Created
April 27, 2021 14:44
-
-
Save bblfish/24e5f0538b4b18a61eecbe679051a51a to your computer and use it in GitHub Desktop.
Test Example from Message Signature Spec
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.nio.charset.StandardCharsets | |
| import java.security.spec.{PKCS8EncodedKeySpec, X509EncodedKeySpec} | |
| import java.security.KeyFactory | |
| import java.util.Base64 | |
| val singleSlsh = raw"\\\n *".r | |
| //java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider) | |
| def rfc8792single(str: String) = singleSlsh.replaceAllIn(str.stripMargin,"") | |
| def base64Decode(str: String) = Base64.getDecoder.decode(str) | |
| //set up keys: | |
| val testKeyPSSPubStr: String = | |
| """MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4tmm3r20Wd/PbqvP1s2\ | |
| |+QEtvpuRaV8Yq40gjUR8y2Rjxa6dpG2GXHbPfvMs8ct+Lh1GH45x28Rw3Ry53mm+\ | |
| |oAXjyQ86OnDkZ5N8lYbggD4O3w6M6pAvLkhk95AndTrifbIFPNU8PPMO7OyrFAHq\ | |
| |gDsznjPFmTOtCEcN2Z1FpWgchwuYLPL+Wokqltd11nqqzi+bJ9cvSKADYdUAAN5W\ | |
| |Utzdpiy6LbTgSxP7ociU4Tn0g5I6aDZJ7A8Lzo0KSyZYoA485mqcO0GVAdVw9lq4\ | |
| |aOT9v6d+nb4bnNkQVklLQ3fVAvJm+xdDOp9LCNCN48V2pnDOkFV6+U9nV5oyc6XI\ | |
| |2wIDAQAB""" | |
| val testKeyPSSPrivStr: String = | |
| """MIIEvgIBADALBgkqhkiG9w0BAQoEggSqMIIEpgIBAAKCAQEAr4tmm3r20Wd/Pbqv\ | |
| |P1s2+QEtvpuRaV8Yq40gjUR8y2Rjxa6dpG2GXHbPfvMs8ct+Lh1GH45x28Rw3Ry5\ | |
| |3mm+oAXjyQ86OnDkZ5N8lYbggD4O3w6M6pAvLkhk95AndTrifbIFPNU8PPMO7Oyr\ | |
| |FAHqgDsznjPFmTOtCEcN2Z1FpWgchwuYLPL+Wokqltd11nqqzi+bJ9cvSKADYdUA\ | |
| |AN5WUtzdpiy6LbTgSxP7ociU4Tn0g5I6aDZJ7A8Lzo0KSyZYoA485mqcO0GVAdVw\ | |
| |9lq4aOT9v6d+nb4bnNkQVklLQ3fVAvJm+xdDOp9LCNCN48V2pnDOkFV6+U9nV5oy\ | |
| |c6XI2wIDAQABAoIBAQCUB8ip+kJiiZVKF8AqfB/aUP0jTAqOQewK1kKJ/iQCXBCq\ | |
| |pbo360gvdt05H5VZ/RDVkEgO2k73VSsbulqezKs8RFs2tEmU+JgTI9MeQJPWcP6X\ | |
| |aKy6LIYs0E2cWgp8GADgoBs8llBq0UhX0KffglIeek3n7Z6Gt4YFge2TAcW2WbN4\ | |
| |XfK7lupFyo6HHyWRiYHMMARQXLJeOSdTn5aMBP0PO4bQyk5ORxTUSeOciPJUFktQ\ | |
| |HkvGbym7KryEfwH8Tks0L7WhzyP60PL3xS9FNOJi9m+zztwYIXGDQuKM2GDsITeD\ | |
| |2mI2oHoPMyAD0wdI7BwSVW18p1h+jgfc4dlexKYRAoGBAOVfuiEiOchGghV5vn5N\ | |
| |RDNscAFnpHj1QgMr6/UG05RTgmcLfVsI1I4bSkbrIuVKviGGf7atlkROALOG/xRx\ | |
| |DLadgBEeNyHL5lz6ihQaFJLVQ0u3U4SB67J0YtVO3R6lXcIjBDHuY8SjYJ7Ci6Z6\ | |
| |vuDcoaEujnlrtUhaMxvSfcUJAoGBAMPsCHXte1uWNAqYad2WdLjPDlKtQJK1diCm\ | |
| |rqmB2g8QE99hDOHItjDBEdpyFBKOIP+NpVtM2KLhRajjcL9Ph8jrID6XUqikQuVi\ | |
| |4J9FV2m42jXMuioTT13idAILanYg8D3idvy/3isDVkON0X3UAVKrgMEne0hJpkPL\ | |
