Java 类java.security.SignatureException 实例源码

项目:AppCoins-ethereumj    文件:ECKey.java   
/**
 * Given a piece of text and a message signature encoded in base64, returns an ECKey
 * containing the public key that was used to sign it. This can then be compared to the expected public key to
 * determine if the signature was correct.
 *
 * @param messageHash a piece of human readable text that was signed
 * @param signatureBase64 The Ethereum-format message signature in base64
 *
 * @return -
 * @throws SignatureException If the public key could not be recovered or if there was a signature format error.
 */
public static byte[] signatureToKeyBytes(byte[] messageHash, String signatureBase64) throws SignatureException {
    byte[] signatureEncoded;
    try {
        signatureEncoded = Base64.decode(signatureBase64);
    } catch (RuntimeException e) {
        // This is what you get back from Bouncy Castle if base64 doesn't decode :(
        throw new SignatureException("Could not decode base64", e);
    }
    // Parse the signature bytes into r/s and the selector value.
    if (signatureEncoded.length < 65)
        throw new SignatureException("Signature truncated, expected 65 bytes and got " + signatureEncoded.length);

    return signatureToKeyBytes(
        messageHash,
        ECDSASignature.fromComponents(
            Arrays.copyOfRange(signatureEncoded, 1, 33),
            Arrays.copyOfRange(signatureEncoded, 33, 65),
            (byte) (signatureEncoded[0] & 0xFF)));
}
项目:incubator-servicecomb-java-chassis    文件:RSAUtils.java   
/**
 * if has performance problem ,change Signature to ThreadLocal instance 
 */
public static String sign(String content, PrivateKey privateKey)
    throws NoSuchAlgorithmException, InvalidKeySpecException, SignatureException, InvalidKeyException {
  Signature signature = Signature.getInstance(SIGN_ALG);
  signature.initSign(privateKey);
  signature.update(content.getBytes());
  byte[] signByte = signature.sign();
  return encoder.encodeToString(signByte);
}
项目:OpenJSharp    文件:RSASignature.java   
/**
 * Returns the signature bytes of all the data
 * updated so far.
 * The format of the signature depends on the underlying
 * signature scheme.
 *
 * @return the signature bytes of the signing operation's result.
 *
 * @exception SignatureException if the engine is not
 * initialized properly or if this signature algorithm is unable to
 * process the input data provided.
 */
protected byte[] engineSign() throws SignatureException {

    byte[] hash = getDigestValue();

    // Omit the hash OID when generating a Raw signature
    boolean noHashOID = this instanceof Raw;

    // Sign hash using MS Crypto APIs

    byte[] result = signHash(noHashOID, hash, hash.length,
        messageDigestAlgorithm, privateKey.getHCryptProvider(),
        privateKey.getHCryptKey());

    // Convert signature array from little endian to big endian
    return convertEndianArray(result);
}
项目:ipack    文件:DSASigner.java   
protected boolean engineVerify(
    byte[]  sigBytes) 
    throws SignatureException
{
    byte[]  hash = new byte[digest.getDigestSize()];

    digest.doFinal(hash, 0);

    BigInteger[]    sig;

    try
    {
        sig = derDecode(sigBytes);
    }
    catch (Exception e)
    {
        throw new SignatureException("error decoding signature bytes.");
    }

    return signer.verifySignature(hash, sig[0], sig[1]);
}
项目:AppCoins-ethereumj    文件:ECKey.java   
/**
 * Given a piece of text and a message signature encoded in base64, returns an ECKey
 * containing the public key that was used to sign it. This can then be compared to the expected public key to
 * determine if the signature was correct.
 *
 * @param messageHash a piece of human readable text that was signed
 * @param signatureBase64 The Ethereum-format message signature in base64
 *
 * @return -
 * @throws SignatureException If the public key could not be recovered or if there was a signature format error.
 */
public static byte[] signatureToKeyBytes(byte[] messageHash, String signatureBase64) throws SignatureException {
    byte[] signatureEncoded;
    try {
        signatureEncoded = Base64.decode(signatureBase64);
    } catch (RuntimeException e) {
        // This is what you get back from Bouncy Castle if base64 doesn't decode :(
        throw new SignatureException("Could not decode base64", e);
    }
    // Parse the signature bytes into r/s and the selector value.
    if (signatureEncoded.length < 65)
        throw new SignatureException("Signature truncated, expected 65 bytes and got " + signatureEncoded.length);

