From fc6a4042f7fca1828f0b8e267cfd660e6fe1d40a Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Tue, 22 Nov 2022 14:04:27 +0100 Subject: support for SSB barcodes SSB frame implenmentation including decoding, encoding, signing and verification --- .../java/org/uic/barcode/ssbFrame/SsbFrame.java | 282 +++++++++++++++++++++ 1 file changed, 282 insertions(+) create mode 100644 src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java (limited to 'src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java') diff --git a/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java new file mode 100644 index 0000000..b496b17 --- /dev/null +++ b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java @@ -0,0 +1,282 @@ +package org.uic.barcode.ssbFrame; + +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.Provider; +import java.security.PublicKey; +import java.security.Signature; +import java.security.SignatureException; +import java.security.Provider.Service; +import java.util.Arrays; + + +import org.uic.barcode.ticket.EncodingFormatException; +import org.uic.barcode.utils.AlgorithmNameResolver; +import org.uic.barcode.utils.SecurityUtils; + +public class SsbFrame { + + private SsbHeader header = null; + + private byte[] signaturePart1 = null; + + private byte[] signaturePart2 = null; + + private SsbNonUic nonUicData = null; + + private SsbNonReservation nonReservationData = null; + + private SsbReservation reservationData = null; + + private SsbGroup groupData = null; + + private SsbPass passData = null; + + public void decode(byte[] bytes) throws EncodingFormatException { + + if (bytes.length != 114) { + throw new EncodingFormatException("Data size does not fit to SSB"); + } + + header = new SsbHeader(); + header.decode(bytes); + + if (header.getTicketType().equals(SsbTicketType.UIC_1_IRT_RES_BOA)) { + + reservationData = new SsbReservation(); + reservationData.decode(bytes); + + } else if (header.getTicketType().equals(SsbTicketType.UIC_2_NRT)) { + + nonReservationData = new SsbNonReservation(); + nonReservationData.decode(bytes); + + } else if (header.getTicketType().equals(SsbTicketType.UIC_3_GRP)) { + + groupData = new SsbGroup(); + groupData.decode(bytes); + + } else if (header.getTicketType().equals(SsbTicketType.UIC_4_RPT)) { + + passData = new SsbPass(); + passData.decode(bytes); + + } else { + + nonUicData = new SsbNonUic(); + nonUicData.decode(bytes); + + } + + signaturePart1 = new byte[28]; + signaturePart2 = new byte[28]; + + for (int i = 0 ; i < 28;i++) { + signaturePart1[i] = bytes[59 + i]; + signaturePart2[i] = bytes[59 + 28 + i]; + } + + } + + public byte[] encode() throws EncodingFormatException { + + byte[] bytes = new byte[114]; + + header.encode(bytes); + + if (nonUicData != null) { + nonUicData.encode(bytes); + } else if (nonReservationData != null) { + nonReservationData.encode(bytes); + } else if (reservationData != null) { + reservationData.encode(bytes); + } else if (groupData != null) { + groupData.encode(bytes); + } else if (passData != null) { + passData.encode(bytes); + } else { + throw new EncodingFormatException("Data Content for SSB missing"); + }; + + for (int i = 0 ; i < 28;i++) { + bytes[59 + i] = signaturePart1[i]; + bytes[59 + 28 + i] = signaturePart2[i]; + } + + return bytes; + + } + + public byte[] getDataForSignature() throws EncodingFormatException { + + byte[] bytes = new byte[58]; + + header.encode(bytes); + + if (nonUicData != null) { + nonUicData.encode(bytes); + } else if (nonReservationData != null) { + nonReservationData.encode(bytes); + } else if (reservationData != null) { + reservationData.encode(bytes); + } else if (groupData != null) { + groupData.encode(bytes); + } else if (passData != null) { + passData.encode(bytes); + } else { + throw new EncodingFormatException("Data Content for SSB missing"); + }; + + return bytes; + + } + + public SsbHeader getHeader() { + return header; + } + + public void setHeader(SsbHeader header) { + this.header = header; + } + + public byte[] getSignaturePart1() { + return signaturePart1; + } + + public void setSignaturePart1(byte[] signaturePart1) { + this.signaturePart1 = signaturePart1; + } + + public byte[] getSignaturePart2() { + return signaturePart2; + } + + public void setSignaturePart2(byte[] signaturePart2) { + this.signaturePart2 = signaturePart2; + } + + public SsbNonUic getNonUicData() { + return nonUicData; + } + + public void setNonUicData(SsbNonUic nonUicData) { + this.nonUicData = nonUicData; + } + + public SsbNonReservation getNonReservationData() { + return nonReservationData; + } + + public void setNonReservationData(SsbNonReservation nonReservationData) { + this.nonReservationData = nonReservationData; + } + + public SsbReservation getReservationData() { + return reservationData; + } + + public void setReservationData(SsbReservation reservationData) { + this.reservationData = reservationData; + } + + public SsbGroup getGroupData() { + return groupData; + } + + public void setGroupData(SsbGroup groupData) { + this.groupData = groupData; + } + + public SsbPass getPassData() { + return passData; + } + + public void setPassData(SsbPass passData) { + this.passData = passData; + } + + public void signLevel1(PrivateKey key, Provider prov, String algorithmOid) throws Exception { + + + byte[] data = getDataForSignature(); + + if (prov == null) { + //check for a provider supporting the key + prov = SecurityUtils.findPrivateKeyProvider(key); + } + + //find the algorithm name for the signature OID + String algo = AlgorithmNameResolver.getSignatureAlgorithmName(algorithmOid, prov); + Signature sig = null; + + if (prov != null) { + sig = Signature.getInstance(algo, prov); + } else { + sig = Signature.getInstance(algo); + } + sig.initSign(key); + + sig.update(data); + + byte[] signature = sig.sign(); + + BigInteger[] bInts = SecurityUtils.decodeSignatureIntegerSequence(signature); + + signaturePart1 = toUnsignedBytes(bInts[0]); + + signaturePart2 = toUnsignedBytes(bInts[1]); + + + } + + private static byte[] toUnsignedBytes(BigInteger i) { + byte[] b = i.abs().toByteArray(); + //remove top sign bit + if (b[0] == 0) { + b = Arrays.copyOfRange(b, 1, b.length); + } + return b; + } + + /** + * Verify the signature + * + * Note: an appropriate security provider (e.g. BC) must be registered before + * + * @param key the key + * @param singningAlg the Object ID of the signing algorithm + * @param a dedicated security provider to validate the signature + * @return true, if successful + * @throws InvalidKeyException the invalid key exception + * @throws NoSuchAlgorithmException the no such algorithm exception + * @throws SignatureException the signature exception + * @throws IllegalArgumentException the illegal argument exception + * @throws UnsupportedOperationException the unsupported operating exception + * @throws EncodingFormatException + * @throws IOException + */ + public boolean verifyByAlgorithmOid(PublicKey key, String signingAlg, Provider prov) throws InvalidKeyException, NoSuchAlgorithmException, SignatureException, IllegalArgumentException, UnsupportedOperationException, IOException, EncodingFormatException { + //find the algorithm name for the signature OID + String algo = null; + Service service = prov.getService("Signature",signingAlg); + if (service != null) { + algo = service.getAlgorithm(); + } + if (algo == null) { + throw new NoSuchAlgorithmException("No service for algorithm found: " + signingAlg); + } + Signature sig = Signature.getInstance(algo); + sig.initVerify(key); + sig.update(getDataForSignature()); + + BigInteger r = new BigInteger(1,signaturePart1); + BigInteger s = new BigInteger(1,signaturePart2); + + byte[] signature = SecurityUtils.encodeSignatureIntegerSequence(r,s); + + return sig.verify(signature); + } +} -- cgit v1.2.3 From 37ddd3d075d0664de44f05639712869596bfb9cd Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Thu, 9 Mar 2023 16:30:19 +0100 Subject: ssb added to encoder and decoder --- .../java/org/uic/barcode/ssbFrame/SsbFrame.java | 32 ++++++++++++++++++---- 1 file changed, 26 insertions(+), 6 deletions(-) (limited to 'src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java') diff --git a/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java index b496b17..81b5eb4 100644 --- a/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java +++ b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java @@ -7,6 +7,7 @@ import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.Provider; import java.security.PublicKey; +import java.security.Security; import java.security.Signature; import java.security.SignatureException; import java.security.Provider.Service; @@ -198,16 +199,18 @@ public class SsbFrame { this.passData = passData; } - public void signLevel1(PrivateKey key, Provider prov, String algorithmOid) throws Exception { + public void signLevel1(PrivateKey key, Provider prov, String keyId, String algorithmOid) throws Exception { + this.header.setKeyId(Integer.parseInt(keyId)); + byte[] data = getDataForSignature(); if (prov == null) { //check for a provider supporting the key prov = SecurityUtils.findPrivateKeyProvider(key); } - + //find the algorithm name for the signature OID String algo = AlgorithmNameResolver.getSignatureAlgorithmName(algorithmOid, prov); Signature sig = null; @@ -261,10 +264,25 @@ public