update
This commit is contained in:
parent
430a04837f
commit
8d227b26d3
4 changed files with 233 additions and 110 deletions
|
|
@ -45,19 +45,20 @@ public class StartupValidator implements ApplicationContextInitializer<Configura
|
|||
try {
|
||||
|
||||
final var message = properties.getProperty("index") + ":" + Instant.now()
|
||||
.toEpochMilli() * 1_000_000;
|
||||
.toEpochMilli() * 1_000_000;
|
||||
final var encryptedData = KeyUtils.encryptDataWithAESGCM(message, KeyUtils.generateSharedSecret(
|
||||
KeyUtils.stringToPrivateKey(env.getProperty("my-private-key")),
|
||||
KeyUtils.stringToPublicKey(env.getProperty("license-server-public-key"))));
|
||||
KeyUtils.stringToPrivateKey(env.getProperty("my-private-key")),
|
||||
KeyUtils.stringToPublicKey(env.getProperty("license-server-public-key"))));
|
||||
|
||||
final var encrypted = Base64.getUrlEncoder()
|
||||
.encodeToString(encryptedData);
|
||||
.encodeToString(encryptedData);
|
||||
final var signature = KeyUtils.signMessage(message,
|
||||
KeyUtils.stringToPrivateKey(env.getProperty("my-private-key")));
|
||||
|
||||
responseCode = LicenseUtils.request(env.getProperty("license-server-endpoint"), resource.getInputStream(),
|
||||
env.getProperty("license-server-trust-password"),
|
||||
env.getProperty("my-id") + "." + encrypted + "." + signature);
|
||||
Base64.getUrlEncoder()
|
||||
.encodeToString(env.getProperty("my-id").getBytes()) + "." + encrypted + "." + signature);
|
||||
} catch (IOException e) {
|
||||
throw new IllegalStateException("IO exception for trust store!", e);
|
||||
}
|
||||
|
|
@ -86,12 +87,14 @@ public class StartupValidator implements ApplicationContextInitializer<Configura
|
|||
properties.setProperty("index", "");
|
||||
saveProperties(properties, filePath);
|
||||
}
|
||||
|
||||
private void saveProperties(Properties properties,
|
||||
String filePath) throws IOException {
|
||||
try (FileOutputStream fos = new FileOutputStream(filePath)) {
|
||||
properties.store(fos, "Updated properties file");
|
||||
}
|
||||
}
|
||||
|
||||
private void loadProperties(Properties properties,
|
||||
String filePath) throws IOException {
|
||||
try (FileInputStream fis = new FileInputStream(filePath)) {
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ public final class KeyUtils {
|
|||
// Print Results
|
||||
System.out.println("Original Message: " + originalMessage);
|
||||
System.out.println("Encrypted (Base64): " + Base64.getUrlEncoder()
|
||||
.encodeToString(encryptedData));
|
||||
.encodeToString(encryptedData));
|
||||
System.out.println("Decrypted Message: " + decryptedMessage);
|
||||
|
||||
String signature = signMessage(originalMessage, stringToPrivateKey(senderPrivateKeyToString));
|
||||
|
|
@ -143,38 +143,53 @@ public final class KeyUtils {
|
|||
}
|
||||
|
||||
// Decrypt data using AES-GCM
|
||||
private static String decryptDataWithAESGCM(byte[] encryptedDataWithIv,
|
||||
SecretKey sharedSecret) throws Exception {
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
|
||||
public static String decryptDataWithAESGCM(byte[] encryptedDataWithIv,
|
||||
SecretKey sharedSecret) {
|
||||
|
||||
// Extract IV
|
||||
byte[] iv = new byte[12];
|
||||
System.arraycopy(encryptedDataWithIv, 0, iv, 0, iv.length);
|
||||
byte[] encryptedData = new byte[encryptedDataWithIv.length - iv.length];
|
||||
System.arraycopy(encryptedDataWithIv, iv.length, encryptedData, 0, encryptedData.length);
|
||||
try {
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
|
||||
|
||||
// Decrypt
|
||||
GCMParameterSpec spec = new GCMParameterSpec(128, iv);
|
||||
cipher.init(Cipher.DECRYPT_MODE, sharedSecret, spec);
|
||||
byte[] decryptedData = cipher.doFinal(encryptedData);
|
||||
// Extract IV
|
||||
byte[] iv = new byte[12];
|
||||
System.arraycopy(encryptedDataWithIv, 0, iv, 0, iv.length);
|
||||
byte[] encryptedData = new byte[encryptedDataWithIv.length - iv.length];
|
||||
System.arraycopy(encryptedDataWithIv, iv.length, encryptedData, 0, encryptedData.length);
