diff options
author | CGantert345 <57003061+CGantert345@users.noreply.github.com> | 2022-04-11 16:30:32 +0200 |
---|---|---|
committer | CGantert345 <57003061+CGantert345@users.noreply.github.com> | 2022-04-11 16:30:32 +0200 |
commit | 6ef85723cca938e298b318dc6d564318b83ab4ba (patch) | |
tree | fe1ddcef09ee7c98509ffdcf7d4dac949dd12588 /src/main | |
parent | fixing DOSIPAS algorithm names and supported EC curves (diff) | |
download | UIC-barcode-6ef85723cca938e298b318dc6d564318b83ab4ba.tar UIC-barcode-6ef85723cca938e298b318dc6d564318b83ab4ba.tar.gz UIC-barcode-6ef85723cca938e298b318dc6d564318b83ab4ba.tar.bz2 UIC-barcode-6ef85723cca938e298b318dc6d564318b83ab4ba.tar.lz UIC-barcode-6ef85723cca938e298b318dc6d564318b83ab4ba.tar.xz UIC-barcode-6ef85723cca938e298b318dc6d564318b83ab4ba.tar.zst UIC-barcode-6ef85723cca938e298b318dc6d564318b83ab4ba.zip |
Diffstat (limited to '')
-rw-r--r-- | src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java | 10 | ||||
-rw-r--r-- | src/main/java/org/uic/barcode/utils/SecurityUtils.java | 77 |
2 files changed, 67 insertions, 20 deletions
diff --git a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java index ef31166..a8d7a0f 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java @@ -272,6 +272,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { return Constants.LEVEL1_VALIDATION_NO_SIGNATURE;
}
+
byte[] signature = this.getLevel2Data().getLevel1Signature();
@@ -288,7 +289,13 @@ public class SimpleDynamicFrame implements IDynamicFrame { if (signingAlgorithmOid == null || signingAlgorithmOid.length() == 0) {
return Constants.LEVEL1_VALIDATION_NO_SIGNATURE;
- }
+ }
+
+ if (prov == null) {
+ prov = SecurityUtils.findSignatureProvider(key.getEncoded(), signingAlgorithmOid);
+ }
+
+
//find the algorithm name for the signature OID
String algo = null;
try {
@@ -312,6 +319,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED;
}
try {
+ key = SecurityUtils.convert(key, prov);
sig.initVerify(key);
} catch (InvalidKeyException e) {
return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED;
diff --git a/src/main/java/org/uic/barcode/utils/SecurityUtils.java b/src/main/java/org/uic/barcode/utils/SecurityUtils.java index 542208b..af1a65a 100644 --- a/src/main/java/org/uic/barcode/utils/SecurityUtils.java +++ b/src/main/java/org/uic/barcode/utils/SecurityUtils.java @@ -4,6 +4,7 @@ import java.security.KeyFactory; import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
+import java.security.Provider.Service;
import java.security.PublicKey;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
@@ -81,28 +82,22 @@ public class SecurityUtils { return null;
}
-
-
- public static PublicKey convertPublicKey(PublicKey key) {
-
-
- PublicKey publicKey;
- try {
- publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(key.getEncoded()));
- } catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
- return key;
- }
-
- return publicKey;
-
- }
public static PublicKey convert(PublicKey key, Provider provider) {
PublicKey publicKey;
+ KeyFactory keyFactory = null;
+
try {
- publicKey = KeyFactory.getInstance("RSA", provider).generatePublic(new X509EncodedKeySpec(key.getEncoded()));
+ if (key.getAlgorithm() != null && key.getAlgorithm().toUpperCase().contains("EC") ) {
+ keyFactory = KeyFactory.getInstance("EC",provider);
+ } else if (key.getAlgorithm() != null && key.getAlgorithm().length() > 0 ) {
+ keyFactory = KeyFactory.getInstance("DSA",provider);
+ } else {
+ return key;
+ }
+ publicKey = keyFactory.generatePublic(new X509EncodedKeySpec(key.getEncoded()));
} catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
return key;
}
@@ -113,17 +108,61 @@ public class SecurityUtils { }
- public static PrivateKey convertPrivateKey(PrivateKey key) {
-
+ public static PrivateKey convert(PrivateKey key, Provider provider) {
PrivateKey privateKey;
+ KeyFactory keyFactory = null;
+
try {
- privateKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(key.getEncoded()));
+ if (key.getAlgorithm() != null && key.getAlgorithm().toUpperCase().contains("EC") ) {
+ keyFactory = KeyFactory.getInstance("EC",provider);
+ } else if (key.getAlgorithm() != null && key.getAlgorithm().length() > 0 ) {
+ keyFactory = KeyFactory.getInstance("DSA",provider);
+ } else {
+ return key;
+ }
+ privateKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(key.getEncoded()));
} catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
return key;
}
return privateKey;
+
+ }
+
+ public static Provider findSignatureProvider(byte[] encoded, String oid) {
+
+ KeyFactory keyFactory = null;
+ String signatureAlgorithmName = null;
+
+ Provider[] provs = Security.getProviders();
+ for (Provider provider : provs) {
+ try {
+ Service service = provider.getService(AlgorithmNameResolver.TYPE_SIGNATURE_ALG, oid);
+ if (service != null) {
+ signatureAlgorithmName = service.getAlgorithm();
+ if (signatureAlgorithmName != null && signatureAlgorithmName.length() > 0) {
+ if (signatureAlgorithmName.toUpperCase().contains("EC") ) {
+ keyFactory = KeyFactory.getInstance("EC",provider);
+ } else {
+ keyFactory = KeyFactory.getInstance("DSA",provider);
+ }
+ if (keyFactory != null) {
+ X509EncodedKeySpec spec = new X509EncodedKeySpec(encoded);
+ //try to encode the key
+ keyFactory.generatePublic(spec);
+ }
+ }
+ }
+ } catch (Exception e1) {
+ keyFactory = null;
+ }
+ if (keyFactory != null) {
+ return keyFactory.getProvider();
+ }
+ }
+
+ return null;
}
}
|