public static boolean validateSignBySoft256(PublicKey publicKey, byte[] signData, byte[] srcData) throws Exception { Signature st = Signature.getInstance(BC_PROV_ALGORITHM_SHA256RSA, "BC"); st.initVerify(publicKey); st.update(srcData); return st.verify(signData); }
public byte[] sign(SignatureAlgorithmIdentifier signatureAlgorithmIdentifier, PrivateKey privateKey) throws GeneralSecurityException { Signature signature = Signature.getInstance(signatureAlgorithmIdentifier.getName()); signature.initSign(privateKey); signature.update(getEncoded()); return signature.sign(); }
/** * Constructs a new signing key with the given key identifier, team identifier, and elliptic curve private key. * * @param keyId the ten-character, Apple-issued identifier for the key itself * @param teamId the ten-character, Apple-issued identifier for the team to which the key belongs * @param key the elliptic curve public key underpinning this verification key * * @throws NoSuchAlgorithmException if the {@value APNS_SIGNATURE_ALGORITHM} algorith is not supported by the JVM * @throws InvalidKeyException if the given elliptic curve private key is invalid for any reason */ public ApnsSigningKey(final String keyId, final String teamId, final ECPrivateKey key) throws NoSuchAlgorithmException, InvalidKeyException { super(keyId, teamId, key); // This is a little goofy, but we want to check early for missing algorithms or bogus keys, and the most direct // way to do that is to try to actually use the key to create a signature. final Signature signature = Signature.getInstance(ApnsKey.APNS_SIGNATURE_ALGORITHM); signature.initSign(key); }
private boolean keysMatch(PublicKey publicKey, PrivateKey privateKey) { byte[] data = {42}; String privateKeyAlgorithm = privateKey.getAlgorithm(); String publicKeyAlgorithm = publicKey.getAlgorithm(); if (privateKeyAlgorithm == "EC") { privateKeyAlgorithm = "ECDSA"; } if (publicKeyAlgorithm == "EC") { publicKeyAlgorithm = "ECDSA"; } try { Signature sig = Signature.getInstance(privateKeyAlgorithm); sig.initSign(privateKey); sig.update(data); byte[] signature = sig.sign(); Signature ver = Signature.getInstance(publicKeyAlgorithm); ver.initVerify(publicKey); ver.update(data); return ver.verify(signature); } catch (Exception e) { return false; } }
@Override public String verifyLogoutParameter(String parameter) { String[] parts = parameter.split("\\."); if (parts.length != 2) { throw new IllegalArgumentException(parameter); } try { String localSessionId = ByteIterator.ofBytes(parts[0].getBytes(StandardCharsets.UTF_8)).asUtf8String().drainToString(); Signature signature = Signature.getInstance(DEFAULT_SIGNATURE_ALGORITHM); signature.initVerify(this.keyPair.getPublic()); signature.update(localSessionId.getBytes(StandardCharsets.UTF_8)); Base64.Decoder urlDecoder = Base64.getUrlDecoder(); if (!ByteIterator.ofBytes(urlDecoder.decode(parts[1].getBytes(StandardCharsets.UTF_8))).verify(signature)) { throw log.httpMechSsoInvalidLogoutMessage(localSessionId); } return localSessionId; } catch (NoSuchAlgorithmException | InvalidKeyException e) { throw new IllegalStateException(e); } catch (SignatureException e) { throw new IllegalArgumentException(parameter, e); } }
private static void validateSignatureAlgorithm(String signatureAlgorithm, Credential credential) { final String jcaAlgorithmID = AlgorithmSupport.getAlgorithmID(signatureAlgorithm); if (jcaAlgorithmID == null) { throw new IllegalStateException("unsupported signature algorithm: " + signatureAlgorithm); } try { final Signature signature = Signature.getInstance(jcaAlgorithmID); final PrivateKey key = credential.getPrivateKey(); if (key != null) { signature.initSign(key); } else { signature.initVerify(credential.getPublicKey()); } } catch (NoSuchAlgorithmException e) { throw new IllegalStateException("unsupported signature algorithm: " + signatureAlgorithm, e); } catch (InvalidKeyException e) { throw new IllegalStateException("failed to initialize a signature with an algorithm: " + signatureAlgorithm, e); } }
Signature signature = Signature.getInstance(signAlg); signature.initSign(privateKey); je = new JarEntry("META-INF/CERT.SF"); je.setTime(timestamp); outputJar.putNextEntry(je); writeSignatureBlock(signature.sign(), outputJar);
/** * Constructs a new verification key with the given key identifier, team identifier, and elliptic curve private key. * * @param keyId the ten-character, Apple-issued identifier for the key itself * @param teamId the ten-character, Apple-issued identifier for the team to which the key belongs * @param key the elliptic curve private key underpinning this signing key * * @throws NoSuchAlgorithmException if the {@value APNS_SIGNATURE_ALGORITHM} algorith is not supported by the JVM * @throws InvalidKeyException if the given elliptic curve private key is invalid for any reason */ public ApnsVerificationKey(final String keyId, final String teamId, final ECPublicKey key) throws NoSuchAlgorithmException, InvalidKeyException { super(keyId, teamId, key); // This is a little goofy, but we want to check early for missing algorithms or bogus keys, and the most direct // way to do that is to try to actually use the key to create a signature. final Signature signature = Signature.getInstance(ApnsKey.APNS_SIGNATURE_ALGORITHM); signature.initVerify(key); }
/** * @param privateKey * @param data * @return * @throws Exception */ public static byte[] signBySoft256(PrivateKey privateKey, byte[] data) throws Exception { byte[] result = null; Signature st = Signature.getInstance(BC_PROV_ALGORITHM_SHA256RSA, "BC"); st.initSign(privateKey); st.update(data); result = st.sign(); return result; }
