From 6eebf3f29b9658a4e74ab1d1f90146c8e029c736 Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Mon, 28 Jun 2021 17:28:50 +0200 Subject: - option to use a dedicated security provider implementation --- .../org/uic/barcode/dynamicFrame/DynamicFrame.java | 32 +++++++++++++++++++++- .../uic/barcode/dynamicFrame/Level2DataType.java | 21 ++++++++++++++ 2 files changed, 52 insertions(+), 1 deletion(-) (limited to 'src/main/java/org/uic/barcode/dynamicFrame') diff --git a/src/main/java/org/uic/barcode/dynamicFrame/DynamicFrame.java b/src/main/java/org/uic/barcode/dynamicFrame/DynamicFrame.java index 375e2c6..1d96d05 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/DynamicFrame.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/DynamicFrame.java @@ -4,6 +4,7 @@ import java.security.InvalidKeyException; import java.security.KeyFactory; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; +import java.security.Provider; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; @@ -111,6 +112,18 @@ public class DynamicFrame extends Object{ * */ public int validateLevel2() { + + return validateLevel2(null); + + } + + /** + * Verify the level 2 signature + * + * Note: an appropriate security provider (e.g. BC) must be registered before + * + */ + public int validateLevel2(Provider prov) { String level2KeyAlg = this.getLevel2SignedData().getLevel1Data().level2KeyAlg; @@ -155,7 +168,11 @@ public class DynamicFrame extends Object{ Signature sig; try { - sig = Signature.getInstance(algo); + if (prov == null) { + sig = Signature.getInstance(algo); + } else { + sig = Signature.getInstance(algo, prov); + } } catch (NoSuchAlgorithmException e) { return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; } @@ -262,6 +279,19 @@ public class DynamicFrame extends Object{ this.level2Signature = new OctetString(sig.sign()); } + + public void signLevel2(PrivateKey key, Provider prov) throws Exception { + + //find the algorithm name for the signature OID + String algo = AlgorithmNameResolver.getSignatureAlgorithmName(this.getLevel2SignedData().getLevel1Data().level2SigningAlg); + Signature sig = Signature.getInstance(algo,prov); + sig.initSign(key); + byte[] data = level2SignedData.encode(); + sig.update(data); + this.level2Signature = new OctetString(sig.sign()); + + } + public void addLevel2DynamicData(UicDynamicContentDataFDC1 dynamicData) { this.getLevel2SignedData().setLevel2Data( dynamicData.getDataType()); diff --git a/src/main/java/org/uic/barcode/dynamicFrame/Level2DataType.java b/src/main/java/org/uic/barcode/dynamicFrame/Level2DataType.java index dbd25ce..8c3cd60 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/Level2DataType.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/Level2DataType.java @@ -1,6 +1,7 @@ package org.uic.barcode.dynamicFrame; import java.security.PrivateKey; +import java.security.Provider; import java.security.Signature; import org.uic.barcode.asn1.datatypes.Asn1Optional; @@ -95,6 +96,26 @@ public class Level2DataType { this.level1Signature = new OctetString(sig.sign()); } + /** + * Sign the contained data block. + * + * Note: an appropriate security provider (e.g. BC) must be registered before + * + * @param key the key + * @param security provider - security provider that must be sued to create the signature + * @return + * @return the byte[] + * @throws Exception + */ + public void signLevel1(PrivateKey key, Provider prov) throws Exception { + //find the algorithm name for the signature OID + String algo = AlgorithmNameResolver.getSignatureAlgorithmName(getLevel1Data().level1SigningAlg); + Signature sig = Signature.getInstance(algo, prov); + sig.initSign(key); + byte[] data = level1Data.encode(); + sig.update(data); + this.level1Signature = new OctetString(sig.sign()); + } } -- cgit v1.2.3