diff options
Diffstat (limited to 'src/main/java/org')
3 files changed, 288 insertions, 71 deletions
diff --git a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java index a05a936..ef31166 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java @@ -20,6 +20,7 @@ import org.uic.barcode.dynamicFrame.v1.DynamicFrameCoderV1; import org.uic.barcode.dynamicFrame.v2.DynamicFrameCoderV2;
import org.uic.barcode.ticket.EncodingFormatException;
import org.uic.barcode.utils.AlgorithmNameResolver;
+import org.uic.barcode.utils.SecurityUtils;
@@ -132,13 +133,15 @@ public class SimpleDynamicFrame implements IDynamicFrame { *
* Note: an appropriate security provider (e.g. BC) must be registered before
*
- * @param prov the registered security provider
+ * @param provider the registered security provider
* @return the return error code
* @throws EncodingFormatException
*/
@Override
public int validateLevel2(Provider prov) throws EncodingFormatException {
+ Provider provider = prov;
+
if (getLevel2Data() == null
|| getLevel2Data().getLevel1Data() == null
|| getLevel2Data().getLevel1Data().getLevel2KeyAlg() == null
@@ -159,7 +162,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { String keyAlgName = null;
try {
- keyAlgName = AlgorithmNameResolver.getName(AlgorithmNameResolver.TYPE_KEY_GENERATOR_ALG, level2KeyAlg,prov);
+ keyAlgName = AlgorithmNameResolver.getName(AlgorithmNameResolver.TYPE_KEY_GENERATOR_ALG, level2KeyAlg,provider);
} catch (Exception e1) {
return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED;
}
@@ -171,7 +174,20 @@ public class SimpleDynamicFrame implements IDynamicFrame { try {
byte[] keyBytes = this.getLevel2Data().getLevel1Data().getLevel2publicKey();
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
- key = KeyFactory.getInstance(keyAlgName).generatePublic(keySpec);
+
+ KeyFactory keyFactory = null;
+ if (provider == null) {
+ keyFactory = SecurityUtils.findKeyFactory(level2KeyAlg, keyBytes);
+ provider = keyFactory.getProvider();
+ } else {
+ keyFactory = KeyFactory.getInstance(keyAlgName,provider);
+ }
+ if (keyFactory != null) {
+ key = keyFactory.generatePublic(keySpec);
+ } else {
+ return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED;
+ }
+
} catch (InvalidKeySpecException e1) {
return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED;
} catch (NoSuchAlgorithmException e1) {
@@ -183,7 +199,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { String sigAlgName = null;
try {
- sigAlgName = AlgorithmNameResolver.getName(AlgorithmNameResolver.TYPE_SIGNATURE_ALG,level2SigAlg,prov);
+ sigAlgName = AlgorithmNameResolver.getSignatureAlgorithmName(level2SigAlg,provider);
} catch (Exception e1) {
return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED;
}
@@ -191,12 +207,12 @@ public class SimpleDynamicFrame implements IDynamicFrame { return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED;
}
- Signature sig;
+ Signature sig = null;
try {
- if (prov == null) {
+ if (provider == null) {
sig = Signature.getInstance(sigAlgName);
} else {
- sig = Signature.getInstance(sigAlgName, prov);
+ sig = Signature.getInstance(sigAlgName,provider);
}
} catch (NoSuchAlgorithmException e) {
return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED;
@@ -321,7 +337,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { } else {
return Constants.LEVEL1_VALIDATION_FRAUD;
}
- } catch (SignatureException e) {
+ } catch (Exception e) {
return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED;
}
}
@@ -344,6 +360,9 @@ public class SimpleDynamicFrame implements IDynamicFrame { //find the algorithm name for the signature OID
String algo = AlgorithmNameResolver.getSignatureAlgorithmName(this.getLevel2Data().getLevel1Data().getLevel2SigningAlg(), prov);
Signature sig = null;
+ if (prov == null) {
+ prov = SecurityUtils.findPrivateKeyProvider(key);
+ }
if (prov != null) {
sig = Signature.getInstance(algo,prov);
} else {
@@ -438,10 +457,16 @@ public class SimpleDynamicFrame implements IDynamicFrame { ILevel1Data level1Data = level2Data.getLevel1Data();
if (level1Data == null) return;
+
+ if (prov == null) {
+ //check for a provider supporting the key
+ prov = SecurityUtils.findPrivateKeyProvider(key);
+ }
//find the algorithm name for the signature OID
- String algo = AlgorithmNameResolver.getSignatureAlgorithmName(level1Data.getLevel1SigningAlg());
+ String algo = AlgorithmNameResolver.getSignatureAlgorithmName(level1Data.getLevel1SigningAlg(), prov);
Signature sig = null;
+
if (prov != null) {
sig = Signature.getInstance(algo, prov);
} else {
diff --git a/src/main/java/org/uic/barcode/utils/AlgorithmNameResolver.java b/src/main/java/org/uic/barcode/utils/AlgorithmNameResolver.java index a3154f3..28f90e6 100644 --- a/src/main/java/org/uic/barcode/utils/AlgorithmNameResolver.java +++ b/src/main/java/org/uic/barcode/utils/AlgorithmNameResolver.java @@ -3,98 +3,161 @@ package org.uic.barcode.utils; import java.security.Provider;
import java.security.Provider.Service;
import java.security.Security;
+import java.util.HashMap;
+/**
+ * The Class AlgorithmNameResolver.
+ */
public class AlgorithmNameResolver {
+ /** The Constant TYPE_KEY_GENERATOR_ALG. */
public static final String TYPE_KEY_GENERATOR_ALG = "KeyPairGenerator";
+
+ /** The Constant TYPE_SIGNATURE_ALG. */
public static final String TYPE_SIGNATURE_ALG = "Signature";
+ /** The map. */
+ private static HashMap<String, HashMap<String, String>> map = new HashMap<String, HashMap<String, String>>();
+
+ /**
+ * Adds an entry for a mapping of algorithm type and oid to an algorithm name
+ *
+ * @param type the algorithm type
+ * @param oid the algorithm OID
+ * @param name the algorithm name
+ */
+ public static void addMap (String type, String oid, String name) {
+
+ if (map.get(type) == null) {
+ HashMap<String,String> list = new HashMap<String , String>();
+ list.put(oid, name);
+ map.put(type, list);
+ } else {
+ map.get(type).put(oid, name);
+ }
+ }
+
+ /**
+ * Gets the signature algorithm name.
+ *
+ * @param oid the oid
+ * @return the signature algorithm name
+ * @throws Exception the exception
+ */
public static String getSignatureAlgorithmName (String oid) throws Exception {
- Provider[] provs = Security.getProviders();
- for (Provider prov : provs) {
- Service service = prov.getService(AlgorithmNameResolver.TYPE_SIGNATURE_ALG,oid);
- if (service != null) {
- return service.getAlgorithm();
- }
- }
- return null;
+ return getSignatureAlgorithmName (oid, null);
}
+ /**
+ * Gets the signature algorithm name.
+ *
+ * @param oid the oid
+ * @param provider the provider
+ * @return the signature algorithm name
+ * @throws Exception the exception
+ */
public static String getSignatureAlgorithmName (String oid, Provider provider) throws Exception {
+ return getAlgorithmName(AlgorithmNameResolver.TYPE_SIGNATURE_ALG,oid,provider);
+
+ }
+
+ /**
+ * Gets the name.
+ *
+ * @param type the type
+ * @param oid the oid
+ * @return the name
+ * @throws Exception the exception
+ */
+ public static String getName (String type, String oid) throws Exception {
+
+ return getAlgorithmName(type,oid,null);
+
+ }
+
+
+ /**
+ * Gets the name.
+ *
+ * @param type the type
+ * @param oid the oid
+ * @param provider the provider
+ * @return the name
+ * @throws Exception the exception
+ */
+ public static String getName(String type, String oid, Provider provider) throws Exception {
+
+ return getAlgorithmName(type,oid,provider);
+
+ }
+
+
+
+ /**
+ * Gets the algorithm name.