    return signatureToKeyBytes(
        messageHash,
        ECDSASignature.fromComponents(
            Arrays.copyOfRange(signatureEncoded, 1, 33),
            Arrays.copyOfRange(signatureEncoded, 33, 65),
            (byte) (signatureEncoded[0] & 0xFF)));
}
项目:ipack    文件:X509Util.java   
static byte[] calculateSignature(
    DERObjectIdentifier sigOid,
    String              sigName,
    PrivateKey          key,
    SecureRandom        random,
    ASN1Encodable       object)
    throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException
{
    Signature sig;

    if (sigOid == null)
    {
        throw new IllegalStateException("no signature algorithm specified");
    }

    sig = X509Util.getSignatureInstance(sigName);

    if (random != null)
    {
        sig.initSign(key, random);
    }
    else
    {
        sig.initSign(key);
    }

    sig.update(object.toASN1Primitive().getEncoded(ASN1Encoding.DER));

    return sig.sign();
}
项目:jdk8u-jdk    文件:X509CRLImpl.java   
/**
 * Verifies that this CRL was signed using the
 * private key that corresponds to the given public key,
 * and that the signature verification was computed by
 * the given provider.
 *
 * @param key the PublicKey used to carry out the verification.
 * @param sigProvider the name of the signature provider.
 *
 * @exception NoSuchAlgorithmException on unsupported signature
 * algorithms.
 * @exception InvalidKeyException on incorrect key.
 * @exception NoSuchProviderException on incorrect provider.
 * @exception SignatureException on signature errors.
 * @exception CRLException on encoding errors.
 */
public synchronized void verify(PublicKey key, String sigProvider)
        throws CRLException, NoSuchAlgorithmException, InvalidKeyException,
        NoSuchProviderException, SignatureException {

    if (sigProvider == null) {
        sigProvider = "";
    }
    if ((verifiedPublicKey != null) && verifiedPublicKey.equals(key)) {
        // this CRL has already been successfully verified using
        // this public key. Make sure providers match, too.
        if (sigProvider.equals(verifiedProvider)) {
            return;
        }
    }
    if (signedCRL == null) {
        throw new CRLException("Uninitialized CRL");
    }
    Signature   sigVerf = null;
    if (sigProvider.length() == 0) {
        sigVerf = Signature.getInstance(sigAlgId.getName());
    } else {
        sigVerf = Signature.getInstance(sigAlgId.getName(), sigProvider);
    }
    sigVerf.initVerify(key);

    if (tbsCertList == null) {
        throw new CRLException("Uninitialized CRL");
    }

    sigVerf.update(tbsCertList, 0, tbsCertList.length);

    if (!sigVerf.verify(signature)) {
        throw new SignatureException("Signature does not match.");
    }
    verifiedPublicKey = key;
    verifiedProvider = sigProvider;
}
项目:ipack    文件:X509V2AttributeCertificate.java   
public final void verify(
        PublicKey   key,
        String      provider)
        throws CertificateException, NoSuchAlgorithmException,
        InvalidKeyException, NoSuchProviderException, SignatureException
{
    Signature   signature = null;

    if (!cert.getSignatureAlgorithm().equals(cert.getAcinfo().getSignature()))
    {
        throw new CertificateException("Signature algorithm in certificate info not same as outer certificate");
    }

    signature = Signature.getInstance(cert.getSignatureAlgorithm().getObjectId().getId(), provider);

    signature.initVerify(key);

    try
    {
        signature.update(cert.getAcinfo().getEncoded());
    }
    catch (IOException e)
    {
        throw new SignatureException("Exception encoding certificate info object");
    }

    if (!signature.verify(this.getSignature()))
    {
        throw new InvalidKeyException("Public key presented not for certificate signature");
    }
}
项目:jdk8u-jdk    文件:X509CRLImpl.java   
/**
 * Verifies that this CRL was signed using the
 * private key that corresponds to the given public key,
 * and that the signature verification was computed by
 * the given provider. Note that the specified Provider object
 * does not have to be registered in the provider list.
 *
 * @param key the PublicKey used to carry out the verification.
 * @param sigProvider the signature provider.
 *
 * @exception NoSuchAlgorithmException on unsupported signature
 * algorithms.
 * @exception InvalidKeyException on incorrect key.
 * @exception SignatureException on signature errors.
 * @exception CRLException on encoding errors.
 */
public synchronized void verify(PublicKey key, Provider sigProvider)
        throws CRLException, NoSuchAlgorithmException, InvalidKeyException,
        SignatureException {