public static boolean verifyRSASignature(String subordinatePublicKeyContent, String signatureContent, String masterPublicKeyContent) throws NoSuchProviderException, NoSuchAlgorithmException, IOException, InvalidKeySpecException, InvalidKeyException, SignatureException { PublicKey masterPublicKey = getRSAPublicKeyFrom(masterPublicKeyContent); signatureContent = signatureContent.replace("\n", ""); Signature signature = Signature.getInstance("SHA512withRSA"); signature.initVerify(masterPublicKey); signature.update(subordinatePublicKeyContent.getBytes()); return signature.verify(Base64.getDecoder().decode(signatureContent.getBytes())); }
KeyPair keyPair = readKeyPair(privateKey, "password".toCharArray()); Signature signature = Signature.getInstance("SHA256WithRSAEncryption"); signature.initSign(keyPair.getPrivate()); signature.update(message.getBytes()); byte [] signatureBytes = signature.sign(); System.out.println(new String(Hex.encode(signatureBytes))); Signature verifier = Signature.getInstance("SHA256WithRSAEncryption"); verifier.initVerify(keyPair.getPublic()); verifier.update(message.getBytes()); if (verifier.verify(signatureBytes)) { System.out.println("Signature is valid"); } else {
/** * Get a signature instance for this account. * * @return a signature instance for this account */ public Signature getSignature() { try { Signature signature = Signature.getInstance(signatureAlgorithm); signature.initSign(privateKey); return signature; } catch (NoSuchAlgorithmException | InvalidKeyException e) { throw acme.unableToCreateAcmeSignature(e); } }
private Signature createSignature(String encodedHeader, String encodedClaims) throws NoSuchAlgorithmException, SignatureException, RealmUnavailableException { byte[] headerDecoded = Base64.getUrlDecoder().decode(encodedHeader); JsonObject headers = Json.createReader(ByteIterator.ofBytes(headerDecoded).asInputStream()).readObject(); String headerAlg = resolveAlgorithm(headers); Signature signature = Signature.getInstance(headerAlg); try { PublicKey publicKey = resolvePublicKey(headers); if (publicKey == null) { log.debug("Public key could not be resolved."); return null; } signature.initVerify(publicKey); } catch (InvalidKeyException e) { e.printStackTrace(); return null; } signature.update((encodedHeader + "." + encodedClaims).getBytes()); return signature; }
try { MessageDigest digest = MessageDigest.getInstance("SHA-512"); Signature sig = Signature.getInstance("SHA512withRSA"); sig.initVerify(certs.get(0)); resultSha512 = checkSpecificSignature(o, signature, digest, "correct_digest512", sig, "correct_signature512", "SHA-512"); switch (resultSha512.kind) { Signature sig = Signature.getInstance("SHA1withRSA"); sig.initVerify(certs.get(0)); FormValidation resultSha1 = checkSpecificSignature(o, signature, digest, "correct_digest", sig, "correct_signature", "SHA-1");
/** * Signs the data given with the private key given, using the SHA1withRSA * algorithm provided by bouncy castle. */ public static byte[] signWithSha1RSA(byte[] dataToSign, PrivateKey privateKey) throws InvalidKeyException { Signature signature; try { signature = Signature.getInstance("SHA1withRSA"); signature.initSign(privateKey, srand); signature.update(dataToSign); return signature.sign(); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } catch (SignatureException e) { throw new IllegalStateException(e); } }
public static boolean validateSignBySoft(PublicKey publicKey, byte[] signData, byte[] srcData) throws Exception { Signature st = Signature.getInstance(BC_PROV_ALGORITHM_SHA1RSA, "BC"); st.initVerify(publicKey); st.update(srcData); return st.verify(signData); }
byte[] signatureBytes; try { Signature signature = Signature.getInstance(jcaSignatureAlgorithm); signature.initSign(signerConfig.privateKey); if (jcaSignatureAlgorithmParams != null) { signature.setParameter(jcaSignatureAlgorithmParams); signature.update(signer.signedData); signatureBytes = signature.sign(); } catch (InvalidKeyException e) { throw new InvalidKeyException("Failed sign using " + jcaSignatureAlgorithm, e); Signature signature = Signature.getInstance(jcaSignatureAlgorithm); signature.initVerify(publicKey); if (jcaSignatureAlgorithmParams != null) { signature.setParameter(jcaSignatureAlgorithmParams); signature.update(signer.signedData); if (!signature.verify(signatureBytes)) { throw new SignatureException("Signature did not verify");
@Override public void init() throws GeneralSecurityException { final String provider = isMSCapi(key) ? "SunMSCAPI" : "SunRsaSign"; signature = Signature.getInstance(algo.ecmaString+"withRSA", provider); signature.initSign(key); }
/** * Used in conjunction with {@link #verifyIdentity(byte[])} to prove * that we actually own the private key of the given key pair. */ public void proveIdentity(byte[] sharedSecret, KeyPair key) throws IOException, GeneralSecurityException { String algorithm = detectKeyAlgorithm(key); writeUTF(algorithm); writeKey(key.getPublic()); Signature sig = Signature.getInstance("SHA1with"+algorithm); sig.initSign(key.getPrivate()); sig.update(key.getPublic().getEncoded()); sig.update(sharedSecret); writeObject(sig.sign()); }
RSAPublicKeySpec spec = new RSAPublicKeySpec(modulus, exponent); KeyFactory factory = KeyFactory.getInstance("RSA"); PublicKey pub = factory.generatePublic(spec); Signature verifier = Signature.getInstance("SHA1withRSA"); verifier.initVerify(pub); verifier.update(url.getBytes("UTF-8")); // Or whatever interface specifies. boolean okay = verifier.verify(signature);