/** * Signs a payload and returns a {@link ProtocolSignature} object * representing the signature. * @param payload the bits that are to be signed. * @return the {@link SignerInfo} object. */ public ProtocolSignature sign(byte[] payload) { try { Signature signer = Signature.getInstance( AlgorithmUtil.getJceName(algorithm)); signer.initSign(signingKey); signer.update(payload); return ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(signer.sign())) .setSignerId(ByteString.copyFrom(signerInfo.getSignerId())) .setSignatureAlgorithm(algorithm) .build(); } catch (java.security.SignatureException e) { // This is thrown if the signer object isn't properly initialized. // Since we just made that object from scratch and initialized it, this // really shouldn't happen throw new IllegalStateException(e); } catch (InvalidKeyException e) { // we checked for this in the constructor - this really shouldn't happen throw new IllegalStateException(e); } catch (NoSuchAlgorithmException e) { // we checked for this in the constructor - this really shouldn't happen throw new IllegalStateException(e); } }
public void testSpeed() throws Exception { storeSignerInfo(ImmutableList.of(CertConstantUtil.SERVER_PUB_CERT, CertConstantUtil.INTERMEDIATE_PUB_CERT)); ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); long start = System.currentTimeMillis(); long ops = 0; while (System.currentTimeMillis() < start + 1000L) { verifier.verify(MESSAGE, signature, AUTHORITY); ++ops; } long stop = System.currentTimeMillis(); System.out.println(String.format("%.2f ms per verification", (stop-start)/ (double)ops)); }
public void testSpeed() throws Exception { storeSignerInfo(ImmutableList.of(CertConstantUtil.SERVER_PUB_CERT, CertConstantUtil.INTERMEDIATE_PUB_CERT)); ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); long start = System.currentTimeMillis(); long ops = 0; while (System.currentTimeMillis() < start + 1000L) { verifier.verify(MESSAGE, signature, AUTHORITY); ++ops; } long stop = System.currentTimeMillis(); System.out.println(String.format("%.2f ms per verification", (stop-start)/ (double)ops)); }
protected WaveletDeltaRecord createRecord() { HashedVersion targetVersion = HashedVersion.of(0, new byte[] {3, 2, 1}); HashedVersion resultingVersion = HashedVersion.of(2, new byte[] {1, 2, 3}); List<WaveletOperation> ops = ImmutableList.of(UTIL.noOp(), UTIL.addParticipant(TestingConstants.OTHER_PARTICIPANT)); TransformedWaveletDelta transformed = TransformedWaveletDelta.cloneOperations( TestingConstants.PARTICIPANT, resultingVersion, 1234567890, ops); ProtocolWaveletDelta serializedDelta = CoreWaveletOperationSerializer.serialize(transformed); ProtocolSignature signature = ProtocolSignature.newBuilder().setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .setSignatureBytes(ByteString.copyFrom(new byte[] {1, 2, 3})).setSignerId( ByteString.copyFromUtf8("somebody")).build(); ProtocolSignedDelta signedDelta = ProtocolSignedDelta.newBuilder().setDelta( ByteStringMessage.serializeMessage(serializedDelta).getByteString()).addAllSignature( ImmutableList.of(signature)).build(); ProtocolAppliedWaveletDelta delta = ProtocolAppliedWaveletDelta.newBuilder().setApplicationTimestamp(1234567890) .setHashedVersionAppliedAt(CoreWaveletOperationSerializer.serialize(targetVersion)) .setSignedOriginalDelta(signedDelta).setOperationsApplied(2).build(); return new WaveletDeltaRecord(targetVersion, ByteStringMessage.serializeMessage(delta), transformed); }
protected WaveletDeltaRecord createRecord() { HashedVersion targetVersion = HashedVersion.of(0, new byte[] {3, 2, 1}); HashedVersion resultingVersion = HashedVersion.of(2, new byte[] {1, 2, 3}); List<WaveletOperation> ops = ImmutableList.of(UTIL.noOp(), UTIL.addParticipant(TestingConstants.OTHER_PARTICIPANT)); TransformedWaveletDelta transformed = TransformedWaveletDelta.cloneOperations( TestingConstants.PARTICIPANT, resultingVersion, 1234567890, ops); ProtocolWaveletDelta serializedDelta = CoreWaveletOperationSerializer.serialize(transformed); ProtocolSignature signature = ProtocolSignature.newBuilder().setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .setSignatureBytes(ByteString.copyFrom(new byte[] {1, 2, 3})).setSignerId( ByteString.copyFromUtf8("somebody")).build(); ProtocolSignedDelta signedDelta = ProtocolSignedDelta.newBuilder().setDelta( ByteStringMessage.serializeMessage(serializedDelta).getByteString()).addAllSignature( ImmutableList.of(signature)).build(); ProtocolAppliedWaveletDelta delta = ProtocolAppliedWaveletDelta.newBuilder().setApplicationTimestamp(1234567890) .setHashedVersionAppliedAt(CoreWaveletOperationSerializer.serialize(targetVersion)) .setSignedOriginalDelta(signedDelta).setOperationsApplied(2).build(); return new WaveletDeltaRecord(targetVersion, ByteStringMessage.serializeMessage(delta), transformed); }