    if (signedCRL == null) {
        throw new CRLException("Uninitialized CRL");
    }
    Signature sigVerf = null;
    if (sigProvider == null) {
        sigVerf = Signature.getInstance(sigAlgId.getName());
    } else {
        sigVerf = Signature.getInstance(sigAlgId.getName(), sigProvider);
    }
    sigVerf.initVerify(key);

    if (tbsCertList == null) {
        throw new CRLException("Uninitialized CRL");
    }

    sigVerf.update(tbsCertList, 0, tbsCertList.length);

    if (!sigVerf.verify(signature)) {
        throw new SignatureException("Signature does not match.");
    }
    verifiedPublicKey = key;
}
项目:RISE-V2G    文件:SecurityUtils.java   
/**
 * Verifies that the given certificate was signed using the private key that corresponds to the 
 * public key of the provided certificate.
 * 
 * @param certificate The X509Certificate which is to be checked
 * @param issuingCertificate The X.509 certificate which holds the public key corresponding to the private 
 *        key with which the given certificate should have been signed
 * @return True, if the verification was successful, false otherwise
 */
public static boolean verifySignature(X509Certificate certificate, X509Certificate issuingCertificate) {
    X500Principal subject = certificate.getSubjectX500Principal();
    X500Principal expectedIssuerSubject = certificate.getIssuerX500Principal();
    X500Principal issuerSubject = issuingCertificate.getSubjectX500Principal();
    PublicKey publicKeyForSignature = issuingCertificate.getPublicKey();

    try {
        certificate.verify(publicKeyForSignature);
        return true;
    } catch (InvalidKeyException | CertificateException | NoSuchAlgorithmException | 
             NoSuchProviderException | SignatureException e) {
        getLogger().warn("\n"
                       + "\tSignature verification of certificate having distinguished name \n" 
                       + "\t'" + subject.getName() + "'\n" 
                       + "\twith certificate having distinguished name (the issuer) \n" 
                       + "\t'" + issuerSubject.getName() + "'\n"
                       + "\tfailed. Expected issuer has distinguished name \n"
                       + "\t'" + expectedIssuerSubject.getName() + "' (" + e.getClass().getSimpleName() + ")", e);
    } 

    return false;
}
项目:AppCoins-ethereumj    文件:ECKey.java   
public static byte[] signatureToKeyBytes(byte[] messageHash, ECDSASignature sig) throws SignatureException {
    check(messageHash.length == 32, "messageHash argument has length " + messageHash.length);
    int header = sig.v;
    // The header byte: 0x1B = first key with even y, 0x1C = first key with odd y,
    //                  0x1D = second key with even y, 0x1E = second key with odd y
    if (header < 27 || header > 34)
        throw new SignatureException("Header byte out of range: " + header);
    if (header >= 31) {
        header -= 4;
    }
    int recId = header - 27;
    byte[] key = ECKey.recoverPubBytesFromSignature(recId, sig, messageHash);
    if (key == null)
        throw new SignatureException("Could not recover public key from signature");
    return key;
}
项目:ipack    文件:X509CertificateObject.java   
public final void verify(
    PublicKey   key)
    throws CertificateException, NoSuchAlgorithmException,
    InvalidKeyException, NoSuchProviderException, SignatureException
{
    Signature   signature;
    String      sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());

    try
    {
        signature = Signature.getInstance(sigName, BouncyCastleProvider.PROVIDER_NAME);
    }
    catch (Exception e)
    {
        signature = Signature.getInstance(sigName);
    }

    checkSignature(key, signature);
}
项目:cww_framework    文件:FatParameter.java   
/**
 * Computes RFC 2104-compliant HMAC signature.
 * * @param data
 * The data to be signed.
 * @param key
 * The signing key.
 * @return
 * The Base64-encoded RFC 2104-compliant HMAC signature.
 * @throws
 * SignatureException when signature generation fails
 */
private static String calculateRFC2104HMAC(String data, String key)
        throws SignatureException
{
    String result;
    try {

        // get an hmac_sha1 key from the raw key bytes
        SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), HMAC_SHA1_ALGORITHM);

        // get an hmac_sha1 Mac instance and initialize with the signing key
        Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
        mac.init(signingKey);

