-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSignatureValidator1.java
More file actions
71 lines (71 loc) · 3.11 KB
/
SignatureValidator1.java
File metadata and controls
71 lines (71 loc) · 3.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
//package random;
//
//import lombok.SneakyThrows;
////import org.apache.commons.codec.binary.Base64;
////import org.apache.commons.lang3.StringUtils;
////import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
////import org.bouncycastle.jce.provider.BouncyCastleProvider;
////import org.bouncycastle.openssl.PEMParser;
////import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
//
//import java.io.StringReader;
//import java.nio.charset.StandardCharsets;
//import java.security.PublicKey;
//import java.security.Security;
//import java.security.Signature;
//import java.util.List;
//import java.util.function.Predicate;
//
//public class SignatureValidator1 {
// private static final String PEM_HEADER = "-----BEGIN PUBLIC KEY-----\n";
// private static final String PEM_FOOTER = "\n-----END PUBLIC KEY-----";
// private static final String SIGNING_ALGORITHM = "SHA256withECDSA";
// private static final Predicate<SignedPublicKey> IS_PIN_KEY = key -> StringUtils.equals("PIN", key.getKeyType());
//
// public SignatureValidator1() {
// Security.addProvider(new BouncyCastleProvider());
// }
//
// public void validateSignatures(String encodedAnonymousKey, List<SignedPublicKey> publicKeys) {
// var pinKey = getPinKey(publicKeys);
// assertKeySignature(pinKey.getEncoded(), pinKey.getSignature(), parseEncodedPublicKey(encodedAnonymousKey));
// assertChildKeyProperties(publicKeys, pinKey);
// }
//
// private SignedPublicKey getPinKey(List<SignedPublicKey> publicKeys) {
// return publicKeys.stream()
// .filter(IS_PIN_KEY)
// .findFirst()
// .orElseThrow(() -> new IllegalArgumentException("No PIN key found"));
// }
//
// @SneakyThrows
// private void assertKeySignature(String signedValue, String signature, PublicKey publicKey) {
// var verifier = Signature.getInstance(SIGNING_ALGORITHM);
// verifier.initVerify(publicKey);
// verifier.update(signedValue.getBytes(StandardCharsets.UTF_8));
// var signatureIsValid = verifier.verify(Base64.decodeBase64(signature));
// AssertUtils.assertTrue(signatureIsValid, InvalidSignatureException::new);
// }
//
// private void assertChildKeyProperties(List<SignedPublicKey> publicKeys, SignedPublicKey pinKey) {
// var pinPublicKey = parsePublicKey(pinKey.getEncoded());
// publicKeys.stream()
// .filter(key -> !IS_PIN_KEY.test(key))
// .forEach(key -> assertKeySignature(key.getEncoded(), key.getSignature(), pinPublicKey));
// }
//
// @SneakyThrows
// private PublicKey parseEncodedPublicKey(String encodedKey) {
// var strippedPublicKey = new String(Base64.decodeBase64(encodedKey), StandardCharsets.UTF_8);
// return parsePublicKey(PEM_HEADER + strippedPublicKey + PEM_FOOTER);
// }
//
// @SneakyThrows
// private PublicKey parsePublicKey(String publicKey) {
// try (var pemParser = new PEMParser(new StringReader(publicKey))) {
// var key = pemParser.readObject();
// return new JcaPEMKeyConverter().getPublicKey((SubjectPublicKeyInfo) key);
// }
// }
//}