From 01970c0672f9b8f4dbf9a35f40e8b0d3d67c0554 Mon Sep 17 00:00:00 2001 From: Nils Schwabe Date: Mon, 5 May 2014 18:23:02 +0200 Subject: Fix message signing --- .../openslx/imagemaster/util/AsymMessageSign.java | 66 +++++++++++----------- 1 file changed, 34 insertions(+), 32 deletions(-) (limited to 'src/main/java/org/openslx/imagemaster/util/AsymMessageSign.java') diff --git a/src/main/java/org/openslx/imagemaster/util/AsymMessageSign.java b/src/main/java/org/openslx/imagemaster/util/AsymMessageSign.java index 134b399..c49f9db 100644 --- a/src/main/java/org/openslx/imagemaster/util/AsymMessageSign.java +++ b/src/main/java/org/openslx/imagemaster/util/AsymMessageSign.java @@ -5,57 +5,59 @@ import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.security.InvalidKeyException; -import java.security.Key; -import java.security.KeyPair; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.security.UnrecoverableKeyException; -import java.security.cert.Certificate; import java.security.cert.CertificateException; public class AsymMessageSign { - KeyPair pair; + private KeyStore keystore; -// String alias = "ftp"; -// String password = "password"; -// String file = "./config/keystore.jks"; - - - public AsymMessageSign(String alias, String password, String file) throws NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, KeyStoreException, UnrecoverableKeyException + /** + * Load the keystore + * @param file Path to keystore + * @param password The keystore's password + * @throws NoSuchAlgorithmException + * @throws CertificateException + * @throws FileNotFoundException + * @throws IOException + * @throws KeyStoreException + * @throws UnrecoverableKeyException + */ + public AsymMessageSign(String file, String password) throws NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, KeyStoreException, UnrecoverableKeyException { - KeyStore keystore = KeyStore.getInstance( "JKS" ); + keystore = KeyStore.getInstance( "JKS" ); keystore.load( new FileInputStream( new File( file ) ), password.toCharArray() ); - Certificate cert = null; - - Key key = keystore.getKey( alias, - password.toCharArray() ); - - if ( key instanceof PrivateKey ) { - cert = keystore.getCertificate( alias ); - PublicKey publicKey = cert.getPublicKey(); - pair = new KeyPair( publicKey, (PrivateKey)key ); - } - } - - public byte[] signMessage( String message ) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException - { - Signature signature = Signature.getInstance( "SHA256WITHRSA" ); - signature.initSign( pair.getPrivate() ); - signature.update( message.getBytes() ); - return signature.sign(); } - public boolean verifyMessage( byte[] signedMessage, byte[] realMessage ) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException + /** + * Verify an encrypted message + * @param signedMessage The signed message from hs/uni server + * @param realMessage The message that was sent before + * @param alias the alias of the certificate + * @param password the password of the certificate + * @return Whether the message could be verfied or not + * @throws NoSuchAlgorithmException + * @throws InvalidKeyException + * @throws SignatureException + * @throws UnrecoverableKeyException + * @throws KeyStoreException + */ + public boolean verifyMessage( byte[] signedMessage, byte[] realMessage, String alias ) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, UnrecoverableKeyException, KeyStoreException { + // first load key + //Key key = keystore.getKey( alias, password.toCharArray() ); + PublicKey key = keystore.getCertificate( alias ).getPublicKey(); + + // verify message Signature signature = Signature.getInstance( "SHA256WITHRSA" ); - signature.initVerify( pair.getPublic() ); + signature.initVerify( key ); signature.update( realMessage ); return signature.verify( signedMessage ); } -- cgit v1.2.3-55-g7522