I have developed a JAVA application for signature verification as follows:
package read_key_pck;
import static java.nio.charset.StandardCharsets.UTF_8;
import java.util.Scanner;
import javax.xml.bind.DatatypeConverter;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class Main {
public final static String RESOURCES_DIR = "C:\\Users\\KX5710\\eclipse-workspace\\read_key\\src\\read_key_pck\\";
public static boolean verify(String plainText, String signature, PublicKey publicKey) throws Exception {
Signature publicSignature = Signature.getInstance("SHA256withRSA");
publicSignature.initVerify(publicKey);
publicSignature.update(plainText.getBytes(UTF_8));
byte[] signatureBytes = DatatypeConverter.parseHexBinary(signature);
return publicSignature.verify(signatureBytes);
}
public static void main(String[] args) throws Exception {
Security.addProvider(new BouncyCastleProvider());
PublicKey pub = null;
KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
try {
pub = generatePublicKey(factory, RESOURCES_DIR
+ "rsa_2048_pub.pem");
} catch (InvalidKeySpecException e) {
e.printStackTrace();
}
String encodedPublicKey = Base64.getEncoder().encodeToString(pub.getEncoded());
System.out.println("publickey: " + encodedPublicKey);
boolean isCorrect = verify(" 4 5.00 1.80", "54c5645616a8567d605bd990df0456913420fb630860316cf29bf57e19ef3102933ac948e672a4e3dfa8b7e20cc9eb44520aa8d8dc69143a5bc718a17a1d3f2dfc0084f172dbda6dd38e411e75100136d95d46e3d563c3a0aed062c40c6d17a5038ef0ad681622245bd2332008b1edca693b3418df1f5f86f09a6585d4af7da0d2ab44f5ce1c7ec8eed51696697b2674a881868be7163eda7c6562d02bdf069fcd66d483e8b22c5c976d27c04ffe38e62800eec17f1786b2f2161fcf44b91ba85a4486edb48a5c5a2f58dc1fa3969917eadabd7af753947de4a7f03034de09adb3b1cacb77e21444eee2d90944037606f84d0aa99f4794e8df8a2d0fbfff55c7", pub);
System.out.println("Signature verification: " + isCorrect);
}
private static PublicKey generatePublicKey(KeyFactory factory,
String filename) throws InvalidKeySpecException,
FileNotFoundException, IOException {
PemFile pemFile = new PemFile(filename);
byte[] content = pemFile.getPemObject().getContent();
X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(content);
return factory.generatePublic(pubKeySpec);
}
}
package read_key_pck;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
public class PemFile {
private PemObject pemObject;
public PemFile(String filename) throws FileNotFoundException, IOException {
PemReader pemReader = new PemReader(new InputStreamReader(
new FileInputStream(filename)));
try {
this.pemObject = pemReader.readPemObject();
} finally {
pemReader.close();
}
}
public PemObject getPemObject() {
return pemObject;
}
}
Now I want to develop an Apache Nifi Processor for this JAVA application; I have a sample code here :
https://github.com/pcgrenier/nifi-examples
However I do not know that I have to modify which parts of this sample code, since it is the first time i develop an Apache Nifi Processor.
Also When I want to run .bat file in cmd i.e. run-nifi.bat I get this error :
"The JAVA_HOME environment variable is not defined correctly. Instead
the PATH will be used to find the java executable."
Here is detailed guide for beginners https://community.hortonworks.com/articles/4318/build-custom-nifi-processor.html .
The above article is based on this video https://www.youtube.com/watch?v=3ldmNFlelhw
Briefly explanation:
You should create the new project from one of the NiFi maven archetype.
Modify generated processor to your needs.
Build the nar file and put it to NiFi.
Use it in NiFi.
Great that you're writing your own custom processor on NiFi. Couple of things that you have to keep in mind:
The core functionality that your processor intends to do goes inside the overridden onTrigger method.
Handling relationships of your processor (Failure/Success)
Couple of guides that would help in your quest:
http://www.nifi.rocks/developing-a-custom-apache-nifi-processor-json/
https://bryanbende.com/development/2015/02/04/custom-processors-for-apache-nifi
The first one provides you some overview on common terminologies & functionalities in the form of annotation and classes that are widely used in NiFi processors and also provide relevant links to the same on Apache NiFi developer guide. That tutorial itself should be able to get you started with the actual implementation since it has examples in the form of code and POM.
Related
I’m using java.net.URL.openStream() to access a HTTPS resource. The returned stream is incomplete for some URLs: for the example below, it yields a 1,105,724 byte-file whereas the same URL accessed from a browser yields a 5,755,858 byte-file (even when "disabling" Content-Encoding).
And it doesn’t even throw an exception.
