From e670f1fdbc43f0d0854896a1afe2815f8a9f4c87 Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Mon, 11 Apr 2022 15:06:48 +0200 Subject: fixing DOSIPAS algorithm names and supported EC curves --- .../dynamicFrame/api/SimpleDynamicFrame.java | 43 +++++++++++++++++----- 1 file changed, 34 insertions(+), 9 deletions(-) (limited to 'src/main/java/org/uic/barcode/dynamicFrame') diff --git a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java index a05a936..ef31166 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java @@ -20,6 +20,7 @@ import org.uic.barcode.dynamicFrame.v1.DynamicFrameCoderV1; import org.uic.barcode.dynamicFrame.v2.DynamicFrameCoderV2; import org.uic.barcode.ticket.EncodingFormatException; import org.uic.barcode.utils.AlgorithmNameResolver; +import org.uic.barcode.utils.SecurityUtils; @@ -132,13 +133,15 @@ public class SimpleDynamicFrame implements IDynamicFrame { * * Note: an appropriate security provider (e.g. BC) must be registered before * - * @param prov the registered security provider + * @param provider the registered security provider * @return the return error code * @throws EncodingFormatException */ @Override public int validateLevel2(Provider prov) throws EncodingFormatException { + Provider provider = prov; + if (getLevel2Data() == null || getLevel2Data().getLevel1Data() == null || getLevel2Data().getLevel1Data().getLevel2KeyAlg() == null @@ -159,7 +162,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { String keyAlgName = null; try { - keyAlgName = AlgorithmNameResolver.getName(AlgorithmNameResolver.TYPE_KEY_GENERATOR_ALG, level2KeyAlg,prov); + keyAlgName = AlgorithmNameResolver.getName(AlgorithmNameResolver.TYPE_KEY_GENERATOR_ALG, level2KeyAlg,provider); } catch (Exception e1) { return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED; } @@ -171,7 +174,20 @@ public class SimpleDynamicFrame implements IDynamicFrame { try { byte[] keyBytes = this.getLevel2Data().getLevel1Data().getLevel2publicKey(); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes); - key = KeyFactory.getInstance(keyAlgName).generatePublic(keySpec); + + KeyFactory keyFactory = null; + if (provider == null) { + keyFactory = SecurityUtils.findKeyFactory(level2KeyAlg, keyBytes); + provider = keyFactory.getProvider(); + } else { + keyFactory = KeyFactory.getInstance(keyAlgName,provider); + } + if (keyFactory != null) { + key = keyFactory.generatePublic(keySpec); + } else { + return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED; + } + } catch (InvalidKeySpecException e1) { return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED; } catch (NoSuchAlgorithmException e1) { @@ -183,7 +199,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { String sigAlgName = null; try { - sigAlgName = AlgorithmNameResolver.getName(AlgorithmNameResolver.TYPE_SIGNATURE_ALG,level2SigAlg,prov); + sigAlgName = AlgorithmNameResolver.getSignatureAlgorithmName(level2SigAlg,provider); } catch (Exception e1) { return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; } @@ -191,12 +207,12 @@ public class SimpleDynamicFrame implements IDynamicFrame { return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; } - Signature sig; + Signature sig = null; try { - if (prov == null) { + if (provider == null) { sig = Signature.getInstance(sigAlgName); } else { - sig = Signature.getInstance(sigAlgName, prov); + sig = Signature.getInstance(sigAlgName,provider); } } catch (NoSuchAlgorithmException e) { return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; @@ -321,7 +337,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { } else { return Constants.LEVEL1_VALIDATION_FRAUD; } - } catch (SignatureException e) { + } catch (Exception e) { return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; } } @@ -344,6 +360,9 @@ public class SimpleDynamicFrame implements IDynamicFrame { //find the algorithm name