Package org.ggp.base.util.crypto

Source Code of org.ggp.base.util.crypto.SignableJSON

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
package org.ggp.base.util.crypto;

import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;

import org.ggp.base.util.crypto.CanonicalJSON.CanonicalizationStrategy;

import external.JSON.JSONException;
import external.JSON.JSONObject;

public class SignableJSON {
    // If we need to use a canonicalization strategy that's not SIMPLE,
    // we can change this prefix to indicate that while still maintaining
    // backwards compatibility.
    static final String theCanonicalizationPrefix = "A";

    public static void signJSON(JSONObject theJSON, String thePK, String theSK) throws JSONException {
        if (theJSON.has("matchHostPK") || theJSON.has("matchHostSignature"))
            throw new RuntimeException("Already signed JSON! Cannot sign again.");

        theJSON.put("matchHostPK", thePK);
        String theSignature = BaseCryptography.signData(theSK, CanonicalJSON.getCanonicalForm(theJSON, CanonicalizationStrategy.SIMPLE));
        theJSON.put("matchHostSignature", theCanonicalizationPrefix + theSignature);
    }

    public static boolean isSignedJSON(JSONObject theJSON) throws JSONException {
        if (theJSON.has("matchHostPK") && theJSON.has("matchHostSignature"))
            return true;
        return false;
    }

    public static boolean verifySignedJSON(JSONObject theJSON) throws JSONException {
        if (!theJSON.has("matchHostPK") || !theJSON.has("matchHostSignature"))
            throw new RuntimeException("JSON not signed! Cannot verify.");

        String thePK = theJSON.getString("matchHostPK");

        String theSignature = theJSON.getString("matchHostSignature");
        if (!theSignature.startsWith(theCanonicalizationPrefix))
            return false;
        theSignature = theSignature.replaceFirst(theCanonicalizationPrefix, "");

        JSONObject tempObject = new JSONObject(theJSON.toString());
        tempObject.remove("matchHostSignature");
        try {
            return BaseCryptography.verifySignature(thePK, theSignature, CanonicalJSON.getCanonicalForm(tempObject, CanonicalizationStrategy.SIMPLE));
        } catch (InvalidKeyException e) {
        } catch (SignatureException e) {
        } catch (NoSuchAlgorithmException e) {
        } catch (UnsupportedEncodingException e) {
        }
        return false;
    }
}
TOP

Related Classes of org.ggp.base.util.crypto.SignableJSON

  • external.JSON.JSONObject
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.