        // compute the hmac on input data bytes
        byte[] rawHmac = mac.doFinal(data.getBytes());

        // base64-encode the hmac
        result = EncodeBase64(rawHmac);

    } catch (Exception e) {
        throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
    }
    return result;
}
项目:ipack    文件:X509CRLObject.java   
public void verify(PublicKey key, String sigProvider)
    throws CRLException, NoSuchAlgorithmException,
        InvalidKeyException, NoSuchProviderException, SignatureException
{
    if (!c.getSignatureAlgorithm().equals(c.getTBSCertList().getSignature()))
    {
        throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList.");
    }

    Signature sig;

    if (sigProvider != null)
    {
        sig = Signature.getInstance(getSigAlgName(), sigProvider);
    }
    else
    {
        sig = Signature.getInstance(getSigAlgName());
    }

    sig.initVerify(key);
    sig.update(this.getTBSCertList());

    if (!sig.verify(this.getSignature()))
    {
        throw new SignatureException("CRL does not verify with supplied public key.");
    }
}
项目:nearenough    文件:RtEd25519.java   
/**
 * Sign byte-strings using the private key derived from the provided <em>seed</em>.
 *
 * @param seedBytes A <em>seed</em> to create a private key. Not the actual private key. The
 * seed will be transformed and expanded into an Ed25519 private key as described in <a
 * href="https://tools.ietf.org/html/rfc8032#page-13">RFC 8032</a>.
 */
public Signer(byte[] seedBytes) throws InvalidKeyException, SignatureException {
  checkArgument(seedBytes.length >= MIN_SEED_LENGTH, "insufficient private key seed length");

  EdDSAPrivateKeySpec privateSpec = new EdDSAPrivateKeySpec(seedBytes, ED25519_SPEC);
  this.privateKey = new EdDSAPrivateKey(privateSpec);
  this.signer = new EdDSAEngine(RtHashing.newSha512());
  signer.initSign(privateKey);
}
项目:openjdk-jdk10    文件:SignatureECDSA.java   
/** @inheritDoc */
protected void engineUpdate(byte[] input) throws XMLSignatureException {
    try {
        this.signatureAlgorithm.update(input);
    } catch (SignatureException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
项目:incubator-servicecomb-java-chassis    文件:RSAProviderTokenManager.java   
public boolean valid(String token) {
  try {
    RSAAuthenticationToken rsaToken = RSAAuthenticationToken.fromStr(token);
    if (null == rsaToken) {
      LOGGER.error("token format is error, perhaps you need to set auth handler at consumer");
      return false;
    }
    if (tokenExprired(rsaToken)) {
      LOGGER.error("token is expired");
      return false;
    }
    if (validatedToken.contains(rsaToken)) {
      LOGGER.info("found vaildate token in vaildate pool");
      return true;
    }

    String sign = rsaToken.getSign();
    String content = rsaToken.plainToken();
    String publicKey = getPublicKey(rsaToken.getInstanceId(), rsaToken.getServiceId());
    boolean verify = RSAUtils.verify(publicKey, sign, content);
    if (verify && !tokenExprired(rsaToken)) {
      validatedToken.add(rsaToken);
      return true;
    }

    LOGGER.error("token verify error");
    return false;

  } catch (InvalidKeyException | NoSuchAlgorithmException | InvalidKeySpecException | SignatureException e) {
    LOGGER.error("verfiy error", e);
    return false;
  }
}
项目:ipack    文件:PSSSignatureSpi.java   
protected void engineUpdate(
    byte[]  b,
    int     off,
    int     len) 
    throws SignatureException
{
    pss.update(b, off, len);
}
项目:bitcoinj-thin    文件:BtcECKey.java   
/**
 * Given an arbitrary piece of text and a Bitcoin-format message signature encoded in base64, returns an ECKey
 * containing the public key that was used to sign it. This can then be compared to the expected public key to
 * determine if the signature was correct. These sorts of signatures are compatible with the Bitcoin-Qt/bitcoind
 * format generated by signmessage/verifymessage RPCs and GUI menu options. They are intended for humans to verify
 * their communications with each other, hence the base64 format and the fact that the input is text.
 *
 * @param message Some piece of human readable text.
 * @param signatureBase64 The Bitcoin-format message signature in base64
 * @throws SignatureException If the public key could not be recovered or if there was a signature format error.
 */
public static BtcECKey signedMessageToKey(String message, String signatureBase64) throws SignatureException {
    byte[] signatureEncoded;
    try {
        signatureEncoded = Base64.decode(signatureBase64);
    } catch (RuntimeException e) {
        // This is what you get back from Bouncy Castle if base64 doesn't decode :(
        throw new SignatureException("Could not decode base64", e);
    }
    // Parse the signature bytes into r/s and the selector value.
    if (signatureEncoded.length < 65)
        throw new SignatureException("Signature truncated, expected 65 bytes and got " + signatureEncoded.length);
    int header = signatureEncoded[0] & 0xFF;
    // The header byte: 0x1B = first key with even y, 0x1C = first key with odd y,
    //                  0x1D = second key with even y, 0x1E = second key with odd y
    if (header < 27 || header > 34)
        throw new SignatureException("Header byte out of range: " + header);
    BigInteger r = new BigInteger(1, Arrays.copyOfRange(signatureEncoded, 1, 33));
    BigInteger s = new BigInteger(1, Arrays.copyOfRange(signatureEncoded, 33, 65));
    ECDSASignature sig = new ECDSASignature(r, s);
    byte[] messageBytes = Utils.formatMessageForSigning(message);
    // Note that the C++ code doesn't actually seem to specify any character encoding. Presumably it's whatever
    // JSON-SPIRIT hands back. Assume UTF-8 for now.
    Sha256Hash messageHash = Sha256Hash.twiceOf(messageBytes);
    boolean compressed = false;
    if (header >= 31) {
        compressed = true;
        header -= 4;
    }
    int recId = header - 27;
    BtcECKey key = BtcECKey.recoverFromSignature(recId, sig, messageHash, compressed);
    if (key == null)
        throw new SignatureException("Could not recover public key from signature");
    return key;
}
项目:openjdk-jdk10    文件:SignatureTest.java   
private static void checkSignature(byte[] data, PublicKey pub,
        PrivateKey priv, String sigalg) throws NoSuchAlgorithmException,
        InvalidKeyException, SignatureException, NoSuchProviderException {
    Signature sig = Signature.getInstance(sigalg, PROVIDER);
    sig.initSign(priv);
    for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {
        sig.update(data);
    }
    byte[] signedData = sig.sign();

    // Make sure signature verifies with original data
    sig.initVerify(pub);
    for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {
        sig.update(data);
    }
    if (!sig.verify(signedData)) {
        throw new RuntimeException("Failed to verify " + sigalg
                + " signature");
    }

    // Make sure signature does NOT verify when the original data
    // has changed
    sig.initVerify(pub);
    for (int i = 0; i < UPDATE_TIMES_FIFTY; i++) {
        sig.update(data);
    }

    if (sig.verify(signedData)) {
        throw new RuntimeException("Failed to detect bad " + sigalg
                + " signature");
    }
}
项目:openjdk-jdk10    文件:RSASignature.java   
@Override
protected void engineUpdate(byte[] b, int off, int len)
        throws SignatureException {
    if (offset + len > precomputedDigest.length) {
        offset = RAW_RSA_MAX + 1;
        return;
    }
    System.arraycopy(b, off, precomputedDigest, offset, len);
    offset += len;
}
项目:jdk8u-jdk    文件:SignatureFileVerifier.java   
/**
 * Given the PKCS7 block and SignerInfo[], create an array of
 * CodeSigner objects. We do this only *once* for a given
 * signature block file.
 */
private CodeSigner[] getSigners(SignerInfo infos[], PKCS7 block)
    throws IOException, NoSuchAlgorithmException, SignatureException,
        CertificateException {

    ArrayList<CodeSigner> signers = null;

    for (int i = 0; i < infos.length; i++) {

        SignerInfo info = infos[i];
        ArrayList<X509Certificate> chain = info.getCertificateChain(block);
        CertPath certChain = certificateFactory.generateCertPath(chain);
        if (signers == null) {
            signers = new ArrayList<CodeSigner>();
        }
        // Append the new code signer
        signers.add(new CodeSigner(certChain, info.getTimestamp()));

        if (debug != null) {
            debug.println("Signature Block Certificate: " +
                chain.get(0));
        }
    }

    if (signers != null) {
        return signers.toArray(new CodeSigner[signers.size()]);
    } else {
        return null;
    }
}
项目:OpenJSharp    文件:SignatureECDSA.java   
/** @inheritDoc */
protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
    try {
        this.signatureAlgorithm.update(buf, offset, len);
    } catch (SignatureException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
项目:mi-firma-android    文件:CeresSignatureImpl.java   
/** {@inheritDoc} */
@Override
protected boolean engineVerify(final byte[] sigBytes) throws SignatureException {
    if (this.signatureVerifier == null) {
        throw new SignatureException("La verificacion no esta inicializada"); //$NON-NLS-1$
    }
    this.signatureVerifier.update(this.data.toByteArray());
    this.data.reset();
    return this.signatureVerifier.verify(sigBytes);
}
项目:ipack    文件:ISOSignatureSpi.java   
protected byte[] engineSign()
    throws SignatureException
{
    try
    {
        byte[]  sig = signer.generateSignature();

        return sig;
    }
    catch (Exception e)
    {
        throw new SignatureException(e.toString());
    }
}
项目:VerifySignedJar    文件:VerifyJarHelper.java   
private boolean verifyJarSignature(JarFile jar) throws IOException, NoSuchAlgorithmException, SignatureException,
        InvalidKeyException, CertificateException, NoSuchProviderException {
    SignatureBean sgb = getSpecifyFileBytes(jar);
    if (sgb == null) {
        return false;
    }
    PKCS7 p7 = new PKCS7(sgb.getRsaFileBytes());
    SignerInfo[] sis = p7.verify(sgb.getSfFileBytes());

    if (sis == null)
        return false;
    else
        return true;
}
项目:Ships    文件:DigitalSignature.java   
public boolean verify(final String data,final String base64encodedSignature) {
    final String tag="verify - ";
    boolean result=false;

    try {
        final Signature sig = Signature.getInstance(CryptConstants.ALGORITHM_SIGNATURE);
        sig.initVerify(retrievePublicKey());
        sig.update(data.getBytes());
        result = sig.verify(Base64.decode(base64encodedSignature,Base64.DEFAULT));
    } catch (SignatureException | NoSuchAlgorithmException | InvalidKeyException | IllegalArgumentException e) {
        Log.e(TAG, tag, e);
    }

    return result;
}
项目:jdk8u-jdk    文件:RSASignature.java   
@Override
protected byte[] getDigestValue() throws SignatureException {
    if (offset > RAW_RSA_MAX) {
        throw new SignatureException("Message digest is too long");
    }

    // Determine the digest algorithm from the digest length
    if (offset == 20) {
        setDigestName("SHA1");
    } else if (offset == 36) {
        setDigestName("SHA1+MD5");
    } else if (offset == 32) {
        setDigestName("SHA-256");
    } else if (offset == 48) {
        setDigestName("SHA-384");
    } else if (offset == 64) {
        setDigestName("SHA-512");
    } else if (offset == 16) {
        setDigestName("MD5");
    } else {
        throw new SignatureException(
            "Message digest length is not supported");
    }

    byte[] result = new byte[offset];
    System.arraycopy(precomputedDigest, 0, result, 0, offset);
    offset = 0;

    return result;
}
项目:ipack    文件:JcaEACSignatureVerifierBuilder.java   
public void write(int b)
    throws IOException
{
    try
    {
        sig.update((byte)b);
    }
    catch (SignatureException e)
    {
        throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
    }
}
项目:jdk8u-jdk    文件:RSASignature.java   
@Override
protected void engineUpdate(byte[] b, int off, int len)
        throws SignatureException {
    if (offset + len > precomputedDigest.length) {
        offset = RAW_RSA_MAX + 1;
        return;
    }
    System.arraycopy(b, off, precomputedDigest, offset, len);
    offset += len;
}
项目:OpenJSharp    文件:PKCS10.java   
/**
 * Parses an encoded, signed PKCS #10 certificate request, verifying
 * the request's signature as it does so.  This constructor would
 * typically be used by a Certificate Authority, from which a new
 * certificate would then be constructed.
 *
 * @param data the DER-encoded PKCS #10 request.
 * @exception IOException for low level errors reading the data
 * @exception SignatureException when the signature is invalid
 * @exception NoSuchAlgorithmException when the signature
 *  algorithm is not supported in this environment
 */
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
    DerInputStream  in;
    DerValue[]      seq;
    AlgorithmId     id;
    byte[]          sigData;
    Signature       sig;

    encoded = data;