class SsbFrame { public boolean verifyByAlgorithmOid(PublicKey key, String signingAlg, Provider prov) throws InvalidKeyException, NoSuchAlgorithmException, SignatureException, IllegalArgumentException, UnsupportedOperationException, IOException, EncodingFormatException { //find the algorithm name for the signature OID String algo = null; - Service service = prov.getService("Signature",signingAlg); - if (service != null) { - algo = service.getAlgorithm(); - } + + if (prov != null) { + Service service = prov.getService("Signature",signingAlg); + if (service != null) { + algo = service.getAlgorithm(); + } + } else { + Provider[] provs = Security.getProviders(); + for (Provider p : provs) { + if (algo == null) { + Service service = p.getService("Signature",signingAlg); + if (service != null) { + algo = service.getAlgorithm(); + } + } + } + + } + if (algo == null) { throw new NoSuchAlgorithmException("No service for algorithm found: " + signingAlg); } @@ -279,4 +297,6 @@ public class SsbFrame { return sig.verify(signature); } + + } -- cgit v1.2.3 From 7ec06722923d96d2e51300bafb44b920ca341d58 Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Fri, 10 Mar 2023 16:49:58 +0100 Subject: ssb unit tests --- .../java/org/uic/barcode/ssbFrame/SsbFrame.java | 102 ++++++++++++++++----- 1 file changed, 77 insertions(+), 25 deletions(-) (limited to 'src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java') diff --git a/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java index 81b5eb4..1ee68bb 100644 --- a/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java +++ b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java @@ -20,7 +20,7 @@ import org.uic.barcode.utils.SecurityUtils; public class SsbFrame { - private SsbHeader header = null; + private SsbHeader header = new SsbHeader(); private byte[] signaturePart1 = null; @@ -42,33 +42,38 @@ public class SsbFrame { throw new EncodingFormatException("Data size does not fit to SSB"); } - header = new SsbHeader(); - header.decode(bytes); + if (header == null) { + header = new SsbHeader(); + } + + int offset = 0; + + offset = offset + header.decodeContent(bytes,0); if (header.getTicketType().equals(SsbTicketType.UIC_1_IRT_RES_BOA)) { reservationData = new SsbReservation(); - reservationData.decode(bytes); + offset = offset + reservationData.decodeContent(bytes,offset); } else if (header.getTicketType().equals(SsbTicketType.UIC_2_NRT)) { nonReservationData = new SsbNonReservation(); - nonReservationData.decode(bytes); + offset = offset + nonReservationData.decodeContent(bytes,offset); } else if (header.getTicketType().equals(SsbTicketType.UIC_3_GRP)) { groupData = new SsbGroup(); - groupData.decode(bytes); + offset = offset + groupData.decodeContent(bytes, offset); } else if (header.getTicketType().equals(SsbTicketType.UIC_4_RPT)) { passData = new SsbPass(); - passData.decode(bytes); + offset = offset + passData.decodeContent(bytes,offset); } else { nonUicData = new SsbNonUic(); - nonUicData.decode(bytes); + offset = offset + nonUicData.decodeContent(bytes,offset); } @@ -76,8 +81,8 @@ public class SsbFrame { signaturePart2 = new byte[28]; for (int i = 0 ; i < 28;i++) { - signaturePart1[i] = bytes[59 + i]; - signaturePart2[i] = bytes[59 + 28 + i]; + signaturePart1[i] = bytes[58 + i]; + signaturePart2[i] = bytes[58 + 28 + i]; } } @@ -86,27 +91,48 @@ public class SsbFrame { byte[] bytes = new byte[114]; - header.encode(bytes); + int offset = header.encodeContent(bytes,0); + + if (nonUicData != null) { - nonUicData.encode(bytes); + offset = nonUicData.encodeContent(bytes, offset); } else if (nonReservationData != null) { - nonReservationData.encode(bytes); + offset = nonReservationData.encodeContent(bytes, offset); } else if (reservationData != null) { - reservationData.encode(bytes); + offset = reservationData.encodeContent(bytes, offset); } else if (groupData != null) { - groupData.encode(bytes); + offset = groupData.encodeContent(bytes, offset); } else if (passData != null) { - passData.encode(bytes); + offset = passData.encodeContent(bytes, offset); } else { throw new EncodingFormatException("Data Content for SSB missing"); }; - for (int i = 0 ; i < 28;i++) { - bytes[59 + i] = signaturePart1[i]; - bytes[59 + 28 + i] = signaturePart2[i]; + + if (signaturePart1.length > 28) { + throw new EncodingFormatException("Signature too large"); + } + if (signaturePart2.length > 28) { + throw new EncodingFormatException("Signature too large"); } + for (int i = 1 ; i < 29; i++) { + int sigInd = signaturePart1.length - i; + if (sigInd < signaturePart1.length && sigInd >= 0) { + bytes[58 + 28 - i] = signaturePart1[sigInd]; + } else { + bytes[58 + 