKeyPair(CryptoUtils.DSA_1024);
   } catch (Exception e) {
     // ignore
   }
 }
Beispiel #2
0
  /**
   * Sign product, verify signature, then modify product and check that signature no longer
   * verifies.
   *
   * @throws Exception
   */
  @Test
  public void testSignature() throws Exception {
    Product product = getProduct();
    KeyPair keyPair = CryptoUtils.generateDSAKeyPair(CryptoUtils.DSA_1024);

    Assert.assertFalse(
        "Unsigned products do not verify signature",
        product.verifySignature(new PublicKey[] {keyPair.getPublic()}));

    product.sign(keyPair.getPrivate());
    Assert.assertTrue(
        "Public key verifies signature correctly",
        product.verifySignature(new PublicKey[] {keyPair.getPublic()}));

    // modify product
    product.getId().setUpdateTime(new Date(product.getId().getUpdateTime().getTime() + 1000));
    Assert.assertFalse(
        "Public key doesn't verify after modification",
        product.verifySignature(new PublicKey[] {keyPair.getPublic()}));
  }