for the signature OID String algo = AlgorithmNameResolver.getSignatureAlgorithmName(this.getLevel2Data().getLevel1Data().getLevel2SigningAlg(), prov); Signature sig = null; + if (prov == null) { + prov = SecurityUtils.findPrivateKeyProvider(key); + } if (prov != null) { sig = Signature.getInstance(algo,prov); } else { @@ -438,10 +457,16 @@ public class SimpleDynamicFrame implements IDynamicFrame { ILevel1Data level1Data = level2Data.getLevel1Data(); if (level1Data == null) return; + + if (prov == null) { + //check for a provider supporting the key + prov = SecurityUtils.findPrivateKeyProvider(key); + } //find the algorithm name for the signature OID - String algo = AlgorithmNameResolver.getSignatureAlgorithmName(level1Data.getLevel1SigningAlg()); + String algo = AlgorithmNameResolver.getSignatureAlgorithmName(level1Data.getLevel1SigningAlg(), prov); Signature sig = null; + if (prov != null) { sig = Signature.getInstance(algo, prov); } else { -- cgit v1.2.3 From 6ef85723cca938e298b318dc6d564318b83ab4ba Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Mon, 11 Apr 2022 16:30:32 +0200 Subject: use one provider only within validation --- .../org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'src/main/java/org/uic/barcode/dynamicFrame') diff --git a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java index ef31166..a8d7a0f 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java @@ -272,6 +272,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { return Constants.LEVEL1_VALIDATION_NO_SIGNATURE; } + byte[] signature = this.getLevel2Data().getLevel1Signature(); @@ -288,7 +289,13 @@ public class SimpleDynamicFrame implements IDynamicFrame { if (signingAlgorithmOid == null || signingAlgorithmOid.length() == 0) { return Constants.LEVEL1_VALIDATION_NO_SIGNATURE; - } + } + + if (prov == null) { + prov = SecurityUtils.findSignatureProvider(key.getEncoded(), signingAlgorithmOid); + } + + //find the algorithm name for the signature OID String algo = null; try { @@ -312,6 +319,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; } try { + key = SecurityUtils.convert(key, prov); sig.initVerify(key); } catch (InvalidKeyException e) { return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; -- cgit v1.2.3 From 58bafb860b060c609a01815657b4df22ce8fbffc Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Tue, 12 Apr 2022 12:54:16 +0200 Subject: test on algorithm name resolver --- .../dynamicFrame/api/SimpleDynamicFrame.java | 15 +++--- .../uic/barcode/dynamicFrame/v2/DynamicFrame.java | 56 ---------------------- 2 files changed, 6 insertions(+), 65 deletions(-) (limited to 'src/main/java/org/uic/barcode/dynamicFrame') diff --git a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java index a8d7a0f..59ccd52 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/api/SimpleDynamicFrame.java @@ -150,6 +150,7 @@ public class SimpleDynamicFrame implements IDynamicFrame { } String level2KeyAlg = getLevel2Data().getLevel1Data().getLevel2KeyAlg(); + String level2SigAlg = this.getLevel2Data().getLevel1Data().getLevel2SigningAlg(); if (level2KeyAlg == null || level2KeyAlg.length() == 0) { @@ -173,16 +174,13 @@ public class SimpleDynamicFrame implements IDynamicFrame { PublicKey key = null; try { byte[] keyBytes = this.getLevel2Data().getLevel1Data().getLevel2publicKey(); - X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes); - KeyFactory keyFactory = null; if (provider == null) { - keyFactory = SecurityUtils.findKeyFactory(level2KeyAlg, keyBytes); - provider = keyFactory.getProvider(); - } else { - keyFactory = KeyFactory.getInstance(keyAlgName,provider); - } + provider = SecurityUtils.findPublicKeyProvider(level2KeyAlg,keyBytes); + } + KeyFactory keyFactory = KeyFactory.getInstance(keyAlgName,provider); if (keyFactory != null) { + X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes); key = keyFactory.generatePublic(keySpec); } else { return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED; @@ -194,9 +192,8 @@ public class SimpleDynamicFrame implements IDynamicFrame { return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED; } - //find the algorithm name for the signature OID - String level2SigAlg = this.getLevel2Data().getLevel1Data().getLevel2SigningAlg(); + //find the algorithm name for the signature OID String sigAlgName = null; try { sigAlgName = AlgorithmNameResolver.getSignatureAlgorithmName(level2SigAlg,provider); diff --git a/src/main/java/org/uic/barcode/dynamicFrame/v2/DynamicFrame.java b/src/main/java/org/uic/barcode/dynamicFrame/v2/DynamicFrame.java index 55af066..30043c0 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/v2/DynamicFrame.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/v2/DynamicFrame.java @@ -123,43 +123,6 @@ public class DynamicFrame extends Object{ } - /** - * Sign level 2 data without a specific security provider. - * - * @param key the key - * @throws Exception the exception - */ - public void signLevel2(PrivateKey key) throws Exception { - - //find the algorithm name for the signature OID - String algo = AlgorithmNameResolver.getSignatureAlgorithmName(this.getLevel2SignedData().getLevel1Data().level2SigningAlg); - Signature sig = Signature.getInstance(algo); - sig.initSign(key); - byte[] data = level2SignedData.encode(); - sig.update(data); - byte[] signature = sig.sign(); - this.level2Signature = new OctetString(signature); - - } - - /** - * Sign level 2 data. - * - * @param key the key - * @param prov the security Provider - * @throws Exception the exception - */ - public void signLevel2(PrivateKey key, Provider prov) throws Exception { - - //find the algorithm name for the signature OID - String algo = AlgorithmNameResolver.getSignatureAlgorithmName(this.getLevel2SignedData().getLevel1Data().level2SigningAlg); - Signature sig = Signature.getInstance(algo,prov); - sig.initSign(key); - byte[] data = level2SignedData.encode(); - sig.update(data); - this.level2Signature = new OctetString(sig.sign()); - - } /** @@ -207,24 +170,5 @@ public class DynamicFrame extends Object{ } - /** - * Gets the dynamic data FDC 1. - * - * @return the dynamic data FDC 1 - */ - public UicDynamicContentDataFDC1 getDynamicDataFDC1() { - - if (this.getLevel2SignedData() == null || - this.getLevel2SignedData().getLevel2Data() == null){ - return null; - } - - if ( UicDynamicContentDataFDC1.getFormat().equals(this.getLevel2SignedData().getLevel2Data().getFormat())) { - return UperEncoder.decode(this.getLevel2SignedData().getLevel2Data().getByteData(), UicDynamicContentDataFDC1.class); - } - return null; - - } - } -- cgit v1.2.3 From c830c865409321401504ac1ca296ced194811a16 Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Tue, 12 Apr 2022 14:12:55 +0200 Subject: test on car carriage cleanup --- .../uic/barcode/dynamicFrame/v2/DynamicFrame.java | 52 ---------------------- .../barcode/dynamicFrame/v2/Level2DataType.java | 44 ------------------ 2 files changed, 96 deletions(-) (limited to 'src/main/java/org/uic/barcode/dynamicFrame') diff --git a/src/main/java/org/uic/barcode/dynamicFrame/v2/DynamicFrame.java b/src/main/java/org/uic/barcode/dynamicFrame/v2/DynamicFrame.java index 30043c0..cb5c37a 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/v2/DynamicFrame.