    //
    // Outer sequence:  request, signature algorithm, signature.
    // Parse, and prepare to verify later.
    //
    in = new DerInputStream(data);
    seq = in.getSequence(3);

    if (seq.length != 3)
        throw new IllegalArgumentException("not a PKCS #10 request");

    data = seq[0].toByteArray();            // reusing this variable
    id = AlgorithmId.parse(seq[1]);
    sigData = seq[2].getBitString();

    //
    // Inner sequence:  version, name, key, attributes
    //
    BigInteger      serial;
    DerValue        val;

    serial = seq[0].data.getBigInteger();
    if (!serial.equals(BigInteger.ZERO))
        throw new IllegalArgumentException("not PKCS #10 v1");

    subject = new X500Name(seq[0].data);
    subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());

    // Cope with a somewhat common illegal PKCS #10 format
    if (seq[0].data.available() != 0)
        attributeSet = new PKCS10Attributes(seq[0].data);
    else
        attributeSet = new PKCS10Attributes();

    if (seq[0].data.available() != 0)
        throw new IllegalArgumentException("illegal PKCS #10 data");

    //
    // OK, we parsed it all ... validate the signature using the
    // key and signature algorithm we found.
    //
    try {
        sig = Signature.getInstance(id.getName());
        sig.initVerify(subjectPublicKeyInfo);
        sig.update(data);
        if (!sig.verify(sigData))
            throw new SignatureException("Invalid PKCS #10 signature");
    } catch (InvalidKeyException e) {
        throw new SignatureException("invalid key");
    }
}
项目:cas-server-4.2.1    文件:MockX509CRL.java   
/**
 * @see java.security.cert.X509CRL#verify(java.security.PublicKey, java.lang.String)
 */
@Override
public void verify(final PublicKey key, final String sigProvider) throws CRLException,
NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
SignatureException {
    // Do nothing to indicate valid signature
}
项目:ipack    文件:X509Util.java   
static byte[] calculateSignature(
    DERObjectIdentifier sigOid,
    String              sigName,
    String              provider,
    PrivateKey          key,
    SecureRandom        random,
    ASN1Encodable       object)
    throws IOException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, SignatureException
{
    Signature sig;

    if (sigOid == null)
    {
        throw new IllegalStateException("no signature algorithm specified");
    }

    sig = X509Util.getSignatureInstance(sigName, provider);

    if (random != null)
    {
        sig.initSign(key, random);
    }
    else
    {
        sig.initSign(key);
    }

    sig.update(object.toASN1Primitive().getEncoded(ASN1Encoding.DER));

    return sig.sign();
}
项目:ipack    文件:X509V2CRLGenerator.java   
/**
 * generate an X509 CRL, based on the current issuer and subject
 * using the default provider "BC".
 * @deprecated use generate(key, "BC")
 */
public X509CRL generateX509CRL(
    PrivateKey      key)
    throws SecurityException, SignatureException, InvalidKeyException
{
    try
    {
        return generateX509CRL(key, "BC", null);
    }
    catch (NoSuchProviderException e)
    {
        throw new SecurityException("BC provider not installed!");
    }
}
项目:OpenJSharp    文件:SignatureBaseRSA.java   
/** @inheritDoc */
protected void engineUpdate(byte input) throws XMLSignatureException {
    try {
        this.signatureAlgorithm.update(input);
    } catch (SignatureException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
项目:state-channels    文件:RtbValidator.java   
private Stream<ChannelTransaction> validateTransactions(StreamEx<ChannelTransaction> transactions) {
    return transactions.filter(
        tr -> {
            try {
                tr.setSender(tr.getSignerAddress());
            } catch (SignatureException e) {
                log.debug("Bad signature: {}", tr, e);
                return false;
            }
            return true;
        }
    );
}
项目:mi-firma-android    文件:DnieSignatureImpl.java   
/** {@inheritDoc} */
@Override
protected boolean engineVerify(final byte[] sigBytes) throws SignatureException {
    if (this.signatureVerifier == null) {
        throw new SignatureException("La verificacion no esta inicializada"); //$NON-NLS-1$
    }
    this.signatureVerifier.update(this.data.toByteArray());
    this.data.reset();
    return this.signatureVerifier.verify(sigBytes);
}
项目:javaide    文件:SignedJarBuilder.java   
@Override
public void write(byte[] b, int off, int len) throws IOException {
    try {
        mSignature.update(b, off, len);
    } catch (SignatureException e) {
        throw new IOException("SignatureException: " + e);
    }
    super.write(b, off, len);
    mCount += len;
}