Java Crypto.sign方法代码示例

本文整理汇总了Java中com.yahoo.athenz.auth.util.Crypto.sign方法的典型用法代码示例。如果您正苦于以下问题：Java Crypto.sign方法的具体用法？Java Crypto.sign怎么用？Java Crypto.sign使用的例子？那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类com.yahoo.athenz.auth.util.Crypto的用法示例。

在下文中一共展示了Crypto.sign方法的14个代码示例，这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞，您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: signForAuthorizedService

import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
public void signForAuthorizedService(String authorizedServiceName, String authorizedServiceKeyId,
        PrivateKey key) throws CryptoException {
    
    /* first let's make sure the authorized service is one of the
     * listed service names in the PrincipalToken */
    
    if (authorizedServices == null || !authorizedServices.contains(authorizedServiceName)) {
        throw new IllegalArgumentException("Authorized Service is not valid for this token");
    }
    
    this.authorizedServiceKeyId = authorizedServiceKeyId;
    StringBuilder tokenToSign = new StringBuilder(512);
    tokenToSign.append(signedToken);
    tokenToSign.append(";bk=");
    tokenToSign.append(authorizedServiceKeyId);
    
    if (authorizedServices.size() > 1) {
        
        /* if the user has allowed multiple authorized services then we need
         * to keep track of which one is re-signing this token and as such
         * we'll store the service name as the value for the bn field */

        this.authorizedServiceName = authorizedServiceName;
        tokenToSign.append(";bn=");
        tokenToSign.append(authorizedServiceName);
    }
    
    authorizedServiceSignature = Crypto.sign(tokenToSign.toString(), key);
    
    /* now append our new signature to the token we just signed */
    
    tokenToSign.append(";bs=");
    tokenToSign.append(authorizedServiceSignature);
    signedToken = tokenToSign.toString();
}

开发者ID:yahoo，项目名称:athenz，代码行数:36，代码来源:PrincipalToken.java

示例2: testSignVerifyRSAKey

import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testSignVerifyRSAKey() {
    
    PrivateKey privateKey = Crypto.loadPrivateKey(rsaPrivateKey);
    assertNotNull(privateKey);
    
    String signature = Crypto.sign(serviceToken, privateKey);
    assertEquals(signature, serviceRSASignature);
    
    PublicKey publicKey = Crypto.loadPublicKey(rsaPublicKey);
    assertNotNull(publicKey);
    
    assertTrue(Crypto.verify(serviceToken, publicKey, signature));
}

开发者ID:yahoo，项目名称:athenz，代码行数:15，代码来源:CryptoTest.java

示例3: testSignVerifyExtractedRSAKey

import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testSignVerifyExtractedRSAKey() {
    
    PrivateKey privateKey = Crypto.loadPrivateKey(rsaPrivateKey);
    assertNotNull(privateKey);
    
    String signature = Crypto.sign(serviceToken, privateKey);
    assertEquals(signature, serviceRSASignature);
    
    PublicKey publicKey = Crypto.extractPublicKey(privateKey);
    assertNotNull(publicKey);
    
    assertTrue(Crypto.verify(serviceToken, publicKey, signature));
}

开发者ID:yahoo，项目名称:athenz，代码行数:15，代码来源:CryptoTest.java

示例4: signPolicies

import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
static String signPolicies(String ztsPrivateKeyPath, String zmsPrivateKeyPath, String signedPolicyFile,
        String newPolicyFile) {

    String etag = null;
    try {
        Path path = Paths.get(ztsPrivateKeyPath);
        PrivateKey ztsPrivateKey = Crypto.loadPrivateKey(new String((Files.readAllBytes(path))));

        path = Paths.get(zmsPrivateKeyPath);
        PrivateKey zmsPrivateKey = Crypto.loadPrivateKey(new String((Files.readAllBytes(path))));

        path = Paths.get(signedPolicyFile);
        DomainSignedPolicyData domainSignedPolicyData = JSON.fromBytes(Files.readAllBytes(path),
                DomainSignedPolicyData.class);
        SignedPolicyData signedPolicyData = domainSignedPolicyData.getSignedPolicyData();
        
        PolicyData policyData = signedPolicyData.getPolicyData();
        signedPolicyData.setZmsSignature(Crypto.sign(SignUtils.asCanonicalString(policyData), zmsPrivateKey));
        signedPolicyData.setZmsKeyId("0");
        
        long curTime = System.currentTimeMillis();
        Timestamp modified = Timestamp.fromMillis(curTime);
        signedPolicyData.setModified(modified);

        Timestamp expires = Timestamp.fromMillis(curTime + (1000L * 60 * 60 * 24 * 7));
        signedPolicyData.setExpires(expires);
        
        String signature = Crypto.sign(SignUtils.asCanonicalString(signedPolicyData), ztsPrivateKey);
        domainSignedPolicyData.setSignature(signature).setKeyId("0");
        File file = new File(newPolicyFile);
        file.createNewFile();
        Files.write(file.toPath(), JSON.bytes(domainSignedPolicyData));

        etag = "\"" + modified.toString() + "\"";
    } catch (IOException e) {
        System.out.println("Exception: " + e.getMessage());
        System.exit(-1);
    }

    System.out.println("Signed " + newPolicyFile + " policy file");
    return etag;
}

开发者ID:yahoo，项目名称:athenz，代码行数:43，代码来源:SignPoliciesUtility.java

示例5: getDomainSignedPolicyData

import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Override
public DomainSignedPolicyData getDomainSignedPolicyData(String domainName,
        String matchingTag, Map<String, List<String>> responseHeaders) {

    DomainSignedPolicyData result = null;
    if (!domainName.equals("sports") && 
        !domainName.equals("sys.auth") &&
        !domainName.equals("expiredDomain")) {
        return result;
    }

    SignedPolicyData signedPolicyData = new SignedPolicyData();

    Timestamp expires;
    if (domainName.equals("expiredDomain")) {
        expires = Timestamp.fromMillis(System.currentTimeMillis()
            - (1000L * 60));
    } else {
        expires = Timestamp.fromMillis(System.currentTimeMillis()
            + (1000L * 60 * 60 * 24 * 7));
    }
    signedPolicyData.setExpires(expires);

    Timestamp modified = Timestamp.fromMillis(System.currentTimeMillis());
    signedPolicyData.setModified(modified);

    String policyName = domainName + ":policy." + "admin";
    Policy policy = new Policy();
    policy.setName(policyName);

    Assertion assertion = new Assertion();
    assertion.setAction("*");
    assertion.setEffect(AssertionEffect.ALLOW);
    assertion.setResource("*");

    String roleName = domainName + ":role." + "admin";
    assertion.setRole(roleName);

    List<Assertion> assertList = new ArrayList<Assertion>();
    assertList.add(assertion);

    assertion = new Assertion();
    assertion.setAction("*");
    assertion.setEffect(AssertionEffect.DENY);
    assertion.setResource("*");

    roleName = domainName + ":role." + "non-admin";
    assertion.setRole(roleName);
    assertList.add(assertion);

    policy.setAssertions(assertList);

    List<Policy> listOfPolicies = new ArrayList<Policy>();
    listOfPolicies.add(policy);
    
    PolicyData policyData = new PolicyData();
    policyData.setPolicies(listOfPolicies);
    policyData.setDomain(domainName);
    
    signedPolicyData.setPolicyData(policyData);
    signedPolicyData.setZmsKeyId("0");
    signedPolicyData.setZmsSignature(Crypto.sign(SignUtils.asCanonicalString(policyData), zmsPrivateKeyK0));
    
    DomainSignedPolicyData domainSignedPolicyData = new DomainSignedPolicyData();
    domainSignedPolicyData.setSignedPolicyData(signedPolicyData);

    PrivateKey ztsKey = null;
    if ("0".equals(keyId)) {
        ztsKey = ztsPrivateKeyK0;
    } else if ("1".equals(keyId)) {
        ztsKey = ztsPrivateKeyK1;
    }

    String signature = Crypto.sign(SignUtils.asCanonicalString(signedPolicyData), ztsKey);
    domainSignedPolicyData.setKeyId(keyId);
    domainSignedPolicyData.setSignature(signature);

    return domainSignedPolicyData;
}

开发者ID:yahoo，项目名称:athenz，代码行数:80，代码来源:ZTSMock.java

示例6: sign

import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
public void sign(PrivateKey key) throws CryptoException {
    signature = Crypto.sign(unsignedToken, key, digestAlgorithm);
    signedToken = unsignedToken + ";s=" + signature;
}

开发者ID:yahoo，项目名称:athenz，代码行数:5，代码来源:Token.java

示例7: retrieveSignedDomain

import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
SignedDomain retrieveSignedDomain(String domainName, long modifiedTime,
        Boolean setMetaDataOnly) {
    
    // generate our signed domain object
    
    SignedDomain signedDomain = new SignedDomain();
    DomainData domainData = new DomainData().setName(domainName);
    signedDomain.setDomain(domainData);
    domainData.setModified(Timestamp.fromMillis(modifiedTime));
    
    // check if we're asked to only return the meta data which
    // we already have - name and last modified time, so we can
    // add the domain to our return list and continue with the
    // next domain
    
    if (setMetaDataOnly) {
        return signedDomain;
    }
    
    // get the policies, roles, and service identities to create the
    // DomainData

    if (LOG.isDebugEnabled()) {
        LOG.debug("retrieveSignedDomain: retrieving domain " + domainName);
    }
    
    AthenzDomain athenzDomain = getAthenzDomain(domainName, true, true);
    