28 - i] = '\0'; + } + sigInd = signaturePart2.length - i; + if (sigInd < signaturePart2.length && sigInd >= 0) { + bytes[58 + 28 + 28 - i] = signaturePart2[sigInd]; + } else { + bytes[58 + 28 + 28 - i] = '\0'; + } + } + + return bytes; } @@ -115,18 +141,19 @@ public class SsbFrame { byte[] bytes = new byte[58]; - header.encode(bytes); + int offset = header.encodeContent(bytes,0); + if (nonUicData != null) { - nonUicData.encode(bytes); + offset = nonUicData.encodeContent(bytes, offset); } else if (nonReservationData != null) { - nonReservationData.encode(bytes); + offset = nonReservationData.encodeContent(bytes, offset); } else if (reservationData != null) { - reservationData.encode(bytes); + offset = reservationData.encodeContent(bytes, offset); } else if (groupData != null) { - groupData.encode(bytes); + offset = groupData.encodeContent(bytes, offset); } else if (passData != null) { - passData.encode(bytes); + offset = passData.encodeContent(bytes, offset); } else { throw new EncodingFormatException("Data Content for SSB missing"); }; @@ -165,6 +192,10 @@ public class SsbFrame { public void setNonUicData(SsbNonUic nonUicData) { this.nonUicData = nonUicData; + this.nonReservationData = null; + this.reservationData = null; + this.groupData = null; + this.passData = null; } public SsbNonReservation getNonReservationData() { @@ -173,6 +204,11 @@ public class SsbFrame { public void setNonReservationData(SsbNonReservation nonReservationData) { this.nonReservationData = nonReservationData; + header.setTicketType(SsbTicketType.UIC_2_NRT); + this.reservationData = null; + this.nonUicData = null; + this.groupData = null; + this.passData = null; } public SsbReservation getReservationData() { @@ -180,6 +216,11 @@ public class SsbFrame { } public void setReservationData(SsbReservation reservationData) { + header.setTicketType(SsbTicketType.UIC_1_IRT_RES_BOA); + this.nonReservationData = null; + this.nonUicData = null; + this.groupData = null; + this.passData = null; this.reservationData = reservationData; } @@ -189,6 +230,12 @@ public class SsbFrame { public void setGroupData(SsbGroup groupData) { this.groupData = groupData; + header.setTicketType(SsbTicketType.UIC_3_GRP); + this.nonReservationData = null; + this.nonUicData = null; + this.reservationData = null; + this.passData = null; + } public SsbPass getPassData() { @@ -197,6 +244,11 @@ public class SsbFrame { public void setPassData(SsbPass passData) { this.passData = passData; + header.setTicketType(SsbTicketType.UIC_4_RPT); + this.nonReservationData = null; + this.nonUicData = null; + this.groupData = null; + this.reservationData = null; } public void signLevel1(PrivateKey key, Provider prov, String keyId, String algorithmOid) throws Exception { -- cgit v1.2.3 From 94d0ba8bdd36c6621e2478fdb3bcf1c790369006 Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Mon, 13 Mar 2023 13:27:13 +0100 Subject: ssb non-standard signature encoding covered (decode only) --- .../java/org/uic/barcode/ssbFrame/SsbFrame.java | 29 +++++++++++++++++----- 1 file changed, 23 insertions(+), 6 deletions(-) (limited to 'src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java') diff --git a/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java index 1ee68bb..b473c1e 100644 --- a/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java +++ b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java @@ -1,5 +1,6 @@ package org.uic.barcode.ssbFrame; +import java.io.ByteArrayOutputStream; import java.io.IOException; import java.math.BigInteger; import java.security.InvalidKeyException; @@ -76,17 +77,33 @@ public class SsbFrame { offset = offset + nonUicData.decodeContent(bytes,offset); } - - signaturePart1 = new byte[28]; - signaturePart2 = new byte[28]; - for (int i = 0 ; i < 28;i++) { - signaturePart1[i] = bytes[58 + i]; - signaturePart2[i] = bytes[58 + 28 + i]; + byte[] signatureBytes = new byte[56]; + + try { + //check for non-standard signature encoding + BigInteger[] bInts = SecurityUtils.decodeSignatureIntegerSequence(signatureBytes); + byte[] sig = SecurityUtils.encodeSignatureIntegerSequence(bInts[0],bInts[1]); + signaturePart1 = bInts[0].toByteArray(); + signaturePart2 = bInts[1].toByteArray(); + //decoding the entire signature was ok, so there was no split + } catch (Exception e) { + //the signature is correctly implemented, continue with recombination + signaturePart1 = new byte[28]; + signaturePart2 = new byte[28]; + + for (int i = 0 ; i < 28;i++) { + signaturePart1[i] = bytes[58 + i]; + signaturePart2[i] = bytes[58 + 28 + i]; + } } + } + + + public byte[] encode() throws EncodingFormatException { byte[] bytes = new byte[114]; -- cgit v1.2.3