List of usage examples for org.bouncycastle.operator.bc BcDSAContentVerifierProviderBuilder BcDSAContentVerifierProviderBuilder
public BcDSAContentVerifierProviderBuilder(DigestAlgorithmIdentifierFinder digestAlgorithmFinder)
From source file:org.jruby.ext.openssl.SecurityHelper.java
License:Open Source License
static boolean verify(final X509CRL crl, final PublicKey publicKey, final boolean silent) throws NoSuchAlgorithmException, CRLException, InvalidKeyException, SignatureException { if (crl instanceof X509CRLObject) { final CertificateList crlList = (CertificateList) getCertificateList(crl); final AlgorithmIdentifier tbsSignatureId = crlList.getTBSCertList().getSignature(); if (!crlList.getSignatureAlgorithm().equals(tbsSignatureId)) { if (silent) return false; throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList."); }//w ww. j a v a 2 s .com final Signature signature = getSignature(crl.getSigAlgName(), securityProvider); signature.initVerify(publicKey); signature.update(crl.getTBSCertList()); if (!signature.verify(crl.getSignature())) { if (silent) return false; throw new SignatureException("CRL does not verify with supplied public key."); } return true; } else { try { final DigestAlgorithmIdentifierFinder digestAlgFinder = new DefaultDigestAlgorithmIdentifierFinder(); final ContentVerifierProvider verifierProvider; if ("DSA".equalsIgnoreCase(publicKey.getAlgorithm())) { BigInteger y = ((DSAPublicKey) publicKey).getY(); DSAParams params = ((DSAPublicKey) publicKey).getParams(); DSAParameters parameters = new DSAParameters(params.getP(), params.getQ(), params.getG()); AsymmetricKeyParameter dsaKey = new DSAPublicKeyParameters(y, parameters); verifierProvider = new BcDSAContentVerifierProviderBuilder(digestAlgFinder).build(dsaKey); } else { BigInteger mod = ((RSAPublicKey) publicKey).getModulus(); BigInteger exp = ((RSAPublicKey) publicKey).getPublicExponent(); AsymmetricKeyParameter rsaKey = new RSAKeyParameters(false, mod, exp); verifierProvider = new BcRSAContentVerifierProviderBuilder(digestAlgFinder).build(rsaKey); } return new X509CRLHolder(crl.getEncoded()).isSignatureValid(verifierProvider); } catch (OperatorException e) { throw new SignatureException(e); } catch (CertException e) { throw new SignatureException(e); } // can happen if the input is DER but does not match expected strucure catch (ClassCastException e) { throw new SignatureException(e); } catch (IOException e) { throw new SignatureException(e); } } }
From source file:org.xipki.commons.security.SecurityFactoryImpl.java
License:Open Source License
@Override public ContentVerifierProvider getContentVerifierProvider(final PublicKey publicKey) throws InvalidKeyException { ParamUtil.requireNonNull("publicKey", publicKey); String keyAlg = publicKey.getAlgorithm().toUpperCase(); BcContentVerifierProviderBuilder builder = VERIFIER_PROVIDER_BUILDER.get(keyAlg); if (builder == null) { if ("RSA".equals(keyAlg)) { builder = new XipkiRSAContentVerifierProviderBuilder(DIGESTALG_IDENTIFIER_FINDER); } else if ("DSA".equals(keyAlg)) { builder = new BcDSAContentVerifierProviderBuilder(DIGESTALG_IDENTIFIER_FINDER); } else if ("EC".equals(keyAlg) || "ECDSA".equals(keyAlg)) { builder = new XipkiECContentVerifierProviderBuilder(DIGESTALG_IDENTIFIER_FINDER); } else {//w w w. j av a2 s. com throw new InvalidKeyException("unknown key algorithm of the public key " + keyAlg); } VERIFIER_PROVIDER_BUILDER.put(keyAlg, builder); } AsymmetricKeyParameter keyParam = KeyUtil.generatePublicKeyParameter(publicKey); try { return builder.build(keyParam); } catch (OperatorCreationException ex) { throw new InvalidKeyException("could not build ContentVerifierProvider: " + ex.getMessage(), ex); } }
From source file:org.xipki.pki.scep.serveremulator.CaEmulator.java
License:Open Source License
public ContentVerifierProvider getContentVerifierProvider(final PublicKey publicKey) throws InvalidKeyException { ParamUtil.requireNonNull("publicKey", publicKey); String keyAlg = publicKey.getAlgorithm().toUpperCase(); if ("EC".equals(keyAlg)) { keyAlg = "ECDSA"; }/*from w w w. jav a2 s. com*/ BcContentVerifierProviderBuilder builder = VERIFIER_PROVIDER_BUILDER.get(keyAlg); if (builder == null) { if ("RSA".equals(keyAlg)) { builder = new BcRSAContentVerifierProviderBuilder(DFLT_DIGESTALG_IDENTIFIER_FINDER); } else if ("DSA".equals(keyAlg)) { builder = new BcDSAContentVerifierProviderBuilder(DFLT_DIGESTALG_IDENTIFIER_FINDER); } else if ("ECDSA".equals(keyAlg)) { builder = new BcECContentVerifierProviderBuilder(DFLT_DIGESTALG_IDENTIFIER_FINDER); } else { throw new InvalidKeyException("unknown key algorithm of the public key " + keyAlg); } VERIFIER_PROVIDER_BUILDER.put(keyAlg, builder); } AsymmetricKeyParameter keyParam = KeyUtil.generatePublicKeyParameter(publicKey); try { return builder.build(keyParam); } catch (OperatorCreationException ex) { throw new InvalidKeyException("could not build ContentVerifierProvider: " + ex.getMessage(), ex); } }
From source file:org.xipki.security.KeyUtil.java
License:Open Source License
public static ContentVerifierProvider getContentVerifierProvider(final PublicKey publicKey) throws OperatorCreationException, InvalidKeyException { String keyAlg = publicKey.getAlgorithm().toUpperCase(); if (keyAlg.equals("EC")) { keyAlg = "ECDSA"; }/* w w w.ja va 2 s . co m*/ BcContentVerifierProviderBuilder builder = verifierProviderBuilders.get(keyAlg); if (builder == null) { if ("RSA".equals(keyAlg)) { builder = new BcRSAContentVerifierProviderBuilder(dfltDigesAlgIdentifierFinder); } else if ("DSA".equals(keyAlg)) { builder = new BcDSAContentVerifierProviderBuilder(dfltDigesAlgIdentifierFinder); } else if ("ECDSA".equals(keyAlg)) { builder = new ECDSAContentVerifierProviderBuilder(dfltDigesAlgIdentifierFinder); } else { throw new OperatorCreationException("unknown key algorithm of the public key " + keyAlg); } verifierProviderBuilders.put(keyAlg, builder); } AsymmetricKeyParameter keyParam = KeyUtil.generatePublicKeyParameter(publicKey); return builder.build(keyParam); }