What am I missing?
import static java.nio.file.Files.copy;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.nio.file.Paths;
public class Test {
public static void main(String... args) throws IOException {
try (final InputStream in = new URL(
"https://upload.wikimedia.org/wikipedia/commons/9/95/Germany_%28orthographic_projection%29.svg").openStream()) {
copy(in, Paths.get("germany.svg"));
}
}
}
Edit
I’ve tested this code a lot of times (on different networks, but always on JRE 1.8.0_60 / Mac OS X 10.11.4), and sometimes it’s suddenly "starting to work".
However, switching to another of my problematic URLs (e.g. "https://upload.wikimedia.org/wikipedia/commons/c/ce/Andorra_in_Europe_%28zoomed%29.svg") enables me to reproduce the issue.
Does this mean that it is a server issue? I’ve never seen it on a browser though.
It's working fine.
As others have suggested there may be a problem with your network, try connecting to another network.
package test;
import java.io.InputStream;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
public class TestMain2 {
public static void main(String[] args) {
System.out.println("Started");
try (final InputStream in = new URL(
"https://upload.wikimedia.org/wikipedia/commons/9/95/Germany_%28orthographic_projection%29.svg")
.openStream()) {
Path outputFile = Paths.get("test.svg");
Files.copy(in, outputFile, StandardCopyOption.REPLACE_EXISTING);
System.out.println("Output file size : " + outputFile.toFile().length());
System.out.println("Finished");
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
Output
Started
Output file size : 5755858
Finished
I am trying to bind to a very simple jar file in a xamarin android project, but I am getting the warning:
JARTOXML : warning J2X9001: Couldn't load class GetCerts : java.lang.UnsupportedClassVersionError: GetCerts : Unsupported major.minor version 52.0
BINDINGSGENERATOR : warning BG8601: No packages found.
if I add the picasso-2.5.2.jar to the same bindings project, it is accessible perfectly, just as in the documentation for binding a jar from xamarin (http://developer.xamarin.com/guides/android/advanced_topics/java_integration_overview/binding-a-java-library/binding-a-jar/)
the code in the jar is extremely simple:
package com.mgw;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
class GetCerts {
public static X509Certificate GetCert(byte[] bytes) throws Exception
{
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
InputStream in = new ByteArrayInputStream(bytes);
X509Certificate cert = (X509Certificate)certFactory.generateCertificate(in);
return cert;
}
}
Problem was that the class was not public. I changed the code to be:
package com.sage;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
public class GetCerts {
public static X509Certificate GetCert(byte[] bytes) throws Exception
{
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
InputStream in = new ByteArrayInputStream(bytes);
X509Certificate cert = (X509Certificate)certFactory.generateCertificate(in);
return cert;
}
public static boolean DoSomething()
{
return true;
}
}
change the file name to match the class name, rebuilt using JDK6 and it all worked.
Note that the JDK version used to build the library should not be higher than that used by Xamarin or you may get issues.
I need to encrypt and decrypt as four digit pin into a database and am having trouble. I have tried using examples that use Base64, put even after importing the package it can't find the class. What am I doing wrong? I understand that the class below may be correct, but why can't it find the class and create an object. In eclipse when I navigate to the Base64 class in reference libraries it says "source not found".
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Random;
import org.apache.commons.codec.binary.Base64;
public class PasswordEncryption {
private static Random random = new Random((new Date()).getTime());
public static String encrypt(String userId) {
Base64() encoder = new Base64();
byte[] salt = new byte[8];
random.nextBytes(salt);
return encoder.encode(salt)+
encoder.encode(userId.getBytes());
}
public static String decrypt(String encryptKey) {
if (encryptKey.length() > 12) {
String cipher = encryptKey.substring(12);
BASE64Decoder decoder = new BASE64Decoder();
try {
return new String(decoder.decodeBuffer(cipher));
} catch (IOException e) {
// throw new InvalidImplementationException(
// "Failed to perform decryption for key ["+encryptKey+"]",e);
}
}
return null;
}
}
And apologies if I have not used these forums correctly, this is my first post.
Thanks
I think you need to download Apache Commons Codec. After you've downloaded the jar, you need to add it to your Eclipse project as a library in your build path. (I apologise if you've already done this. It isn't clear from your post.)
Once you've done you still won't be able to see the source in Eclipse, but your project should work when you run it.
I'm getting the following exception when trying to create a new certificate:
java.security.cert.CertificateParsingException: signed overrun, bytes = 224
try
{
InputStream certificateStream = new ByteArrayInputStream(certificate);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection certificateCollection = cf.generateCertificates(certificateStream);
}
catch (CertificateException ex)
{
}
the exception is thrown in:
Collection certificateCollection = cf.generateCertificates(certificateStream);
can someone help me to understand and solve this issue?
