List of usage examples for org.bouncycastle.util Arrays areEqual
public static boolean areEqual(short[] a, short[] b)
From source file:org.objectweb.proactive.extensions.ssl.SameCertTrustManager.java
License:Open Source License
private void checkTrusted(X509Certificate cert) throws CertificateException { for (X509Certificate authCert : this.authCerts) { byte[] pk1 = cert.getPublicKey().getEncoded(); byte[] pk2 = authCert.getPublicKey().getEncoded(); if (Arrays.areEqual(pk1, pk2)) { try { cert.verify(authCert.getPublicKey(), BouncyCastleProvider.PROVIDER_NAME); return; } catch (GeneralSecurityException e) { // Ok }/*from ww w.j ava2s.co m*/ } } throw new CertificateException( cert.getSubjectDN() + " public key does not match the master certificate public key"); }
From source file:org.opendaylight.capwap.dtls.DtlsClient.java
License:Open Source License
public void notifyHandshakeComplete() throws IOException { super.notifyHandshakeComplete(); TlsSession newSession = context.getResumableSession(); if (newSession != null) { byte[] newSessionID = newSession.getSessionID(); String hex = Hex.toHexString(newSessionID); if (this.session != null && Arrays.areEqual(this.session.getSessionID(), newSessionID)) { log.trace("Resumed session: " + hex); } else {/*from w ww . j a va 2 s .com*/ log.trace("Established session: " + hex); } this.session = newSession; } }
From source file:org.opensaml.xml.security.credential.criteria.EvaluableX509DigestCredentialCriteria.java
License:Open Source License
/** {@inheritDoc} */ public Boolean evaluate(Credential target) { if (target == null) { log.error("Credential target was null"); return null; } else if (!(target instanceof X509Credential)) { log.info("Credential is not an X509Credential, does not satisfy X.509 digest criteria"); return Boolean.FALSE; }//www . ja v a 2s. c om X509Certificate entityCert = ((X509Credential) target).getEntityCertificate(); if (entityCert == null) { log.info("X509Credential did not contain an entity certificate, does not satisfy criteria"); return Boolean.FALSE; } try { MessageDigest hasher = MessageDigest.getInstance(algorithm); byte[] hashed = hasher.digest(entityCert.getEncoded()); return Arrays.areEqual(hashed, x509digest); } catch (CertificateEncodingException e) { log.error("Unable to encode certificate for digest operation", e); } catch (NoSuchAlgorithmException e) { log.error("Unable to obtain a digest implementation for algorithm {" + algorithm + "}", e); } return null; }
From source file:org.red5.demo.auth.Red5AuthenticationHandler.java
License:Open Source License
public boolean appConnect(IConnection conn, Object[] params) { log.info("appConnect"); boolean result = false; log.debug("Connection: {}", conn); log.debug("Params: {}", params); String status = badAuth;/* w w w. ja v a2 s .c om*/ Map<String, Object> connectionParams = conn.getConnectParams(); log.debug("Connection params: {}", connectionParams); if (!connectionParams.containsKey("queryString")) { //set as missing auth notification status = rejectMissingAuth; } else { //get the raw query string String rawQueryString = (String) connectionParams.get("queryString"); try { //parse into a usable query string UrlQueryStringMap<String, String> queryString = UrlQueryStringMap.parse(rawQueryString); //get the values we want String user = queryString.get("user"); log.debug("User: {}", user); String authmod = queryString.get("authmod"); log.debug("Authmod: {}", authmod); //make sure they requested red5 auth if ("red5".equals(authmod)) { String response = queryString.get("response"); if (response != null) { response = queryString.get("response").replace(' ', '+'); } log.debug("Response: {}", response); //try the querystring first String sessionId = queryString.get("sessionid"); if (sessionId == null) { //get the session id - try conn next sessionId = ((RTMPConnection) conn).getSessionId(); if (sessionId == null) { //use attribute if (conn.hasAttribute("sessionId")) { sessionId = conn.getStringAttribute("sessionId"); } else { sessionId = SessionManager.getSessionId(); conn.setAttribute("sessionId", sessionId); } } } log.debug("Session id: {}", sessionId); String challenge = null; if (response != null) { //look up challenge challenge = sessionChallenges.get(sessionId); //generate response hash to compare String responseHash = calculateHMACSHA256(challenge, password); log.debug("Generated response: {}", responseHash); log.debug("Generated response: {}", response); //decode both hashes before we compare otherwise we will have issues like //4+5WioxdBLhx4qajIybxkBkynDsv7KxtNzqj4V/VbzU != 4+5WioxdBLhx4qajIybxkBkynDsv7KxtNzqj4V/VbzU= if (Arrays.areEqual(Base64.decodeBase64(responseHash.getBytes()), Base64.decodeBase64(response.getBytes()))) { //if (responseHash.equals(response)) { //dont send success or this will override the rest of the listeners, just send true result = true; } } else if (authmod != null && user != null) { //generate a challenge challenge = calculateHMACSHA256(salt, sessionId); //store the generated data sessionChallenges.put(sessionId, challenge); //set as rejected status = String.format( "[ AccessManager.Reject ] : [ authmod=red5 ] : ?reason=needauth&user=%s&sessionid=%s&challenge=%s", user, sessionId, challenge); } log.debug("Challenge: {}", challenge); } else { status = invalidAuthMod; } } catch (Exception e) { log.error("Error authenticating", e); } } //send the status object log.debug("Status: {}", status); if (!result) { //AuthPlugin.writeStatus(conn, status); throw new ClientRejectedException(status); } return result; }
From source file:org.red5.demo.auth.Red5SpringAuthenticationHandler.java
License:Open Source License
public boolean appConnect(IConnection conn, Object[] params) { log.info("appConnect"); // start with negative result boolean result = false; log.debug("Connection: {}", conn); log.debug("Params: {}", params); // start off with the status being bad authentication String status = badAuth;//from w w w.jav a 2s. com // get the connection parameters Map<String, Object> connectionParams = conn.getConnectParams(); log.debug("Connection params: {}", connectionParams); if (!connectionParams.containsKey("queryString")) { //set as missing auth notification status = rejectMissingAuth; } else { //get the raw query string String rawQueryString = (String) connectionParams.get("queryString"); try { //parse into a usable query string UrlQueryStringMap<String, String> queryString = UrlQueryStringMap.parse(rawQueryString); log.debug("Query string: {}", queryString); //get the values we want String userName = queryString.get("user"); log.debug("User: {}", userName); // do a user lookup AggregatedUserDetailsService userDetailsService = (AggregatedUserDetailsService) applicationContext .getBean("aggregatedUserDetailsService"); // this will throw an exception if the user cant be located by name UserDetails userDetails = userDetailsService.loadUserByUsername(userName); // get the authentication "style" String authmod = queryString.get("authmod"); log.debug("Authmod: {}", authmod); //make sure they requested red5 auth if ("red5".equals(authmod)) { String response = queryString.get("response"); if (response != null) { response = queryString.get("response").replace(' ', '+'); } log.debug("Response: {}", response); //try the querystring first String sessionId = queryString.get("sessionid"); if (sessionId == null) { //get the session id - try conn next sessionId = ((RTMPConnection) conn).getSessionId(); if (sessionId == null) { //use attribute if (conn.hasAttribute("sessionId")) { sessionId = conn.getStringAttribute("sessionId"); } else { sessionId = SessionManager.getSessionId(); conn.setAttribute("sessionId", sessionId); } } } log.debug("Session id: {}", sessionId); String challenge = null; if (response != null) { //look up challenge (gets and removes at the same time) challenge = sessionChallenges.remove(sessionId); // get the password String password = userDetails.getPassword(); log.debug("Users password: {}", password); //generate response hash to compare String responseHash = calculateHMACSHA256(challenge, password); log.debug("Generated