private List<X509Certificate> getCertificates( Iterable<? extends InputStream> certStreams) throws SignatureException { try { List<X509Certificate> certs = Lists.newArrayList(); for (InputStream stream : certStreams) { certs.add(getCertificate(stream)); } return certs; } catch (CertificateException e) { throw new SignatureException(e); } }
/** * Returns a WaveSigner. * @param privateKeyStream the stream from which to read the private key. The * key must be in PKCS#8-PEM-encoded format. * @param certStreams a list of streams from which to read the certificate * chain. The first stream in the list must have the target certificate * (i.e., the certificate issued to the signer). * @param domain The domain for which the certificate was issued. This should * match the CN in the targetcertificate. * @return a WaveSigner * @throws SignatureException if the private key or certificates cannot be * parsed. */ public WaveSigner getSigner(InputStream privateKeyStream, Iterable<? extends InputStream> certStreams, String domain) throws SignatureException { PrivateKey privateKey = getPrivateKey(privateKeyStream); List<X509Certificate> certs = getCertificates(certStreams); SignerInfo signerInfo = new SignerInfo(HashAlgorithm.SHA256, certs, domain); return new WaveSigner(SignatureAlgorithm.SHA1_RSA, privateKey, signerInfo); }
private PrivateKey getPrivateKey(InputStream privateKeyStream) throws SignatureException { try { PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec( readBase64Bytes(privateKeyStream)); KeyFactory keyFac = KeyFactory.getInstance("RSA"); return keyFac.generatePrivate(keySpec); } catch (NoSuchAlgorithmException e) { throw new SignatureException(e); } catch (InvalidKeySpecException e) { throw new SignatureException(e); } catch (IOException e) { throw new SignatureException(e); } }
private SigningSignatureHandler getSigner() throws Exception { InputStream keyStream = new ByteArrayInputStream(Certificates.EXAMPLE_PRIVATE_KEY.getBytes()); InputStream certStream = new ByteArrayInputStream(Certificates.EXAMPLE_CERTIFICATE.getBytes()); List<InputStream> certStreams = ImmutableList.of(certStream); WaveSignerFactory factory = new WaveSignerFactory(); WaveSigner signer = factory.getSigner(keyStream, certStreams, CertificateManagerImplTest.DOMAIN); return new SigningSignatureHandler(signer); }
@Override public SigningSignatureHandler get() { synchronized (this) { if (signer == null) { FileInputStream privateKeyStream; try { privateKeyStream = new FileInputStream(privateKey); } catch (FileNotFoundException e) { throw new ProvisionException("could not read private key", e); } Iterable<FileInputStream> certStreams = Iterables.transform(certs, FILE_OPENER); try { WaveSigner inner = waveSignerFactory.getSigner(privateKeyStream, certStreams, certDomain); signer = new SigningSignatureHandler(inner); } catch (SignatureException e) { throw new ProvisionException("could not make wave signer", e); } } } return signer; }
private SigningSignatureHandler getSigner() throws Exception { InputStream keyStream = new ByteArrayInputStream(Certificates.EXAMPLE_PRIVATE_KEY.getBytes()); InputStream certStream = new ByteArrayInputStream(Certificates.EXAMPLE_CERTIFICATE.getBytes()); List<InputStream> certStreams = ImmutableList.of(certStream); WaveSignerFactory factory = new WaveSignerFactory(); WaveSigner signer = factory.getSigner(keyStream, certStreams, CertificateManagerImplTest.DOMAIN); return new SigningSignatureHandler(signer); }
public void testGetSigner() throws Exception { InputStream keyStream = new ByteArrayInputStream(PRIVATE_KEY.getBytes()); InputStream certStream = new ByteArrayInputStream(CERTIFICATE.getBytes()); List<InputStream> certStreams = ImmutableList.of(certStream); String domain = "example.com"; WaveSignerFactory factory = new WaveSignerFactory(); WaveSigner signer = factory.getSigner(keyStream, certStreams, domain); ProtocolSignature signature = signer.sign(MESSAGE); assertTrue(Arrays.equals(SIGNATURE, signature.getSignatureBytes().toByteArray())); assertTrue(Arrays.equals(getSignerInfo().getSignerId(), signature.getSignerId().toByteArray())); }
public void testGetSigner() throws Exception { InputStream keyStream = new ByteArrayInputStream(PRIVATE_KEY.getBytes()); InputStream certStream = new ByteArrayInputStream(CERTIFICATE.getBytes()); List<InputStream> certStreams = ImmutableList.of(certStream); String domain = "example.com"; WaveSignerFactory factory = new WaveSignerFactory(); WaveSigner signer = factory.getSigner(keyStream, certStreams, domain); ProtocolSignature signature = signer.sign(MESSAGE); assertTrue(Arrays.equals(SIGNATURE, signature.getSignatureBytes().toByteArray())); assertTrue(Arrays.equals(getSignerInfo().getSignerId(), signature.getSignerId().toByteArray())); }