1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
| | package net.curisit.securis;
| |
| | import java.io.File;
| | import java.io.IOException;
| | import java.io.UnsupportedEncodingException;
| | import java.security.InvalidKeyException;
| | import java.security.KeyFactory;
| | import java.security.KeyPair;
| | import java.security.NoSuchAlgorithmException;
| | import java.security.PrivateKey;
| | import java.security.PublicKey;
| | import java.security.Signature;
| | import java.security.SignatureException;
| | import java.security.spec.InvalidKeySpecException;
| | import java.security.spec.PKCS8EncodedKeySpec;
| | import java.security.spec.X509EncodedKeySpec;
| | import java.util.Date;
| |
| | import net.curisit.securis.beans.LicenseBean;
| | import net.curisit.securis.beans.RequestBean;
| | import net.curisit.securis.utils.JsonUtils;
| | import net.curisit.securis.utils.Params;
| |
| | import org.apache.commons.io.FileUtils;
| | import org.apache.commons.net.util.Base64;
| | import org.apache.log4j.xml.DOMConfigurator;
| | import org.slf4j.Logger;
| | import org.slf4j.LoggerFactory;
| |
| | //import net.curisit.common.ui.Dialogs;
| |
| | /**
| | * digital Signature utilities
| | *
| | * @author roberto <roberto.sanchez@curisit.net>
| | */
| | public class SignatureHelper {
| |
| | private static final Logger log = LoggerFactory.getLogger(SignatureHelper.class);
| | private static String AUX = "hEDhryRjs2QRE";
| |
| | private static SignatureHelper singleton = new SignatureHelper();
| |
| | private static final String DEFAULT_ALGORITHM = "RSA";
| | protected static final String SIGNATURE_GENERATION_ALGORITHM = "SHA256withRSA";
| |
| | private SignatureHelper() {
| | }
| |
| | public static SignatureHelper getInstance() {
| | return singleton;
| | }
| |
| | protected void prepareSignature(Signature signature, LicenseBean licBean) throws SeCurisException {
| | try {
| | log.info("JSON: {}", JsonUtils.toJSON(licBean));
| | signature.update(JsonUtils.toJSON(licBean).getBytes("utf-8"));
| | signature.update(AUX.getBytes("utf-8"));
| | } catch (SignatureException | UnsupportedEncodingException e) {
| | throw new SeCurisException("Error generating or validating signature", e);
| | }
| | }
| |
| | public void validateSignature(LicenseBean licBean) throws SeCurisException {
| | Signature signature;
| | try {
| | signature = Signature.getInstance(SIGNATURE_GENERATION_ALGORITHM);
| | signature.initVerify(generatePublicKey());
| |
| | prepareSignature(signature, licBean);
| |
| | if (signature.verify(Base64.decodeBase64(licBean.getSignature())))
| | return;
| | } catch (NoSuchAlgorithmException e) {
| | log.error("Error validating license for " + licBean, e);
| | } catch (InvalidKeyException e) {
| | log.error("Error validating license for " + licBean, e);
| | } catch (InvalidKeySpecException e) {
| | log.error("Error validating license for " + licBean, e);
| | } catch (IOException e) {
| | log.error("Error validating license for " + licBean, e);
| | } catch (SignatureException e) {
| | log.error("Error validating license for " + licBean, e);
| | }
| | throw new SeCurisException("License could not be validated");
| |
| | }
| |
| | private PublicKey generatePublicKey() throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
| | return generatePublicKey(new File(Params.get(Params.KEYS.PUBLIC_KEY_FILE, System.getenv("SECURIS_PUBLIC_KEY_FILE"))));
| | }
| |
| | private PublicKey generatePublicKey(File publicKeyFile) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
| | String pubKeyBase64 = FileUtils.readFileToString(publicKeyFile);
| | int from = pubKeyBase64.indexOf('\n');
| | int to = pubKeyBase64.indexOf("-----END", from);
| | pubKeyBase64 = pubKeyBase64.substring(from, to);
| |
| | KeyFactory keyFactory = KeyFactory.getInstance(DEFAULT_ALGORITHM);
| | X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(Base64.decodeBase64(pubKeyBase64));
| | PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
| | log.info("Public key read sucessfully from file: {}", publicKeyFile.getAbsolutePath());
| | return publicKey;
| | }
| |
| | protected PrivateKey generatePrivateKey(File privateKeyFile) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
| | String privKeyBase64 = FileUtils.readFileToString(privateKeyFile);
| | int from = privKeyBase64.indexOf('\n');
| | int to = privKeyBase64.indexOf("-----END", from);
| | privKeyBase64 = privKeyBase64.substring(from, to);
| |
| | KeyFactory keyFactory = KeyFactory.getInstance(DEFAULT_ALGORITHM);
| | PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privKeyBase64));
| | PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);
| |
| | return privateKey;
| | }
| |
| | private KeyPair generateKeyPair(File privateKeyFile, File publicKeyFile) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
| |
| | PublicKey publicKey = generatePublicKey(publicKeyFile);
| | PrivateKey privateKey = generatePrivateKey(privateKeyFile);
| |
| | KeyPair kp = new KeyPair(publicKey, privateKey);
| | return kp;
| | }
| |
| | public static void main(String[] args) throws SeCurisException {
| | // org.apache.log4j.Logger.getRootLogger().addAppender(new Appender);
| | DOMConfigurator.configure("/Users/cproberto/Documents/wsCurisIT/SeCurisClient/src/main/resources/log4j.xml");
| | RequestBean req = ReqGenerator.getInstance().createRequest("CI", "Roberto");
| |
| | LicenseGenerator lg = LicenseGenerator.getInstance();
| | LicenseBean lic = lg.generateLicense(req, 12, new Date(new Date().getTime() + 24 * 3600 * 1000 * 10));
| | System.out.println(JsonUtils.toJSON(lic, true));
| | System.out.println(JsonUtils.toJSON(lic));
| | }
| |
| | static {
| | byte[] s = new byte[]
| | { 64, -31, -81, 36, 99, -77, 100, 17, 16, -119, 31, 72, 123, -88, -32, 51, 39, -96, -35, 116, -65, 8, 41, -119, -108, -34, 41, 19, 26, -102, -16, -120, -96, 1, -5, -26, -13, 61, -121, 94, 59, 54, 110, 110, -55, 127, -106 };
| | AUX = Base64.encodeBase64String(s);
| | }
| | }
|
|