response: {}", responseHash); log.debug("Generated response: {}", response); //decode both hashes before we compare otherwise we will have issues like //4+5WioxdBLhx4qajIybxkBkynDsv7KxtNzqj4V/VbzU != 4+5WioxdBLhx4qajIybxkBkynDsv7KxtNzqj4V/VbzU= if (Arrays.areEqual(Base64.decodeBase64(responseHash.getBytes()), Base64.decodeBase64(response.getBytes()))) { // everything matches so now do the actual authentication // get the authentication manager ProviderManager authManager = (ProviderManager) applicationContext .getBean("authManager"); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( userName, password); Authentication auth = null; try { auth = authManager.authenticate(token); log.info("Authentication result: {}\ndetails: {}", auth.isAuthenticated(), auth); result = auth.isAuthenticated(); // set the authenticated user into the context (thread-local) if (result) { SecurityContextHolder.getContext().setAuthentication(auth); } } catch (Exception ex) { log.warn("Problem during auth attempt: {}", ex); } } } else if (authmod != null && userName != null) { // generate a challenge challenge = calculateHMACSHA256(salt, sessionId); // store the generated data sessionChallenges.put(sessionId, challenge); // set as rejected status = String.format( "[ AccessManager.Reject ] : [ authmod=red5 ] : ?reason=needauth&user=%s&sessionid=%s&challenge=%s", userName, sessionId, challenge); } log.debug("Challenge: {}", challenge); } else { status = invalidAuthMod; } } catch (UsernameNotFoundException ex) { status = noSuchUser; } catch (Exception e) { log.error("Error authenticating", e); } } //send the status object log.debug("Status: {}", status); if (!result) { throw new ClientRejectedException(status); } return result; }
From source file:org.red5.webapps.admin.handler.Red5AuthenticationHandler.java
License:Open Source License
public boolean appConnect(IConnection conn, Object[] params) { log.info("appConnect"); // start with negative result boolean result = false; log.debug("Connection: {}", conn); log.debug("Params: {}", params); // start off with the status being bad authentication String status = badAuth;//from w w w . ja va 2s. c om // get the connection parameters Map<String, Object> connectionParams = conn.getConnectParams(); log.debug("Connection params: {}", connectionParams); if (!connectionParams.containsKey("queryString")) { //set as missing auth notification status = rejectMissingAuth; } else { //get the raw query string String rawQueryString = (String) connectionParams.get("queryString"); try { //parse into a usable query string UrlQueryStringMap<String, String> queryString = UrlQueryStringMap.parse(rawQueryString); log.debug("Query string: {}", queryString); //get the values we want String userName = queryString.get("user"); log.debug("User: {}", userName); // do a user lookup AggregatedUserDetailsService userDetailsService = (AggregatedUserDetailsService) applicationContext .getBean("aggregatedUserDetailsService"); // this will throw an exception if the user cant be located by name UserDetails userDetails = userDetailsService.loadUserByUsername(userName); // get the authentication "style" String authmod = queryString.get("authmod"); log.debug("Authmod: {}", authmod); //make sure they requested red5 auth if ("red5".equals(authmod)) { String response = queryString.get("response"); if (response != null) { response = queryString.get("response").replace(' ', '+'); } log.debug("Response: {}", response); //try the querystring first String sessionId = queryString.get("sessionid"); if (sessionId == null) { //get the session id - try conn next sessionId = ((RTMPConnection) conn).getSessionId(); if (sessionId == null) { //use attribute if (conn.hasAttribute("sessionId")) { sessionId = conn.getStringAttribute("sessionId"); } else { sessionId = SessionManager.getSessionId(); conn.setAttribute("sessionId", sessionId); } } } log.debug("Session id: {}", sessionId); String challenge = null; if (response != null) { //look up challenge (gets and removes at the same time) challenge = sessionChallenges.remove(sessionId); // get the password String password = userDetails.getPassword(); log.debug("Users password: {}", password); //generate response hash to compare String responseHash = calculateHMACSHA256(challenge, password); log.debug("Generated response: {}", responseHash); log.debug("Generated response: {}", response); //decode both hashes before we compare otherwise we will have issues like //4+5WioxdBLhx4qajIybxkBkynDsv7KxtNzqj4V/VbzU != 4+5WioxdBLhx4qajIybxkBkynDsv7KxtNzqj4V/VbzU= if (Arrays.areEqual(Base64.decodeBase64(responseHash.getBytes()), Base64.decodeBase64(response.getBytes()))) { // everything matches so now do the actual authentication // get the authentication manager ProviderManager authManager = (ProviderManager) applicationContext .getBean("authenticationManager"); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( userName, password); Authentication auth = null; try { auth = authManager.authenticate(token); log.info("Authentication result: {}\ndetails: {}", auth.isAuthenticated(), auth); result = auth.isAuthenticated(); // set the authenticated user into the context (thread-local) if (result) { SecurityContextHolder.getContext().setAuthentication(auth); } } catch (Exception ex) { log.warn("Problem during auth attempt: {}", ex); } } } else if (authmod != null && userName != null) { // generate a challenge challenge = calculateHMACSHA256(salt, sessionId); // store the generated data sessionChallenges.put(sessionId, challenge); // set as rejected status = String.format( "[ AccessManager.Reject ] : [ authmod=red5 ] : ?reason=needauth&user=%s&sessionid=%s&challenge=%s", userName, sessionId, challenge); } log.debug("Challenge: {}", challenge); } else { status = invalidAuthMod; } } catch (UsernameNotFoundException ex) { status = noSuchUser; } catch (Exception e) { log.error("Error authenticating", e); } } //send the status object log.debug("Status: {}", status); if (!result) { throw new ClientRejectedException(status); } return result; }
From source file:org.sinekartads.core.cms.SHA256WithRSAProxySignature.java
License:Open Source License
@Override protected void engineUpdate(byte[] b, int off, int len) throws SignatureException { LOG.debug("engineUpdate(b,off,len): off=" + off + "; len=" + len); this.messageDigest.update(b, off, len); byte[] digestValue = this.messageDigest.digest(); byte[] expectedDigestValue = SHA256WithRSAProxySignature.digestValues.get(); if (null == expectedDigestValue) { SHA256WithRSAProxySignature.digestValues.set(digestValue); } else {/*from w w w . jav a 2 s . c o m*/ if (false == Arrays.areEqual(expectedDigestValue, digestValue)) { throw new IllegalStateException("digest value has changed"); } } LOG.debug("digest value: " + Hex.encodeHexString(digestValue)); }
From source file:org.springframework.security.crypto.encrypt.BouncyCastleAesBytesEncryptorTest.java
License:Apache License
private void generatesDifferentCipherTexts(BytesEncryptor bcEncryptor) { byte[] encrypted1 = bcEncryptor.encrypt(testData); byte[] encrypted2 = bcEncryptor.encrypt(testData); Assert.assertFalse(Arrays.areEqual(encrypted1, encrypted2)); byte[] decrypted1 = bcEncryptor.decrypt(encrypted1); byte[] decrypted2 = bcEncryptor.decrypt(encrypted2); Assert.assertArrayEquals(testData, decrypted1); Assert.assertArrayEquals(testData, decrypted2); }
From source file:org.sufficientlysecure.keychain.securitytoken.usb.tpdu.Block.java
License:Open Source License
public Block(BlockChecksumType checksumType, byte[] data) throws UsbTransportException { this.mChecksumType = checksumType; this.mData = data; int checksumOffset = this.mData.length - mChecksumType.getLength(); byte[] checksum = mChecksumType.computeChecksum(data, 0, checksumOffset); if (!Arrays.areEqual(checksum, getEdc())) { throw new UsbTransportException("TPDU CRC doesn't match"); }/*from www . j ava 2s. co m*/ }
From source file:org.tdmx.client.crypto.converters.ByteArray.java
License:Open Source License
public static boolean equals(byte[] a, byte[] b) { return Arrays.areEqual(a, b); }