Thanks
Here is a well-functioning example based on your code. It uses a FileInputStream. If you use a ByteArray, be careful of the data within it :
import java.io.FileInputStream;
import java.io.InputStream;
import java.util.Collection;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.cert.CertificateException;
import java.io.FileNotFoundException;
public class StackOverflow {
public static void main(String[] args) throws FileNotFoundException, CertificateException {
InputStream certificateStream = new FileInputStream("stackoverflow.cert");
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection certificateCollection = cf.generateCertificates(certificateStream);
}
}
Ok, my mistake.
I read the certificate from file, and I didn't read it as binary...
Reading as binary solved this issue.
Thanks alot for all your answers / comments!
I'm trying to connect to a third party application API using apache commons HTTP Client. The API I'm trying to connect is http://wiki.kayako.com/display/DEV/REST+API.
The API requires me to pass a API key and a signature along with a salt used to create the signature.
As per the API documentation these are the steps to create the signature
Generate a random string to create a salt (in PHP, you would use mt_and() to do this)
Generate the signature by hashing the salt using SHA256 with the secret key as the key (in PHP, you would use hash_hmac() to do this)
base64 encode the signature (in PHP, you would use base64_encode() to do this)
URL encode the output (in PHP, you would use urlencode() to do this)
UPDATED
As per the responses I got, I changes some of my code and created a demo account with the Kayako to test the API
I'm using the following class to generate the signature
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.GeneralSecurityException;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.util.encoders.Base64Encoder;
public class GenSign2 {
public static void main(String[] args) throws GeneralSecurityException,
IOException {
String secretKey = "M2Y2YjkxZDEtYmNlOC1mYmI0LTkxZTgtOTNiY2RiMDhmN2E2YjExNGUwYjktNGJkYy1jZTM0LWQ1MWYtZGIwYWRlZTE0NGNh";
String salt = "0123456789";
String generateHmacSHA256Signature = generateHmacSHA256Signature(salt,
secretKey);
System.out.println("Signature: " + generateHmacSHA256Signature);
String urlEncodedSign = URLEncoder.encode(generateHmacSHA256Signature,
"UTF-8");
System.out.println("Url encoded value: " + urlEncodedSign);
}
public static String generateHmacSHA256Signature(String data, String key)
throws GeneralSecurityException, IOException {
byte[] hmacData = null;
try {
SecretKeySpec secretKey = new SecretKeySpec(key.getBytes("UTF-8"),
"HmacSHA256");
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(secretKey);
hmacData = mac.doFinal(data.getBytes("UTF-8"));
ByteArrayOutputStream bout = new ByteArrayOutputStream();
new Base64Encoder().encode(hmacData, 0, hmacData.length, bout);
return bout.toString("UTF-8");
} catch (UnsupportedEncodingException e) {
throw new GeneralSecurityException(e);
}
}
}
And the test api is as follows
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.List;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
public class TestApi {
public static void main(String[] args) throws ClientProtocolException,
IOException, URISyntaxException {
HttpClient client = new DefaultHttpClient();
List<NameValuePair> qparams = new ArrayList<NameValuePair>();
qparams.add(new BasicNameValuePair("apikey",
"f165dc40-ce3f-6864-7d5e-27a7188b2e62"));
qparams.add(new BasicNameValuePair("salt", "0123456789"));
qparams.add(new BasicNameValuePair("signature", "mbrhpXkP0LzNMNDygHAorqMx%2FDGovl%2FauMTOMB6RNMA%3D"));
HttpPost httpget = new HttpPost(
"http://aruntest.kayako.com/api/index.php?e=/Core/Test");
HttpResponse response = client.execute(httpget);
System.out.println(response.getProtocolVersion());
System.out.println(response.getStatusLine().getStatusCode());
System.out.println(response.getStatusLine().getReasonPhrase());
System.out.println(response.getStatusLine().toString());
}
}
The demo site can be accessed using
URL: http://aruntest.kayako.com/admin/
User: admin
Password: ty386rhjzz
It is throwing an unauthorized access exception when I'm trying to connect.
Try and compare your signature method with this (it works)
public static String generateHmacSHA256Signature(String data, String key) throws GeneralSecurityException {
byte[] hmacData = null;
try {
SecretKeySpec secretKey = new SecretKeySpec(key.getBytes("UTF-8"), "HmacSHA256");
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(secretKey);
hmacData = mac.doFinal(data.getBytes("UTF-8"));
return new BASE64Encoder().encode(hmacData);
} catch (UnsupportedEncodingException e) {
// TODO: handle exception
throw new GeneralSecurityException(e);
}
}
The result of this call, will then be the value of your attribute Signature
String signature = generateHmacSHA256Signature(salt, key);
qparams.add(new BasicNameValuePair("signature", signature));
A simple way to generate a salt/nonce
String nonce = String.valueOf(System.currentTimeMillis());
See Example:
Kayako has updated their documentation with a new java sample which works fine.
I think the entire getSaltedKey() routine is unnecessary. You're just signing the salt (it should have been called a nonce) with HMAC and signing with the provided key, it doesn't look like you're supposed to sign the key+salt.