Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/pkix/src/main/java/org/spongycastle/eac/operator/jcajce/JcaEACSignatureVerifierBuilder.java
diff options
context:
space:
mode:
Diffstat (limited to 'pkix/src/main/java/org/spongycastle/eac/operator/jcajce/JcaEACSignatureVerifierBuilder.java')
-rw-r--r--pkix/src/main/java/org/spongycastle/eac/operator/jcajce/JcaEACSignatureVerifierBuilder.java181
1 files changed, 181 insertions, 0 deletions
diff --git a/pkix/src/main/java/org/spongycastle/eac/operator/jcajce/JcaEACSignatureVerifierBuilder.java b/pkix/src/main/java/org/spongycastle/eac/operator/jcajce/JcaEACSignatureVerifierBuilder.java
new file mode 100644
index 00000000..7ffdb79a
--- /dev/null
+++ b/pkix/src/main/java/org/spongycastle/eac/operator/jcajce/JcaEACSignatureVerifierBuilder.java
@@ -0,0 +1,181 @@
+package org.spongycastle.eac.operator.jcajce;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Provider;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+
+import org.spongycastle.asn1.ASN1EncodableVector;
+import org.spongycastle.asn1.ASN1Integer;
+import org.spongycastle.asn1.ASN1ObjectIdentifier;
+import org.spongycastle.asn1.DERSequence;
+import org.spongycastle.asn1.eac.EACObjectIdentifiers;
+import org.spongycastle.eac.operator.EACSignatureVerifier;
+import org.spongycastle.operator.OperatorCreationException;
+import org.spongycastle.operator.OperatorStreamException;
+import org.spongycastle.operator.RuntimeOperatorException;
+
+public class JcaEACSignatureVerifierBuilder
+{
+ private EACHelper helper = new DefaultEACHelper();
+
+ public JcaEACSignatureVerifierBuilder setProvider(String providerName)
+ {
+ this.helper = new NamedEACHelper(providerName);
+
+ return this;
+ }
+
+ public JcaEACSignatureVerifierBuilder setProvider(Provider provider)
+ {
+ this.helper = new ProviderEACHelper(provider);
+
+ return this;
+ }
+
+ public EACSignatureVerifier build(final ASN1ObjectIdentifier usageOid, PublicKey pubKey)
+ throws OperatorCreationException
+ {
+ Signature sig;
+ try
+ {
+ sig = helper.getSignature(usageOid);
+
+ sig.initVerify(pubKey);
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ throw new OperatorCreationException("unable to find algorithm: " + e.getMessage(), e);
+ }
+ catch (NoSuchProviderException e)
+ {
+ throw new OperatorCreationException("unable to find provider: " + e.getMessage(), e);
+ }
+ catch (InvalidKeyException e)
+ {
+ throw new OperatorCreationException("invalid key: " + e.getMessage(), e);
+ }
+
+ final SignatureOutputStream sigStream = new SignatureOutputStream(sig);
+
+ return new EACSignatureVerifier()
+ {
+ public ASN1ObjectIdentifier getUsageIdentifier()
+ {
+ return usageOid;
+ }
+
+ public OutputStream getOutputStream()
+ {
+ return sigStream;
+ }
+
+ public boolean verify(byte[] expected)
+ {
+ try
+ {
+ if (usageOid.on(EACObjectIdentifiers.id_TA_ECDSA))
+ {
+ try
+ {
+ byte[] reencoded = derEncode(expected);
+
+ return sigStream.verify(reencoded);
+ }
+ catch (Exception e)
+ {
+ return false;
+ }
+ }
+ else
+ {
+ return sigStream.verify(expected);
+ }
+ }
+ catch (SignatureException e)
+ {
+ throw new RuntimeOperatorException("exception obtaining signature: " + e.getMessage(), e);
+ }
+ }
+ };
+ }
+
+ private static byte[] derEncode(byte[] rawSign) throws IOException
+ {
+ int len = rawSign.length / 2;
+
+ byte[] r = new byte[len];
+ byte[] s = new byte[len];
+ System.arraycopy(rawSign, 0, r, 0, len);
+ System.arraycopy(rawSign, len, s, 0, len);
+
+ ASN1EncodableVector v = new ASN1EncodableVector();
+ v.add(new ASN1Integer(new BigInteger(1, r)));
+ v.add(new ASN1Integer(new BigInteger(1, s)));
+
+ DERSequence seq = new DERSequence(v);
+ return seq.getEncoded();
+ }
+
+ private class SignatureOutputStream
+ extends OutputStream
+ {
+ private Signature sig;
+
+ SignatureOutputStream(Signature sig)
+ {
+ this.sig = sig;
+ }
+
+ public void write(byte[] bytes, int off, int len)
+ throws IOException
+ {
+ try
+ {
+ sig.update(bytes, off, len);
+ }
+ catch (SignatureException e)
+ {
+ throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
+ }
+ }
+
+ public void write(byte[] bytes)
+ throws IOException
+ {
+ try
+ {
+ sig.update(bytes);
+ }
+ catch (SignatureException e)
+ {
+ throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
+ }
+ }
+
+ public void write(int b)
+ throws IOException
+ {
+ try
+ {
+ sig.update((byte)b);
+ }
+ catch (SignatureException e)
+ {
+ throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
+ }
+ }
+
+ boolean verify(byte[] expected)
+ throws SignatureException
+ {
+ return sig.verify(expected);
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 05:54:50 +0300