|
||||
|
||||
return new String(decryptedData);
|
||||
// Decrypt
|
||||
GCMParameterSpec spec = new GCMParameterSpec(128, iv);
|
||||
cipher.init(Cipher.DECRYPT_MODE, sharedSecret, spec);
|
||||
byte[] decryptedData = cipher.doFinal(encryptedData);
|
||||
|
||||
return new String(decryptedData);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new RuntimeException("NoSuchAlgorithmException!", e);
|
||||
} catch (NoSuchPaddingException e) {
|
||||
throw new RuntimeException("NoSuchPaddingException!", e);
|
||||
} catch (InvalidKeyException e) {
|
||||
throw new RuntimeException("InvalidKeyException!", e);
|
||||
} catch (InvalidAlgorithmParameterException e) {
|
||||
throw new RuntimeException("InvalidAlgorithmParameterException!", e);
|
||||
} catch (IllegalBlockSizeException e) {
|
||||
throw new RuntimeException("IllegalBlockSizeException!", e);
|
||||
} catch (BadPaddingException e) {
|
||||
throw new RuntimeException("BadPaddingException!", e);
|
||||
}
|
||||
}
|
||||
|
||||
private static String privateKeyToString(PrivateKey privateKey) {
|
||||
return Base64.getUrlEncoder()
|
||||
.encodeToString(privateKey.getEncoded());
|
||||
.encodeToString(privateKey.getEncoded());
|
||||
}
|
||||
|
||||
private static String publicKeyToString(PublicKey publicKey) {
|
||||
return Base64.getUrlEncoder()
|
||||
.encodeToString(publicKey.getEncoded());
|
||||
.encodeToString(publicKey.getEncoded());
|
||||
}
|
||||
|
||||
public static PrivateKey stringToPrivateKey(String privateKeyStr) {
|
||||
try {
|
||||
byte[] keyBytes = Base64.getUrlDecoder()
|
||||
.decode(privateKeyStr);
|
||||
.decode(privateKeyStr);
|
||||
KeyFactory keyFactory = KeyFactory.getInstance("EC");
|
||||
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
|
||||
return keyFactory.generatePrivate(keySpec);
|
||||
|
|
@ -188,7 +203,7 @@ public final class KeyUtils {
|
|||
public static PublicKey stringToPublicKey(String publicKeyStr) {
|
||||
try {
|
||||
byte[] keyBytes = Base64.getUrlDecoder()
|
||||
.decode(publicKeyStr);
|
||||
.decode(publicKeyStr);
|
||||
KeyFactory keyFactory = KeyFactory.getInstance("EC");
|
||||
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
|
||||
return keyFactory.generatePublic(keySpec);
|
||||
|
|
@ -207,7 +222,7 @@ public final class KeyUtils {
|
|||
signature.update(message.getBytes());
|
||||
byte[] signedBytes = signature.sign();
|
||||
return Base64.getUrlEncoder()
|
||||
.encodeToString(signedBytes);
|
||||
.encodeToString(signedBytes);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new RuntimeException("NoSuchAlgorithmException!", e);
|
||||
} catch (InvalidKeyException e) {
|
||||
|
|
@ -218,14 +233,22 @@ public final class KeyUtils {
|
|||
}
|
||||
|
||||
// Verify the signature
|
||||
private static boolean verifySignature(String message,
|
||||
public static boolean verifySignature(String message,
|
||||
String signatureStr,
|
||||
PublicKey publicKey) throws Exception {
|
||||
Signature signature = Signature.getInstance("SHA256withECDSA");
|
||||
signature.initVerify(publicKey);
|
||||
signature.update(message.getBytes());
|
||||
byte[] signatureBytes = Base64.getUrlDecoder()
|
||||
.decode(signatureStr);
|
||||
return signature.verify(signatureBytes);
|
||||
PublicKey publicKey) {
|
||||
try {
|
||||
Signature signature = Signature.getInstance("SHA256withECDSA");
|
||||
signature.initVerify(publicKey);
|
||||
signature.update(message.getBytes());
|
||||
byte[] signatureBytes = Base64.getUrlDecoder()
|
||||
.decode(signatureStr);
|
||||
return signature.verify(signatureBytes);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new RuntimeException("NoSuchAlgorithmException!", e);
|
||||
} catch (InvalidKeyException e) {
|
||||
throw new RuntimeException("InvalidKeyException!", e);
|
||||
} catch (SignatureException e) {
|
||||
throw new RuntimeException("SignatureException!", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue