/** * Sign this object using a private key. * Does not check for ownership, objects signed with keys absent from @owner or @reader may be removed. * * @param {EcPpk} ppk Public private keypair. * @method signWith */ public void signWith(EcPpk ppk) { String signableJson = toSignableJson(); String signed = EcRsaOaep.sign(ppk, signableJson); if (signature != null) { for (int i = 0; i < signature.$length(); i++) if (signature.$get(i) == signed) return; } else { signature = new Array<String>(); } signature.push(signed); }
/** * Verifies that the contact grant is valid * * @return {boolean} * true if valid, false if not */ public boolean valid() { if (!verify()) return false; if (invalid()) return false; boolean found = false; for (int i = 0; i < EcIdentityManager.ids.$length(); i++) { if (EcRsaOaep.verify(EcIdentityManager.ids.$get(i).ppk.toPk(), responseToken, responseSignature)) found = true; } return found; }
private EbacEncryptedSecret tryDecryptSecretByKeyAndIndex(EcPpk decryptionKey, int j) { String decryptedSecret = null; decryptedSecret = EcRsaOaep.decrypt(decryptionKey, this.secret.$get(j)); if (EcLinkedData.isProbablyJson(decryptedSecret)) { EbacEncryptedSecret encryptedSecret = EbacEncryptedSecret.fromEncryptableJson(JSGlobal.JSON.parse(decryptedSecret)); return encryptedSecret; } return null; }
/** * Removes a reader from the object, if the reader does exist. * * @param {EcPk} oldReader PK of the old reader. * @memberOf EcEncryptedValue * @method removeReader */ public void removeReader(EcPk oldReader) { EbacEncryptedSecret payloadSecret = decryptSecret(); String pem = oldReader.toPem(); if (reader != null) { EcArray.setRemove(reader, pem); } if (payloadSecret == null) { Global.console.error("Cannot remove a Reader if you don't know the secret"); return; } secret = new Array<>(); if (owner != null) for (int i = 0;i < owner.$length();i++) EcArray.setAdd(secret, EcRsaOaep.encrypt(EcPk.fromPem(owner.$get(i)), payloadSecret.toEncryptableJson())); if (reader != null) for (int i = 0;i < reader.$length();i++) EcArray.setAdd(secret, EcRsaOaep.encrypt(EcPk.fromPem(reader.$get(i)), payloadSecret.toEncryptableJson())); }
/** * Adds a reader to the object, if the reader does not exist. * * @param {EcPk} newReader PK of the new reader. * @memberOf EcEncryptedValue * @method addReader */ public void addReader(EcPk newReader) { String pem = newReader.toPem(); if (reader == null) { reader = new Array<String>(); } for (int i = 0; i < reader.$length(); i++) { if (reader.$get(i) == pem) { return; } } EcArray.setAdd(reader,pem); EbacEncryptedSecret payloadSecret = decryptSecret(); if (payloadSecret == null) { Global.console.error("Cannot add a Reader if you don't know the secret"); return; } EcArray.setAdd(secret, EcRsaOaep.encrypt(newReader, payloadSecret.toEncryptableJson())); }
Boolean verify = false; try { verify = EcRsaOaep.verify(pk, toSignableJson(), sig); } catch (Exception ex) {
/** * Create a signature for a specific identity, authorizing movement of data * outside of our control. * * @param {long} duration Length of time in milliseconds to authorize * control. * @param {String} server Server that we are authorizing. * @param {EcPpk} ppk Key of the identity to create a signature for * @return {Ebac Signature} Signature created * @memberOf EcIdentityManager * @method createSignature * @static */ public static EbacSignature createSignature(long duration, String server, EcPpk ppk) { EbacSignature s = new EbacSignature(); s.owner = ppk.toPk().toPem(); s.expiry = new Date().getTime() + duration; s.server = server; s.signature = EcRsaOaep.sign(ppk, s.toJson()); return s; }
EcRsaOaep.encrypt( EcPk.fromPem(v.owner.$get(i)), eSecret.toEncryptableJson()
EcPk pk = EcPk.fromPem(owner); try { if (EcRsaOaep.verify(pk, d.toSignableJson(), signature)) { works = true; break;
v.secret = new Array<String>(); v.secret.push(EcRsaOaep.encrypt(EcPk.fromPem(v.owner.$get(i)), eSecret.toEncryptableJson()));