| |FYqgetvDAoGBAKLQ6JZMbSe0pPIJkSamQhsehgL5Rs51iX4m1z7+sYFAJfhvN3Q/\ | |
| |OGIHDRp6HjMUcxHpHw7U+S1TETxePwKLnLKj6hw8jnX2/nZRgWHzgVcY+sPsReRx\ | |
| |NJVf+Cfh6yOtznfX00p+JWOXdSY8glSSHJwRAMog+hFGW1AYdt7w80XBAoGBAImR\ | |
| |NUugqapgaEA8TrFxkJmngXYaAqpA0iYRA7kv3S4QavPBUGtFJHBNULzitydkNtVZ\ | |
| |3w6hgce0h9YThTo/nKc+OZDZbgfN9s7cQ75x0PQCAO4fx2P91Q+mDzDUVTeG30mE\ | |
| |t2m3S0dGe47JiJxifV9P3wNBNrZGSIF3mrORBVNDAoGBAI0QKn2Iv7Sgo4T/XjND\ | |
| |dl2kZTXqGAk8dOhpUiw/HdM3OGWbhHj2NdCzBliOmPyQtAr770GITWvbAI+IRYyF\ | |
| |S7Fnk6ZVVVHsxjtaHy1uJGFlaZzKR4AGNaUTOJMs6NadzCmGPAxNQQOCqoUjn4XR\ | |
| |rOjr9w349JooGXhOxbu8nOxX""" | |
| //interpret keys | |
| val testKeyPSSpub = KeyFactory.getInstance("RSA") | |
| .generatePublic(new X509EncodedKeySpec(base64Decode(rfc8792single(testKeyPSSPubStr)))) | |
| val testKeyPSSpriv = KeyFactory.getInstance("RSASSA-PSS") | |
| .generatePrivate(new PKCS8EncodedKeySpec(base64Decode(rfc8792single(testKeyPSSPrivStr)))) | |
| val sigInputStr = | |
| """"host": example.com | |
| |"date": Tue, 20 Apr 2021 02:07:55 GMT | |
| |"content-type": application/json | |
| |"@signature-params": ("host" "date" "content-type");created=1618884475;keyid="test-key-rsa-pss"""".stripMargin | |
| val signature = "NtIKWuXjr4SBEXj97gbick4O95ff378I0CZOa2VnIeEXZ1itzAdqTp"+ | |
| "SvG91XYrq5CfxCmk8zz1Zg7ZGYD+ngJyVn805r73rh2eFCPO+ZXDs45Is/Ex8srzGC9sf"+ | |
| "VZfqeEfApRFFe5yXDmANVUwzFWCEnGM6+SJVmWl1/jyEn45qA6Hw+ZDHbrbp6qvD4N0S9"+ | |
| "2jlPyVVEh/SmCwnkeNiBgnbt+E0K5wCFNHPbo4X1Tj406W+bTtnKzaoKxBWKW8aIQ7rg9"+ | |
| "2zqE1oqBRjqtRi5/Q6P5ZYYGGINKzNyV3UjZtxeZNnNJ+MAnWS0mofFqcZHVgSU/1wUzP"+ | |
| "7MhzOKLca1Yg==" | |
| println(signature) | |
| val sigBytes = Base64.getDecoder.decode(signature) | |
| val javaSig: java.security.Signature = { | |
| // also tried see [[https://tools.ietf.org/html/rfc7518 JSON Web Algorithms (JWA) RFC]] | |
| // com.nimbusds.jose.crypto.impl.RSASSA.getSignerAndVerifier(JWSAlgorithm.PS512, new BouncyCastleProvider() ) | |
| val rsapss = java.security.Signature.getInstance("RSASSA-PSS") | |
| import java.security.spec.{PSSParameterSpec, MGF1ParameterSpec} | |
| val pssSpec = new PSSParameterSpec( | |
| "SHA-512", "MGF1", MGF1ParameterSpec.SHA512, 512 / 8, 1) | |
| println("PSSParameterSpec=" + pssSpec) | |
| rsapss.setParameter(pssSpec) | |
| rsapss | |
| } | |
| javaSig.initVerify(testKeyPSSpub) | |
| javaSig.update(sigInputStr.getBytes(StandardCharsets.US_ASCII)) | |
| javaSig.verify(sigBytes.toArray) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment