List of usage examples for org.apache.commons.codec.binary Base64 encodeBase64URLSafeString
public static String encodeBase64URLSafeString(final byte[] binaryData)
From source file:org.psl.fidouaf.core.ops.AuthenticationResponseProcessing.java
private boolean verifySignature(Tag signedData, Tag signature, String pubKey, AlgAndEncodingEnum algAndEncoding) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, UnsupportedEncodingException, Exception { byte[] dataForSigning = getDataForSigning(signedData); logger.info(" : pub : " + pubKey); logger.info(" : dataForSigning : " + Base64.encodeBase64URLSafeString(dataForSigning)); logger.info(" : signature : " + Base64.encodeBase64URLSafeString(signature.value)); // This works // return NamedCurve.verify(KeyCodec.getKeyAsRawBytes(pubKey), // dataForSigning, Asn1.decodeToBigIntegerArray(signature.value)); byte[] decodeBase64 = Base64.decodeBase64(pubKey); /**/*from w w w . j av a 2 s . c o m*/ * decoding public_key one more time to allow it to be passed onto X509 * function to form a x509 type certificate for further usage (for RSA * key data) */ // System.out.println("\nDecoded base 64 public Key: "+ new // String(decodeBase64)); // decodeBase64 = Base64.decodeBase64(decodeBase64); System.out .println("\ndecoded base 64 public key (2nd time to sent to x509 spec)" + new String(decodeBase64)); if (algAndEncoding == AlgAndEncodingEnum.UAF_ALG_SIGN_RSASSA_PSS_SHA256_RAW) { PublicKey publicKey = KeyCodec.getRSAPublicKey(decodeBase64); return RSA.verifyPSS(publicKey, SHA.sha(dataForSigning, "SHA-256"), signature.value); } else if (algAndEncoding == AlgAndEncodingEnum.UAF_ALG_SIGN_RSASSA_PSS_SHA256_DER) { /** commented below code for IOS (RSA keys) compatibility */ // PublicKey publicKey = KeyCodec.getRSAPublicKey(new // DEROctetString(decodeBase64).getOctets()); // return RSA.verifyPSS(publicKey, SHA.sha(dataForSigning, // "SHA-256"), new DEROctetString(signature.value).getOctets()); PublicKey publicKey = KeyCodec.getPublicKey(new DEROctetString(decodeBase64).getOctets()); return RSA.verifySimpleRSA(publicKey, dataForSigning, signature.value); } else { if (algAndEncoding == AlgAndEncodingEnum.UAF_ALG_SIGN_SECP256K1_ECDSA_SHA256_DER) { ECPublicKey decodedPub = (ECPublicKey) KeyCodec.getPubKeyFromCurve(decodeBase64, "secp256k1"); return NamedCurve.verifyUsingSecp256k1(KeyCodec.getKeyAsRawBytes(decodedPub), SHA.sha(dataForSigning, "SHA-256"), Asn1.decodeToBigIntegerArray(signature.value)); } if (algAndEncoding == AlgAndEncodingEnum.UAF_ALG_SIGN_SECP256R1_ECDSA_SHA256_DER) { if (decodeBase64.length > 65) { return NamedCurve.verify(KeyCodec.getKeyAsRawBytes(pubKey), SHA.sha(dataForSigning, "SHA-256"), Asn1.decodeToBigIntegerArray(signature.value)); } else { ECPublicKey decodedPub = (ECPublicKey) KeyCodec.getPubKeyFromCurve(decodeBase64, "secp256r1"); return NamedCurve.verify(KeyCodec.getKeyAsRawBytes(decodedPub), SHA.sha(dataForSigning, "SHA-256"), Asn1.decodeToBigIntegerArray(signature.value)); } } if (signature.value.length == 64) { ECPublicKey decodedPub = (ECPublicKey) KeyCodec.getPubKeyFromCurve(decodeBase64, "secp256r1"); return NamedCurve.verify(KeyCodec.getKeyAsRawBytes(decodedPub), SHA.sha(dataForSigning, "SHA-256"), Asn1.transformRawSignature(signature.value)); } else if (65 == decodeBase64.length && AlgAndEncodingEnum.UAF_ALG_SIGN_SECP256R1_ECDSA_SHA256_DER == algAndEncoding) { ECPublicKey decodedPub = (ECPublicKey) KeyCodec.getPubKeyFromCurve(decodeBase64, "secp256r1"); return NamedCurve.verify(KeyCodec.getKeyAsRawBytes(decodedPub), SHA.sha(dataForSigning, "SHA-256"), Asn1.decodeToBigIntegerArray(signature.value)); } else { return NamedCurve.verify(KeyCodec.getKeyAsRawBytes(pubKey), SHA.sha(dataForSigning, "SHA-256"), Asn1.decodeToBigIntegerArray(signature.value)); } } }
From source file:org.psl.fidouaf.core.ops.RegistrationResponseProcessing.java
private void verifyAttestationSignature(Tags tags, RegistrationRecord record) throws NoSuchAlgorithmException, IOException, Exception { byte[] certBytes = tags.getTags().get(TagsEnum.TAG_ATTESTATION_CERT.id).value; record.attestCert = Base64.encodeBase64URLSafeString(certBytes); Tag krd = tags.getTags().get(TagsEnum.TAG_UAFV1_KRD.id); Tag signature = tags.getTags().get(TagsEnum.TAG_SIGNATURE.id); byte[] signedBytes = new byte[krd.value.length + 4]; System.arraycopy(UnsignedUtil.encodeInt(krd.id), 0, signedBytes, 0, 2); System.arraycopy(UnsignedUtil.encodeInt(krd.length), 0, signedBytes, 2, 2); System.arraycopy(krd.value, 0, signedBytes, 4, krd.value.length); record.attestDataToSign = Base64.encodeBase64URLSafeString(signedBytes); record.attestSignature = Base64.encodeBase64URLSafeString(signature.value); record.attestVerifiedStatus = "FAILED_VALIDATION_ATTEMPT"; if (certificateValidator.validate(certBytes, signedBytes, signature.value)) { record.attestVerifiedStatus = "VALID"; } else {//from w w w . j a v a 2 s . c o m record.attestVerifiedStatus = "NOT_VERIFIED"; } }
From source file:org.psl.fidouaf.core.ri.client.AuthenticationRequestProcessing.java
public AuthenticationResponse processRequest(AuthenticationRequest request) { AuthenticationResponse response = new AuthenticationResponse(); Gson gson = new Gson(); setAppId(request, response);//from w w w .j a v a 2s .c o m OperationHeader opHeader = new OperationHeader(); opHeader.setServerData(request.header.serverData); opHeader.setOp(request.header.op); opHeader.setUpv(request.header.upv); response.setHeader(opHeader); FinalChallengeParams fcParams = new FinalChallengeParams(); fcParams.setAppID(Constants.APP_ID); ; fcParams.setFacetID(Constants.FACET_ID); fcParams.setChallenge(request.challenge); response.setFcParams(Base64.encodeBase64URLSafeString(gson.toJson(fcParams).getBytes())); setAssertions(response); return response; }
From source file:org.psl.fidouaf.core.ri.client.RegistrationRequestProcessing.java
public RegistrationResponse processRequest(RegistrationRequest regRequest) { RegistrationResponse response = new RegistrationResponse(); Gson gson = new Gson(); int[] errCodes = validate(regRequest); if (errCodes != null) { return setValidationError(response, errCodes); }//from w w w .j av a 2s . c om setAppId(regRequest, response); // response.header = new OperationHeader(); response.getHeader().setServerData(regRequest.header.serverData); response.getHeader().setOp(regRequest.header.op); response.getHeader().setUpv(regRequest.header.upv); FinalChallengeParams fcParams = new FinalChallengeParams(); fcParams.appID = regRequest.header.appID; fcParams.facetID = Constants.FACET_ID; fcParams.challenge = regRequest.challenge; response.setFcParams(Base64.encodeBase64URLSafeString(gson.toJson(fcParams).getBytes())); setAssertions(response); return response; }
From source file:org.rapidcontext.util.BinaryUtil.java
/** * Encodes a byte array to a string with Base64 characters (websafe). * * @param data the byte array//from ww w . ja va2 s .c o m * * @return the Base64 string with the converted data */ public static String encodeBase64(byte[] data) { return Base64.encodeBase64URLSafeString(data); }
From source file:org.s23m.cell.serialization.serializer.FileSystemSerializer.java
public String compressSerializationContentBase64(final String content) throws IOException { final byte[] contentByte = compressSerializationContent(content); return Base64.encodeBase64URLSafeString(contentByte); }
From source file:org.saadahmed.snowcrystal.SnowCrystal.java
public String toString(boolean base64Hex) { if (base64Hex) { return Base64Hex.encodeBase64HexString(this.binary); }/*from www . j a va 2 s. c o m*/ else { return Base64.encodeBase64URLSafeString(this.binary); } }
From source file:org.saadahmed.snowcrystal.SnowCrystal.java
public static String md5Base64UrlSafe() { return Base64.encodeBase64URLSafeString(DigestUtils.md5(SnowCrystal.newId().unwrap())); }
From source file:org.saadahmed.snowcrystal.SnowCrystal.java
public static String sha1Base64UrlSafe() { return Base64.encodeBase64URLSafeString(DigestUtils.sha(SnowCrystal.newId().unwrap())); }
From source file:org.saadahmed.snowcrystal.SnowCrystal.java
public static String sha256Base64UrlSafe() { return Base64.encodeBase64URLSafeString(DigestUtils.sha256(SnowCrystal.newId().unwrap())); }