/**
   * Method that verifies an incoming signature and returns the response as application/xml.
   *
   * @param signatureVerificationRequest the request which is converted to a {@link
   *     SignatureVerificationRequest} from xml
   * @return the {@link SignatureVerificationResponse} as application/xml
   */
  @POST
  @Path("/verifySignature")
  @Consumes("application/xml")
  @Produces("application/xml")
  public SignatureVerificationResponse verifySignature(
      SignatureVerificationRequest signatureVerificationRequest) {

    SignatureVerificationResponse response = new SignatureVerificationResponse();
    response.setCertificateInfos(new CertificateInfos());

    boolean verified = false;
    String message = null;

    try {

      SignatureFormat format = signatureVerificationRequest.getSignatureFormat();
      if (SignatureFormat.XMLDIGSIG.equals(format)) {
        try {
          SignatureData signatureData =
              getFromXmlDigSigSignature(signatureVerificationRequest, response);

          verified = super.verifySignature(signatureData);
        } catch (SignatureException e) {
          e.printStackTrace();
          message = e.getMessage();
        }
      } else if (SignatureFormat.CMS.equals(format)) {
        SignatureData signData = getFromCmsSignature(signatureVerificationRequest, response);

        try {
          // Verify
          verified = super.verifySignature(signData);
        } catch (SignatureException e) {
          e.printStackTrace();
          message = e.getMessage();
        }
      }

      response.setStatus(verified ? SignatureStatus.SUCCESS : SignatureStatus.FAILURE);
      if (message != null) {
        response.setMessage(message);
      }

    } catch (IOException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    } catch (MarshalException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    } catch (ParserConfigurationException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    } catch (SAXException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    } catch (CMSException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    }

    return response;
  }
Пример #2
0
 @Override
 public Long readUserIdFromToken(String token) {
   Long id = null;
   try {
     Map<String, Object> parsed = verifier.verify(token);
     Object objectId = parsed.get("id");
     if (objectId instanceof Integer) {
       id = Long.valueOf((Integer) objectId);
     } else if (objectId instanceof Long) {
       id = (Long) objectId;
     } else if (objectId instanceof String) {
       id = Long.valueOf((String) objectId);
     }
   } catch (NoSuchAlgorithmException e) {
     e.printStackTrace();
   } catch (InvalidKeyException e) {
     e.printStackTrace();
   } catch (IOException e) {
     e.printStackTrace();
   } catch (SignatureException e) {
     e.printStackTrace();
   } catch (JWTVerifyException e) {
     e.printStackTrace();
   } catch (Exception e) {
     e.printStackTrace();
   }
   return id;
 }
Пример #3
0
  @Override
  public Response createResponse() {
    // todo fix this with JSON etc.
    String plainText = getPlainText();
    try {
      signedText_ = Signature.calculateRFC2104HMAC(plainText, key_);
    } catch (SignatureException e) {
      e.printStackTrace();
    }

    return this;
  }
Пример #4
0
  /**
   * Endorse the proof
   *
   * @param aStampContext current context
   * @param aProof proof
   * @return endorsed proof
   * @throws NoSuchAlgorithmException
   * @throws BadPaddingException
   * @throws IllegalBlockSizeException
   * @throws NoSuchPaddingException
   * @throws InvalidKeyException
   */
  private static byte[] endorseP(WitnessContext aStampContext, byte aProof[]) {

    // Sign on the proof first
    byte[] sig = {};
    try {
      sig = CryptoUtil.signDSA(aStampContext.getPriDSASelf(), aProof);
    } catch (InvalidKeyException e) {
      e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
      e.printStackTrace();
    } catch (SignatureException e) {
      e.printStackTrace();
    }

    // Include own ID in EP
    byte[] wID = aStampContext.getPubDSASelf().getEncoded();

    ArrayList<byte[]> array = new ArrayList<byte[]>();
    array.add(wID);
    array.add(aProof);
    array.add(sig);

    byte[] epContent = MessageUtil.compileMessages(array);

    // Encrypt epContent with an AES key first
    SecretKey aesKey = null;
    byte[] epEncrypted = {};
    byte[] keyEncrypted = {};
    try {
      aesKey = CryptoUtil.generateAESKey(128);
      epEncrypted = CryptoUtil.encryptAES(aesKey, epContent);
      keyEncrypted = CryptoUtil.encryptRSA(aStampContext.getPubRSACA(), aesKey.getEncoded());
    } catch (NoSuchAlgorithmException e1) {
      e1.printStackTrace();
    } catch (InvalidKeyException e) {
      e.printStackTrace();
    } catch (NoSuchPaddingException e) {
      e.printStackTrace();
    } catch (IllegalBlockSizeException e) {
      e.printStackTrace();
    } catch (BadPaddingException e) {
      e.printStackTrace();
    }

    ArrayList<byte[]> arrayOut = new ArrayList<byte[]>();
    arrayOut.add(epEncrypted);
    arrayOut.add(keyEncrypted);

    return MessageUtil.compileMessages(arrayOut);
  }
Пример #5
0
 /**
  * Verify that signature is ok or not.
  *
  * @param key
  * @param buffer
  * @param signature
  * @return
  */
 public boolean verifySignature(byte[] buffer, byte[] signature) {
   try {
     Signature sig = Signature.getInstance("SHA1WithRSA");
     sig.initVerify(keyPair.getPublic());
     sig.update(buffer, 0, buffer.length);
     return sig.verify(signature);
   } catch (SignatureException e) {
     e.printStackTrace();
   } catch (InvalidKeyException e) {
     e.printStackTrace();
   } catch (NoSuchAlgorithmException e) {
     e.printStackTrace();
   }
   return false;
 }
Пример #6
0
 private byte[] doSign() {
   KeyPair keys = loadAllKeysFromKeystore();
   Signature sig = null;
   byte[] sigByte = null;
   PrivateKey privKey = keys.getPrivate();
   try {
     sig = Signature.getInstance("SHA1WithRSA");
     sig.initSign(privKey);
     sig.update(this.document, 0, this.document.length);
     sigByte = sig.sign();
   } catch (SignatureException e) {
     e.printStackTrace();
   } catch (InvalidKeyException e) {
     e.printStackTrace();
   } catch (NoSuchAlgorithmException e) {
     e.printStackTrace();
   }
   return sigByte;
 }
 @Override
 public MetadataObject resolve(X509Certificate attestationCertificate) {
   String issuer = attestationCertificate.getIssuerDN().getName();
   for (X509Certificate cert : certs.get(issuer)) {
     try {
       attestationCertificate.verify(cert.getPublicKey());
       return metadata.get(cert);
     } catch (CertificateException e) {
       e.printStackTrace();
     } catch (NoSuchAlgorithmException e) {
       e.printStackTrace();
     } catch (InvalidKeyException e) {
       e.printStackTrace();
     } catch (NoSuchProviderException e) {
       e.printStackTrace();
     } catch (SignatureException e) {
       e.printStackTrace();
     }
   }
   return null;
 }
  /**
   * @param aSecretCertificate
   * @param currentDate
   * @param appId
   * @return
   */
  private static boolean isValidCertificate(
      String aSecretCertificate, String currentDate, String appId) {
    boolean isValid = false;
    String hMacString;
    try {
      // load the privatekey for the appId
      // TODO load the private for this appid
      String privateKey = "kljlkdfldsflds";
      String data = currentDate + appId;
      hMacString = calculateRFC2104HMAC(privateKey, data);
      if (aSecretCertificate.equals(hMacString)) ;
      isValid = true;
    } catch (InvalidKeyException e) {
      e.printStackTrace();
    } catch (SignatureException e) {
      e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
      e.printStackTrace();
    }

    return isValid;
  }
  public Boolean verifySignature(byte[] originalData, byte[] signedData) {
    boolean verified = false;

    try {
      Signature sig = Signature.getInstance("SHA1withDSA", "SUN");
      sig.initVerify(getPublicKey());
      sig.update(originalData, 0, originalData.length);
      verified = sig.verify(signedData);
    } catch (SignatureException ex) {
      ex.printStackTrace();
      Logger.getLogger(SignatureVerifier.class.getName()).log(Level.SEVERE, null);
    } catch (InvalidKeyException ex) {
      ex.printStackTrace();
      Logger.getLogger(SignatureVerifier.class.getName()).log(Level.SEVERE, null);
    } catch (NoSuchAlgorithmException ex) {
      ex.printStackTrace();
      Logger.getLogger(SignatureVerifier.class.getName()).log(Level.SEVERE, null);
    } catch (NoSuchProviderException ex) {
      ex.printStackTrace();
      Logger.getLogger(SignatureVerifier.class.getName()).log(Level.SEVERE, null);
    }

    return verified;
  }
Пример #10
0
  @Override
  public boolean verifySignature(Object message, byte[] signatureToVerify) {
    //        return true;

    try {
      Signature newSig = Signature.getInstance(CryptoUtil.ALGORITHM, CryptoUtil.PROVIDER);
      newSig.initVerify(publicKey);
      byte[] byteRep = CryptoUtil.convertToJsonByteArray(message);
      newSig.update(byteRep);
      newSig.verify(signatureToVerify);

    } catch (NoSuchAlgorithmException e) {
      e.printStackTrace();
    } catch (NoSuchProviderException e) {
      e.printStackTrace();
    } catch (InvalidKeyException e) {
      e.printStackTrace();
    } catch (SignatureException e) {
      e.printStackTrace();
      return false;
    }

    return true;
  }
        @Override
        public void onClick(View view) {

          Utils.Log("Send clicked");

          // If the message field is not empty
          if (!messageText.getText().toString().isEmpty()) {

            final Message message = new Message();
            message.setSender(username);
            message.setRecipient(conversation.getUsername());

            // If DHKE was completed and a key exists
            if (!dbManager.getAESKey(conversation.getUsername()).isEmpty()) {
              String signature = "";
              String key = dbManager.getAESKey(conversation.getUsername());
              byte[] iv = Crypto.GenerateRandomIV();
              final String plainText = messageText.getText().toString();
              final String cipherText = Crypto.AESencrypt(key, plainText, iv);
              final String base64IV = Base64.encodeToString(iv, Base64.NO_WRAP);

              try {
                PrivateKey RSAKeySign =
                    Crypto.RSAStringToPrivateKey(dbManager.getRSAKeySignaturePrivate());

                signature =
                    Base64.encodeToString(
                        Crypto.RSASign(Base64.decode(cipherText, Base64.NO_WRAP), RSAKeySign),
                        Base64.NO_WRAP);

              } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
              } catch (InvalidKeySpecException e) {
                e.printStackTrace();
              } catch (NoSuchProviderException e) {
                e.printStackTrace();
              } catch (InvalidKeyException e) {
                e.printStackTrace();
              } catch (SignatureException e) {
                e.printStackTrace();
              }

              message.setMessage(cipherText);
              message.setIv(base64IV);
              message.setSignature(signature);

              new HttpHandler() {
                @Override
                public HttpUriRequest getHttpRequestMethod() {
                  HttpPost httpPost = new HttpPost(Utils.SERVER_SEND_MESSAGE);

                  List<NameValuePair> nameValuePairs = new ArrayList<>();
                  nameValuePairs.add(new BasicNameValuePair("sender", message.getSender()));
                  nameValuePairs.add(new BasicNameValuePair("recipient", message.getRecipient()));
                  nameValuePairs.add(new BasicNameValuePair("message", message.getMessage()));
                  nameValuePairs.add(new BasicNameValuePair("iv", message.getIv()));
                  nameValuePairs.add(new BasicNameValuePair("signature", message.getSignature()));

                  try {
                    httpPost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
                  } catch (UnsupportedEncodingException e) {
                    e.printStackTrace();
                  }

                  return httpPost;
                }

                @Override
                public void onResponse(String result) {
                  Utils.Log("HttpResult: " + result);

                  if (conversation.isEncrypted().equals("true")) {
                    message.setMessage(
                        Crypto.AESencrypt(
                            conversationPass,
                            plainText,
                            Base64.decode(message.getIv(), Base64.NO_WRAP)));
                    message.setEncrypted(true);

                    dbManager.addMessage(message);

                    message.setEncrypted(false);
                    message.setMessage(plainText);

                    messages.add(message);
                    adapter.notifyDataSetChanged();

                  } else {
                    message.setMessage(plainText);
                    message.setEncrypted(false);

                    dbManager.addMessage(message);

                    messages.add(message);
                    adapter.notifyDataSetChanged();
                  }

                  messageList.setSelection(messages.size() + 1);
                }
              }.execute();

              messageText.setText("");

            }

            // DHKE was not complete yet, store messages unencrypted temporarily
            // and then encrypt and send them once the exchange is complete
            else {
              message.setEncrypted(false);
              message.setMessage(messageText.getText().toString());
              message.setIv(Base64.encodeToString(Crypto.GenerateRandomIV(), Base64.NO_WRAP));

              dbManager.addMessage(message);

              messages.add(message);
              adapter.notifyDataSetChanged();

              messageList.setSelection(adapter.getCount() - 1);
              messageText.setText("");
            }
          }
        }