+ *
+ * @param type the type
+ * @param oid the oid
+ * @param provider the provider
+ * @return the algorithm name
+ * @throws Exception the exception
+ */
+ public static String getAlgorithmName (String type, String oid, Provider provider) throws Exception {
+
+ String name = null;
+
if (provider != null) {
- Service service = provider.getService(AlgorithmNameResolver.TYPE_SIGNATURE_ALG,oid);
- return service.getAlgorithm();
+ Service service = provider.getService(type,oid);
+ if (service != null) {
+ name = service.getAlgorithm();
+ }
+
+ if (name != null && name.length() > 0) {
+ return name;
+ }
}
Provider[] provs = Security.getProviders();
for (Provider prov : provs) {
- Service service = prov.getService(AlgorithmNameResolver.TYPE_SIGNATURE_ALG,oid);
+ Service service = prov.getService(type,oid);
if (service != null) {
- return service.getAlgorithm();
+ name = service.getAlgorithm();
+ }
+ if (name != null && name.length() > 0) {
+ return name;
}
}
- return null;
-
- }
-
-
- public static String getName (String type, String oid) throws Exception {
-
- Provider[] provs = Security.getProviders();
- for (Provider prov : provs) {
- Service service = prov.getService(type,oid);
- if (service != null) {
- return service.getAlgorithm();
- }
- }
-
- if (oid.startsWith("1.2.840.10045")) {
+
+ if (map.get(type) != null) {
+ if (map.get(type).get(oid) != null) {
+ return map.get(type).get(oid);
+ }
+ }
+
+
+ //fallback if the provider did not implement OIDs
+ if (oid.startsWith("1.2.840.10045.4")) {
return "ECDSA";
- } else if (oid.startsWith("1.2.840.10040")) {
- return "DSA";
- }
-
- return null;
-
- }
-
-
- public static String getName(String type, String oid, Provider provider) throws Exception {
-
- Service service = null;
- if (provider == null) {
-
- Provider[] provs = Security.getProviders();
- for (Provider prov : provs) {
- service = prov.getService(type,oid);
- }
-
- } else {
- service = provider.getService(type,oid);
- }
-
-
-
- if (service != null) {
- return service.getAlgorithm();
- }
-
- if (oid.startsWith("1.2.840.10045")) {
+ } else if (oid.startsWith("1.2.840.10045.3")) {
+ return "EC";
+ } else if (oid.startsWith("1.2.840.10045")) {
return "ECDSA";
} else if (oid.startsWith("1.2.840.10040")) {
return "DSA";
}
-
- return null;
-
- }
+
+ return null;
+
+ }
+
+
diff --git a/src/main/java/org/uic/barcode/utils/SecurityUtils.java b/src/main/java/org/uic/barcode/utils/SecurityUtils.java new file mode 100644 index 0000000..542208b --- /dev/null +++ b/src/main/java/org/uic/barcode/utils/SecurityUtils.java @@ -0,0 +1,129 @@ +package org.uic.barcode.utils;
+
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.Provider;
+import java.security.PublicKey;
+import java.security.Security;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+
+public class SecurityUtils {
+
+ public static KeyFactory findKeyFactory(String oid, byte[] keyBytes) {
+
+ X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
+
+ String name = null;
+ try {
+ name = AlgorithmNameResolver.getName(AlgorithmNameResolver.TYPE_KEY_GENERATOR_ALG, oid);
+ } catch (Exception e2) {
+ return null;
+ }
+ if (name == null || name.length() == 0) {
+ return null;
+ }
+
+ KeyFactory keyFactory = null;
+
+ Provider[] provs = Security.getProviders();
+ for (Provider provider : provs) {
+ try {
+ keyFactory = KeyFactory.getInstance(name,provider);
+ } catch (NoSuchAlgorithmException e1) {
+ //try next
+ }
+ if (keyFactory != null) {
+ try {
+ keyFactory.generatePublic(keySpec);
+ return keyFactory;
+ } catch (Exception e) {
+ //try next
+ }
+ }
+ }
+ return null;
+
+ }
+
+
+ public static Provider findPrivateKeyProvider(PrivateKey key) {
+
+ String name = key.getAlgorithm();
+ byte[] keyBytes = key.getEncoded();
+
+
+ PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
+
+
+ KeyFactory keyFactory = null;
+
+ Provider[] provs = Security.getProviders();
+ for (Provider provider : provs) {
+ try {
+ keyFactory = KeyFactory.getInstance(name,provider);
+ } catch (NoSuchAlgorithmException e1) {
+ //try next
+ }
+ if (keyFactory != null) {
+ try {
+ keyFactory.generatePrivate(keySpec);
+ return provider;
+ } catch (Exception e) {
+ provider = null;
+ //try next
+ }
+ }
+ }
+
+ return null;
+ }
+
+
+
+ public static PublicKey convertPublicKey(PublicKey key) {
+
+
+ PublicKey publicKey;
+ try {
+ publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(key.getEncoded()));
+ } catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
+ return key;
+ }
+
+ return publicKey;
+
+ }
+
+
+ public static PublicKey convert(PublicKey key, Provider provider) {
+
+ PublicKey publicKey;
+ try {
+ publicKey = KeyFactory.getInstance("RSA", provider).generatePublic(new X509EncodedKeySpec(key.getEncoded()));
+ } catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
+ return key;
+ }
+
+ return publicKey;
+
+
+ }
+
+
+ public static PrivateKey convertPrivateKey(PrivateKey key) {
+
+
+ PrivateKey privateKey;
+ try {
+ privateKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(key.getEncoded()));
+ } catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
+ return key;
+ }
+
+ return privateKey;
+
+ }
+}
|