    // it's possible that our domain was deleted by another
    // thread while we were processing this request so
    // we'll return null so the caller can skip this domain
    
    if (athenzDomain == null) {
        return null;
    }

    // set domain attributes - for enabled flag only set it
    // if it set to false
    
    if (athenzDomain.getDomain().getEnabled() == Boolean.FALSE) {
        domainData.setEnabled(athenzDomain.getDomain().getEnabled());
    }
    domainData.setAccount(athenzDomain.getDomain().getAccount());
    domainData.setYpmId(athenzDomain.getDomain().getYpmId());
    domainData.setRoles(athenzDomain.getRoles());
    domainData.setServices(athenzDomain.getServices());
    domainData.setApplicationId(athenzDomain.getDomain().getApplicationId());
    
    // generate the domain policy object that includes the domain
    // name and all policies. Then we'll sign this struct using
    // server's private key to get signed policy object
    
    DomainPolicies domainPolicies = new DomainPolicies().setDomain(domainName);
    domainPolicies.setPolicies(getPolicyListWithoutAssertionId(athenzDomain.getPolicies()));
    SignedPolicies signedPolicies = new SignedPolicies();
    signedPolicies.setContents(domainPolicies);
    domainData.setPolicies(signedPolicies);

    String signature = Crypto.sign(
            SignUtils.asCanonicalString(signedDomain.getDomain().getPolicies().getContents()), privateKey);
    signedDomain.getDomain().getPolicies().setSignature(signature).setKeyId(privateKeyId);

    // then sign the data and set the data and signature in a SignedDomain
    
    signature = Crypto.sign(SignUtils.asCanonicalString(signedDomain.getDomain()), privateKey);
    signedDomain.setSignature(signature).setKeyId(privateKeyId);
    return signedDomain;
}

开发者ID:yahoo，项目名称:athenz，代码行数:69，代码来源:ZMSImpl.java

示例8: getDomainSignedPolicyData

import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
public void getDomainSignedPolicyData(ResourceContext ctx, String domainName,
        String matchingTag, GetDomainSignedPolicyDataResult signedPoliciesResult) {
    
    final String caller = "getdomainsignedpolicydata";
    final String callerTiming = "getdomainsignedpolicydata_timing";
    metric.increment(HTTP_GET);
    logPrincipal(ctx);

    validateRequest(ctx.request(), caller);
    validate(domainName, TYPE_DOMAIN_NAME, caller);
    
    // for consistent handling of all requests, we're going to convert
    // all incoming object values into lower case since ZMS Server
    // saves all of its object names in lower case
    
    domainName = domainName.toLowerCase();
    Object timerMetric = metric.startTiming(callerTiming, domainName);

    DomainData domainData = dataStore.getDomainData(domainName);
    if (domainData == null) {
        metric.increment(HTTP_REQUEST, ZTSConsts.ZTS_UNKNOWN_DOMAIN);
        metric.increment(caller, ZTSConsts.ZTS_UNKNOWN_DOMAIN);
        throw notFoundError("Domain not found: '" + domainName + "'", caller, ZTSConsts.ZTS_UNKNOWN_DOMAIN);
    }
    
    // update our metric with dimension. we're moving the metric here
    // after the domain name has been confirmed as valid since with
    // dimensions we get stuck with persistent indexes so we only want
    // to create them for valid domain names

    metric.increment(HTTP_REQUEST, domainName);
    metric.increment(caller, domainName);
    
    Timestamp modified = domainData.getModified();
    EntityTag eTag = new EntityTag(modified.toString());
    String tag = eTag.toString();
    
    // Set timestamp for domain rather than youngest policy.
    // Since a policy could have been deleted, and can only be detected
    // via the domain modified timestamp.
    
    if (matchingTag != null && matchingTag.equals(tag)) {
        signedPoliciesResult.done(ResourceException.NOT_MODIFIED, matchingTag);
    }
    
    // first get our PolicyData object
    
    PolicyData policyData = new PolicyData()
            .setDomain(domainName)
            .setPolicies(getPolicyList(domainData));

    // then get the signed policy data
    
    Timestamp expires = Timestamp.fromMillis(System.currentTimeMillis() + signedPolicyTimeout);

    SignedPolicyData signedPolicyData = new SignedPolicyData()
            .setPolicyData(policyData)
            .setExpires(expires)
            .setModified(modified)
            .setZmsKeyId(domainData.getPolicies().getKeyId())
            .setZmsSignature(domainData.getPolicies().getSignature());

    String signature = Crypto.sign(SignUtils.asCanonicalString(signedPolicyData), privateKey);
    DomainSignedPolicyData result = new DomainSignedPolicyData()
        .setSignedPolicyData(signedPolicyData)
        .setSignature(signature)
        .setKeyId(privateKeyId);
    
    metric.stopTiming(timerMetric);
    signedPoliciesResult.done(ResourceException.OK, result, tag);
}

开发者ID:yahoo，项目名称:athenz，代码行数:72，代码来源:ZTSImpl.java