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/v2/DynamicFrame.java @@ -1,8 +1,5 @@ package org.uic.barcode.dynamicFrame.v2; -import java.security.PrivateKey; -import java.security.Provider; -import java.security.Signature; import org.uic.barcode.asn1.datatypes.Asn1Optional; import org.uic.barcode.asn1.datatypes.CharacterRestriction; import org.uic.barcode.asn1.datatypes.FieldOrder; @@ -14,7 +11,6 @@ import org.uic.barcode.dynamicContent.api.DynamicContentCoder; import org.uic.barcode.dynamicContent.api.IUicDynamicContent; import org.uic.barcode.dynamicContent.fdc1.UicDynamicContentDataFDC1; import org.uic.barcode.ticket.EncodingFormatException; -import org.uic.barcode.utils.AlgorithmNameResolver; /** @@ -122,53 +118,5 @@ public class DynamicFrame extends Object{ return UperEncoder.decode(bytes, DynamicFrame.class); } - - - /** - * Adds the dynamic content and encodes it. (API level) - * - * @param content the dynamic content - * @throws EncodingFormatException the encoding format exception - */ - public void addDynamicContent(IUicDynamicContent content) throws EncodingFormatException { - - - this.getLevel2SignedData().setLevel2Data(new DataType()); - - this.getLevel2SignedData().getLevel2Data().setFormat(DynamicContentCoder.dynamicContentDataFDC1); - - this.getLevel2SignedData().getLevel2Data().setByteData(DynamicContentCoder.encode(content, DynamicContentCoder.dynamicContentDataFDC1)); - - } - - /** - * Adds the level 2 dynamic data. (ASN level) - * - * @param dynamicData the dynamic data - */ - public void addLevel2DynamicData(UicDynamicContentDataFDC1 dynamicData) { - DataType dt = new DataType(); - dt.setByteData(dynamicData.getDataType().getByteData()); - dt.setFormat(dynamicData.getDataType().getFormat()); - level2SignedData.setLevel2Data(dt); - } - - /** - * Gets the dynamic content. - * - * @return the dynamic content - */ - public IUicDynamicContent getDynamicContent() { - - if (this.getLevel2SignedData() == null || - this.getLevel2SignedData().getLevel2Data() == null){ - return null; - } - - return DynamicContentCoder.decode(this.getLevel2SignedData().getLevel2Data().getByteData()); - - } - - } diff --git a/src/main/java/org/uic/barcode/dynamicFrame/v2/Level2DataType.java b/src/main/java/org/uic/barcode/dynamicFrame/v2/Level2DataType.java index cd0800e..262fa2f 100644 --- a/src/main/java/org/uic/barcode/dynamicFrame/v2/Level2DataType.java +++ b/src/main/java/org/uic/barcode/dynamicFrame/v2/Level2DataType.java @@ -1,15 +1,10 @@ package org.uic.barcode.dynamicFrame.v2; -import java.security.PrivateKey; -import java.security.Provider; -import java.security.Signature; - import org.uic.barcode.asn1.datatypes.Asn1Optional; import org.uic.barcode.asn1.datatypes.FieldOrder; import org.uic.barcode.asn1.datatypes.Sequence; import org.uic.barcode.asn1.datatypesimpl.OctetString; import org.uic.barcode.asn1.uper.UperEncoder; -import org.uic.barcode.utils.AlgorithmNameResolver; /** * The Class DataType. @@ -76,46 +71,7 @@ public class Level2DataType { return UperEncoder.encode(this); } - /** - * Sign the contained data block. - * - * Note: an appropriate security provider (e.g. BC) must be registered before - * - * @param key the key - * @return - * @return the byte[] - * @throws Exception - */ - public void signLevel1(PrivateKey key) throws Exception { - //find the algorithm name for the signature OID - String algo = AlgorithmNameResolver.getSignatureAlgorithmName(getLevel1Data().level1SigningAlg); - Signature sig = Signature.getInstance(algo); - sig.initSign(key); - byte[] data = level1Data.encode(); - sig.update(data); - this.level1Signature = new OctetString(sig.sign()); - } - /** - * Sign the contained data block. - * - * Note: an appropriate security provider (e.g. BC) must be registered before - * - * @param key the key - * @param security provider - security provider that must be sued to create the signature - * @return - * @return the byte[] - * @throws Exception - */ - public void signLevel1(PrivateKey key, Provider prov) throws Exception { - //find the algorithm name for the signature OID - String algo = AlgorithmNameResolver.getSignatureAlgorithmName(getLevel1Data().level1SigningAlg); - Signature sig = Signature.getInstance(algo, prov); - sig.initSign(key); - byte[] data = level1Data.encode(); - sig.update(data); - this.level1Signature = new OctetString(sig.sign()); - } } -- cgit v1.2.3