List of usage examples for java.security Signature update
public final void update(byte[] data, int off, int len) throws SignatureException
From source file:org.codice.ddf.commands.util.DigitalSignature.java
public byte[] createDigitalSignature(InputStream data, String alias, String password) throws IOException { PrivateKey privateKey = getPrivateKey(alias, password); if (privateKey == null) { throw new CatalogCommandRuntimeException("Unable to retrieve private key"); }//from ww w. j a v a 2s.c om try { Signature rsa = Signature.getInstance("SHA256withRSA"); rsa.initSign(privateKey); byte[] buffer = new byte[BUFFER_SIZE]; int len; while ((len = data.read(buffer)) >= 0) { rsa.update(buffer, OFFSET, len); } return rsa.sign(); } catch (SignatureException | InvalidKeyException | NoSuchAlgorithmException e) { String message = "An error occurred while signing file"; LOGGER.debug(message, e); throw new CatalogCommandRuntimeException(message, e); } }
From source file:org.codice.ddf.commands.util.DigitalSignature.java
public boolean verifyDigitalSignature(InputStream data, InputStream signature, String certificateAlias) throws IOException { byte[] sigToVerify = IOUtils.toByteArray(signature); Certificate certificate = getCertificate(certificateAlias); if (certificate == null) { throw new CatalogCommandRuntimeException("Unable to retrieve certificate"); }//from ww w.j av a 2 s. c om try { Signature rsa = Signature.getInstance("SHA256withRSA"); rsa.initVerify(certificate); byte[] buffer = new byte[BUFFER_SIZE]; int len; while ((len = data.read(buffer)) >= 0) { rsa.update(buffer, OFFSET, len); } return rsa.verify(sigToVerify); } catch (InvalidKeyException | SignatureException | NoSuchAlgorithmException e) { String message = "An error occurred while verifying file"; LOGGER.debug(message, e); throw new CatalogCommandRuntimeException(message, e); } }
From source file:org.icestuff.getdown.maven.SignConfig.java
private void sign(File inputFile, File signatureFile) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, InvalidKeyException, SignatureException { // initialize the keystore KeyStore store = KeyStore.getInstance(storetype == null ? "JKS" : storetype); FileInputStream storeInput = new FileInputStream(getKeystore()); store.load(storeInput, getStorepass().toCharArray()); PrivateKey key = (PrivateKey) store.getKey(getAlias(), getKeypass() == null ? getKeypass().toCharArray() : getKeypass().toCharArray()); // sign the digest file Signature sig = Signature.getInstance("SHA1withRSA"); FileInputStream dataInput = new FileInputStream(inputFile); byte[] buffer = new byte[8192]; int length;//w w w . j a va 2s .com sig.initSign(key); while ((length = dataInput.read(buffer)) != -1) { sig.update(buffer, 0, length); } // Write out the signature FileOutputStream signatureOutput = new FileOutputStream(signatureFile); String signed = new String(Base64.encodeBase64(sig.sign())); signatureOutput.write(signed.getBytes("utf8")); }
From source file:in.neoandroid.neoupdate.neoUpdate.java
private boolean checkSignature(String jsonContent, String sign) { Log.d(TAG, "JSON: " + jsonContent); if (sign == null) return false; final String publicKeyStr = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+6EG/fAE+zIdh5Wzqnf" + "Fo4nCf7t7eJcKyvk1lqX1MdkIi/fUs8HQ4aQ4jWLCO4M1Gkz1FQiXOnheGLV5MXY" + "c9GyaglsofvpA/pU5d16FybX2pCevbTzcm39eU+XlwQWOr8gh23tYD8G6uMX6sIJ" + "W+1k1FWdud9errMVm0YUScI+J4AV5xzN0IQ29h9IeNp6oFqZ2ByWog6OBMTUDFIW" + "q8oRvH0OuPv3zFR5rKwsbTYb5Da8lhUht04dLBA860Y4zeUu98huvS9jQPu2N4ns" + "Hf425FfDJ/wae+7eLdQo7uFb+Wvc+PO9U39e6vXQfa8ZkUoXHD0XZN4jsFcKYuJw" + "OwIDAQAB"; try {/*from w ww .j a v a 2 s .c o m*/ byte keyBytes[] = Base64.decode(publicKeyStr.getBytes(), Base64.NO_WRAP); X509EncodedKeySpec publicSpec = new X509EncodedKeySpec(keyBytes); KeyFactory kf = KeyFactory.getInstance("RSA"); PublicKey publicKey = kf.generatePublic(publicSpec); Signature signer = Signature.getInstance("SHA1withRSA"); signer.initVerify(publicKey); signer.update(jsonContent.getBytes(), 0, jsonContent.length()); return signer.verify(Base64.decode(sign, Base64.NO_WRAP)); } catch (Exception e) { } return false; }
From source file:com.threerings.getdown.data.Application.java
/** * Downloads a new copy of the specified control file, optionally validating its signature. * If the download is successful, moves it over the old file on the filesystem. * * <p> We implement simple signing of the digest.txt file for use with the Getdown applet, but * this should never be used as-is with a non-applet getdown installation, as the signing * format has no provisions for declaring arbitrary signing key IDs, signature algorithm, et al * -- it is entirely reliant on the ability to upgrade the Getdown applet, and its signature * validation implementation, at-will (ie, via an Applet). * * <p> TODO: Switch to PKCS #7 or CMS. *//* ww w . j a va 2 s .co m*/ protected void downloadControlFile(String path, boolean validateSignature) throws IOException { File target = downloadFile(path); if (validateSignature) { if (_signers.isEmpty()) { log.info("No signers, not verifying file", "path", path); } else { File signatureFile = downloadFile(path + SIGNATURE_SUFFIX); byte[] signature = null; FileReader reader = null; try { reader = new FileReader(signatureFile); signature = StreamUtil.toByteArray(new FileInputStream(signatureFile)); } finally { StreamUtil.close(reader); signatureFile.delete(); // delete the file regardless } byte[] buffer = new byte[8192]; int length, validated = 0; for (Certificate cert : _signers) { FileInputStream dataInput = null; try { dataInput = new FileInputStream(target); Signature sig = Signature.getInstance("SHA1withRSA"); sig.initVerify(cert); while ((length = dataInput.read(buffer)) != -1) { sig.update(buffer, 0, length); } if (!sig.verify(Base64.decodeBase64(signature))) { log.info("Signature does not match", "cert", cert.getPublicKey()); continue; } else { log.info("Signature matches", "cert", cert.getPublicKey()); validated++; } } catch (IOException ioe) { log.warning("Failure validating signature of " + target + ": " + ioe); } catch (GeneralSecurityException gse) { // no problem! } finally { StreamUtil.close(dataInput); dataInput = null; } } // if we couldn't find a key that validates our digest, we are the hosed! if (validated == 0) { // delete the temporary digest file as we know it is invalid target.delete(); throw new IOException("m.corrupt_digest_signature_error"); } } } // now move the temporary file over the original File original = getLocalPath(path); if (!FileUtil.renameTo(target, original)) { throw new IOException("Failed to rename(" + target + ", " + original + ")"); } }