public void testVerify_badCertChain() throws Exception { byte[] id = storeSignerInfo(ImmutableList.of( CertConstantUtil.SERVER_PUB_CERT)); // missing the intermediate cert ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(id)) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); try { verifier.verify(MESSAGE, signature, AUTHORITY); fail("expected exception, but didn't get it"); } catch (SignatureException e) { // expected } }
public void testVerify_tamperedPayload() throws Exception { storeSignerInfo(ImmutableList.of(CertConstantUtil.SERVER_PUB_CERT, CertConstantUtil.INTERMEDIATE_PUB_CERT)); ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); try { verifier.verify("hullo".getBytes(), signature, AUTHORITY); fail("expected exception, but didn't get it"); } catch (SignatureException e) { // expected } }
public void testVerify_badCertChain() throws Exception { byte[] id = storeSignerInfo(ImmutableList.of( CertConstantUtil.SERVER_PUB_CERT)); // missing the intermediate cert ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(id)) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); try { verifier.verify(MESSAGE, signature, AUTHORITY); fail("expected exception, but didn't get it"); } catch (SignatureException e) { // expected } }
public void testVerify_tamperedPayload() throws Exception { storeSignerInfo(ImmutableList.of(CertConstantUtil.SERVER_PUB_CERT, CertConstantUtil.INTERMEDIATE_PUB_CERT)); ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); try { verifier.verify("hullo".getBytes(), signature, AUTHORITY); fail("expected exception, but didn't get it"); } catch (SignatureException e) { // expected } }
public void testVerify_wrongAuthority() throws Exception { storeSignerInfo(ImmutableList.of(CertConstantUtil.SERVER_PUB_CERT, CertConstantUtil.INTERMEDIATE_PUB_CERT)); ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); try { verifier.verify(MESSAGE, signature, "some_other_authority.com"); fail("expected exception, but didn't get it"); } catch (SignatureException e) { // expected } }
public void testVerify_wrongAuthority() throws Exception { storeSignerInfo(ImmutableList.of(CertConstantUtil.SERVER_PUB_CERT, CertConstantUtil.INTERMEDIATE_PUB_CERT)); ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); try { verifier.verify(MESSAGE, signature, "some_other_authority.com"); fail("expected exception, but didn't get it"); } catch (SignatureException e) { // expected } }
public void testVerify_signerNotInStore() throws Exception { ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); try { verifier.verify(MESSAGE, signature, AUTHORITY); fail("expected exception, but didn't get it"); } catch (UnknownSignerException e) { // expected } }
public void testVerify_signerNotInStore() throws Exception { ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); try { verifier.verify(MESSAGE, signature, AUTHORITY); fail("expected exception, but didn't get it"); } catch (UnknownSignerException e) { // expected } }
private ProtocolSignature getRealSignature() throws Exception { return ProtocolSignature.newBuilder() .setSignerId(ByteString.copyFrom(Certificates.getRealSignerInfo().getSignerId())) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .setSignatureBytes(ByteString.copyFrom(Certificates.REAL_SIGNATURE)) .build(); }
private ProtocolSignature getRealSignature() throws Exception { return ProtocolSignature.newBuilder() .setSignerId(ByteString.copyFrom(Certificates.getRealSignerInfo().getSignerId())) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .setSignatureBytes(ByteString.copyFrom(Certificates.REAL_SIGNATURE)) .build(); }
public void testVerify() throws Exception { storeSignerInfo(ImmutableList.of(CertConstantUtil.SERVER_PUB_CERT, CertConstantUtil.INTERMEDIATE_PUB_CERT)); ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); verifier.verify(MESSAGE, signature, AUTHORITY); }
public void testVerify() throws Exception { storeSignerInfo(ImmutableList.of(CertConstantUtil.SERVER_PUB_CERT, CertConstantUtil.INTERMEDIATE_PUB_CERT)); ProtocolSignature signature = ProtocolSignature.newBuilder() .setSignatureBytes(ByteString.copyFrom(deBase64(SIGNATURE))) .setSignerId(ByteString.copyFrom(deBase64(SIGNER_ID))) .setSignatureAlgorithm(SignatureAlgorithm.SHA1_RSA) .build(); verifier.verify(MESSAGE, signature, AUTHORITY); }