throw new CertificateEncodingException("Error during creation of self-signed Certificate: " + ioe.getMessage(), ioe);
private static boolean verifySignature(BasicOCSPResp basicOcspResponse, X509Certificate cert) { try { ContentVerifierProvider contentVerifier = new JcaContentVerifierProviderBuilder() .setProvider("BC").build(cert.getPublicKey()); return basicOcspResponse.isSignatureValid(contentVerifier); } catch (OperatorCreationException e) { logger.log(Level.FINE, "Unable to construct OCSP content signature verifier\n{0}", e.getMessage()); } catch (OCSPException e) { logger.log(Level.FINE, "Unable to validate OCSP response signature\n{0}", e.getMessage()); } return false; }
@Override public ContentVerifierProvider getContentVerifierProvider(final PublicKey publicKey) throws InvalidKeyException { ParamUtil.requireNonNull("publicKey", publicKey); String keyAlg = publicKey.getAlgorithm().toUpperCase(); BcContentVerifierProviderBuilder builder = VERIFIER_PROVIDER_BUILDER.get(keyAlg); if (builder == null) { if ("RSA".equals(keyAlg)) { builder = new XipkiRSAContentVerifierProviderBuilder(DIGESTALG_IDENTIFIER_FINDER); } else if ("DSA".equals(keyAlg)) { builder = new BcDSAContentVerifierProviderBuilder(DIGESTALG_IDENTIFIER_FINDER); } else if ("EC".equals(keyAlg) || "ECDSA".equals(keyAlg)) { builder = new XipkiECContentVerifierProviderBuilder(DIGESTALG_IDENTIFIER_FINDER); } else { throw new InvalidKeyException("unknown key algorithm of the public key " + keyAlg); } VERIFIER_PROVIDER_BUILDER.put(keyAlg, builder); } AsymmetricKeyParameter keyParam = KeyUtil.generatePublicKeyParameter(publicKey); try { return builder.build(keyParam); } catch (OperatorCreationException ex) { throw new InvalidKeyException("could not build ContentVerifierProvider: " + ex.getMessage(), ex); } }
@Override public ContentVerifierProvider getContentVerifierProvider(PublicKey publicKey) throws InvalidKeyException { Args.notNull(publicKey, "publicKey"); String keyAlg = publicKey.getAlgorithm().toUpperCase(); BcContentVerifierProviderBuilder builder = VERIFIER_PROVIDER_BUILDER.get(keyAlg); if (builder == null) { if ("RSA".equals(keyAlg)) { builder = new XiRSAContentVerifierProviderBuilder(DIGESTALG_IDENTIFIER_FINDER); } else if ("DSA".equals(keyAlg)) { builder = new BcDSAContentVerifierProviderBuilder(DIGESTALG_IDENTIFIER_FINDER); } else if ("EC".equals(keyAlg) || "ECDSA".equals(keyAlg)) { builder = new XiECContentVerifierProviderBuilder(DIGESTALG_IDENTIFIER_FINDER); } else { throw new InvalidKeyException("unknown key algorithm of the public key " + keyAlg); } VERIFIER_PROVIDER_BUILDER.put(keyAlg, builder); } AsymmetricKeyParameter keyParam = KeyUtil.generatePublicKeyParameter(publicKey); try { return builder.build(keyParam); } catch (OperatorCreationException ex) { throw new InvalidKeyException("could not build ContentVerifierProvider: " + ex.getMessage(), ex); } }
public ContentVerifierProvider getContentVerifierProvider(PublicKey publicKey) throws InvalidKeyException { ScepUtil.requireNonNull("publicKey", publicKey); String keyAlg = publicKey.getAlgorithm().toUpperCase(); if ("EC".equals(keyAlg)) { keyAlg = "ECDSA"; } BcContentVerifierProviderBuilder builder = VERIFIER_PROVIDER_BUILDER.get(keyAlg); if (builder == null) { if ("RSA".equals(keyAlg)) { builder = new BcRSAContentVerifierProviderBuilder(DFLT_DIGESTALG_IDENTIFIER_FINDER); } else if ("DSA".equals(keyAlg)) { builder = new BcDSAContentVerifierProviderBuilder(DFLT_DIGESTALG_IDENTIFIER_FINDER); } else if ("ECDSA".equals(keyAlg)) { builder = new BcECContentVerifierProviderBuilder(DFLT_DIGESTALG_IDENTIFIER_FINDER); } else { throw new InvalidKeyException("unknown key algorithm of the public key " + keyAlg); } VERIFIER_PROVIDER_BUILDER.put(keyAlg, builder); } AsymmetricKeyParameter keyParam = generatePublicKeyParameter(publicKey); try { return builder.build(keyParam); } catch (OperatorCreationException ex) { throw new InvalidKeyException("could not build ContentVerifierProvider: " + ex.getMessage(), ex); } }
} catch (OperatorCreationException ex) { throw new InvalidKeyException("could not build ContentVerifierProvider: " + ex.getMessage(), ex);
@Override public boolean isSignedBy(final CertificateToken issuerToken) { if (this.issuerToken != null) { return this.issuerToken.equals(issuerToken); } try { signatureInvalidityReason = ""; JcaContentVerifierProviderBuilder jcaContentVerifierProviderBuilder = new JcaContentVerifierProviderBuilder(); jcaContentVerifierProviderBuilder.setProvider("BC"); final PublicKey publicKey = issuerToken.getCertificate().getPublicKey(); ContentVerifierProvider contentVerifierProvider = jcaContentVerifierProviderBuilder.build(publicKey); signatureValid = basicOCSPResp.isSignatureValid(contentVerifierProvider); if (signatureValid) { this.issuerToken = issuerToken; } issuerX500Principal = issuerToken.getSubjectX500Principal(); } catch (OCSPException e) { signatureInvalidityReason = e.getClass().getSimpleName() + " - " + e.getMessage(); signatureValid = false; } catch (OperatorCreationException e) { signatureInvalidityReason = e.getClass().getSimpleName() + " - " + e.getMessage(); signatureValid = false; } return signatureValid; }
throw new IOException(e.getMessage(), e); } catch (PKCSException | InvalidKeySpecException e) { LOGGER.log(Level.WARNING, "Could not read PEM encrypted information", e);
PrivateKeyCryptor(final char[] password) throws P11TokenException { ParamUtil.requireNonNull("password", password); JcePKCSPBEOutputEncryptorBuilder eb = new JcePKCSPBEOutputEncryptorBuilder(ALGO); eb.setProvider("BC"); eb.setIterationCount(ITERATION_COUNT); try { encryptor = eb.build(password); } catch (OperatorCreationException ex) { throw new P11TokenException(ex.getMessage(), ex); } JcePKCSPBEInputDecryptorProviderBuilder db = new JcePKCSPBEInputDecryptorProviderBuilder(); decryptorProvider = db.build(password); }
signatureCryptographicVerification.setErrorMessage(e.getMessage()); } catch (OperatorCreationException e) { LOG.error(e.getMessage(), e); signatureCryptographicVerification.setErrorMessage(e.getMessage()); } catch (CMSException e) { LOG.error(e.getMessage(), e);
PrivateKeyCryptor(char[] password) throws P11TokenException { Args.notNull(password, "password"); JcePKCSPBEOutputEncryptorBuilder eb = new JcePKCSPBEOutputEncryptorBuilder(ALGO); eb.setProvider("BC"); eb.setIterationCount(ITERATION_COUNT); try { encryptor = eb.build(password); } catch (OperatorCreationException ex) { throw new P11TokenException(ex.getMessage(), ex); } JcePKCSPBEInputDecryptorProviderBuilder db = new JcePKCSPBEInputDecryptorProviderBuilder(); decryptorProvider = db.build(password); }
private ContentSigner getSigner(EnumSet<ACGenerationProperties> properties) { if (signer == null) { JcaContentSignerBuilder builder = new JcaContentSignerBuilder( aaCredential.getCertificate().getSigAlgName()); builder.setProvider(BouncyCastleProvider.PROVIDER_NAME); try { if (properties.contains(ACGenerationProperties.FAKE_SIGNATURE_BITS)) signer = new RandomContentSigner(aaCredential.getCertificate() .getSigAlgName()); else signer = builder.build(aaCredential.getKey()); } catch (OperatorCreationException e) { throw new VOMSError(e.getMessage(), e); } } return signer; }
verifier = new JcaSimpleSignerInfoVerifierBuilder().build(signerCert.getPublicKey()); } catch (OperatorCreationException ex) { final String msg = "could not build signature verifier: " + ex.getMessage(); LOG.error(msg); LOG.debug(msg, ex);
} catch (OperatorCreationException e) { throw new CryptoCmsInvalidKeyException("The private key of the signer information '" + signer + "' does not fit to the specified signature algorithm '" + signer.getSignatureAlgorithm(exchange) + "': " + e.getMessage(), e);
throw new OxalisTransmissionException("Unable to add Signer information. " + e.getMessage(), e); } catch (CertificateEncodingException e) { throw new OxalisTransmissionException(String.format(
throw new OxalisTransmissionException("Unable to add Signer information. " + e.getMessage(), e); } catch (CertificateEncodingException e) { throw new OxalisTransmissionException(String.format(