diff --git a/README.md b/README.md index c2c22a3..f7cf47d 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,7 @@ String signatureBase64 = DigitalSignatires.encodeToBase64(byte[] bytes); To allow users to sign their data via CLI there is an executable JAR: ```bash usage: java -jar digital-signatures-cli--all.jar -d -k -Calculates SHA1 with RSA signature in Base64 encoding for provided data +Calculates SHA256 with RSA signature in Base64 encoding for provided data -d,--data-to-sign String containing data to sign -k,--private-key-file Path to file containing RSA private key ``` diff --git a/digital-signatures-cli/src/main/java/com/transferwise/digitalsignatures/cli/Main.java b/digital-signatures-cli/src/main/java/com/transferwise/digitalsignatures/cli/Main.java index b144af6..3a73439 100644 --- a/digital-signatures-cli/src/main/java/com/transferwise/digitalsignatures/cli/Main.java +++ b/digital-signatures-cli/src/main/java/com/transferwise/digitalsignatures/cli/Main.java @@ -15,7 +15,7 @@ class Main { private static final String CLI_UTILITY_NAME = "java -jar digital-signatures-cli--all.jar"; - private static final String CLI_HELP_HEADER = "Calculates SHA1 with RSA signature in Base64 encoding (RFC 4648) for provided data"; + private static final String CLI_HELP_HEADER = "Calculates SHA256 with RSA signature in Base64 encoding (RFC 4648) for provided data"; public static void main(String[] args) { Option privateKeyFilePathOption = Option.builder("k") diff --git a/digital-signatures-cli/src/test/java/com/transferwise/digitalsignatures/cli/MainTest.java b/digital-signatures-cli/src/test/java/com/transferwise/digitalsignatures/cli/MainTest.java index 45ccf04..95da9b2 100644 --- a/digital-signatures-cli/src/test/java/com/transferwise/digitalsignatures/cli/MainTest.java +++ b/digital-signatures-cli/src/test/java/com/transferwise/digitalsignatures/cli/MainTest.java @@ -19,7 +19,10 @@ public class MainTest { private static final String DATA_TO_SIGN = "65a31b86-aa2e-47fd-a7a4-3710437ba270"; - private static final String SIGNATURE = "oMbriRqpykbUnoL2sIX5xCO/yhrpZFd4TDu2lWdbcHkfxoYHQIvjdm/Px9SBgO5Lc58qjPkmeJA4z8B8spOVaxLRienkzvqrT0I11OFH7jJkoMu2g8bxPe7hmnRDdTB8cLZyFYGmlYjsr3vxemTUWSYYXdrys5Dh3LuOzWZmuYQ3bOwsBPm2sl7K39QM2KqXWckyqg9xpguWIGWzO86aKc/OboWqompVYKztLtdzMwAT5WQ5tPH+AA/lpiV3VG8J9TKTYpUzcrsRjUIelY+jznOkrFtqyyQsZ6l/G7yFXYTaA55ARc+k7CJExiw4mFX8wgPUHrGt289170HS+UJZDw=="; + private static final String SIGNATURE = "1JnHvXd24R99jZFl5KzJer1iMFGIdrGRmu09h7QkGzo5kgk3cLHdDesitNjK131lmpgAEwnI" + + "99jtyfJfiMjFZV4VqSAmr68W12r3Jc4ACE17WNa7hGgLC7Gw+m70x9UX5dgv6ws02VlIe9i44iGJ6fN57Piy5LBitxWkAjEEMNjmqO6G" + + "dnBlxNuSc9m+eImG91nqXa6BLNFFAPD3FzaEbqW8Ob/l8ayd9xXosTNMz0ywsV/l/zthra/7olAvRLqCrMtzI9ltC7kd40xWNesehLxf" + + "QIIoAUiDF9iRCzBavXR6O7jUf56QES6ScjQ43a62V0JIdbUDSdRJPr+zesPQug=="; private static final long OPENSSL_TEST_TIMEOUT_MILLISECONDS = 1000; @@ -56,7 +59,7 @@ public void signatureIsIdenticalToGeneratedByOpenSSL() throws InterruptedExcepti Process process; try { - String command = String.format("printf '%s' | openssl sha1 -sign %s | base64 -b 0", DATA_TO_SIGN, testPrivateKeyFilePath); + String command = String.format("printf '%s' | openssl sha256 -sign %s | base64 -b 0", DATA_TO_SIGN, testPrivateKeyFilePath); process = new ProcessBuilder("/bin/sh", "-c", command).start(); } catch (Exception e) { assumeNoException(e); diff --git a/digital-signatures/src/main/java/com/transferwise/digitalsignatures/DigitalSignatures.java b/digital-signatures/src/main/java/com/transferwise/digitalsignatures/DigitalSignatures.java index 9dcba5f..9702807 100644 --- a/digital-signatures/src/main/java/com/transferwise/digitalsignatures/DigitalSignatures.java +++ b/digital-signatures/src/main/java/com/transferwise/digitalsignatures/DigitalSignatures.java @@ -29,7 +29,7 @@ public class DigitalSignatures { /** * Default signature algorithm. */ - public static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; + public static final String SIGNATURE_ALGORITHM = "SHA256withRSA"; static { Security.addProvider(new BouncyCastleProvider()); diff --git a/digital-signatures/src/test/java/com/transferwise/digitalsignatures/DigitalSignaturesTest.java b/digital-signatures/src/test/java/com/transferwise/digitalsignatures/DigitalSignaturesTest.java index d750261..ba23b70 100644 --- a/digital-signatures/src/test/java/com/transferwise/digitalsignatures/DigitalSignaturesTest.java +++ b/digital-signatures/src/test/java/com/transferwise/digitalsignatures/DigitalSignaturesTest.java @@ -40,7 +40,10 @@ public class DigitalSignaturesTest { @Test public void sign() throws IOException, GeneralSecurityException { String dataToSign = "65a31b86-aa2e-47fd-a7a4-3710437ba270"; - String expectedSignatureBase64 = "oMbriRqpykbUnoL2sIX5xCO/yhrpZFd4TDu2lWdbcHkfxoYHQIvjdm/Px9SBgO5Lc58qjPkmeJA4z8B8spOVaxLRienkzvqrT0I11OFH7jJkoMu2g8bxPe7hmnRDdTB8cLZyFYGmlYjsr3vxemTUWSYYXdrys5Dh3LuOzWZmuYQ3bOwsBPm2sl7K39QM2KqXWckyqg9xpguWIGWzO86aKc/OboWqompVYKztLtdzMwAT5WQ5tPH+AA/lpiV3VG8J9TKTYpUzcrsRjUIelY+jznOkrFtqyyQsZ6l/G7yFXYTaA55ARc+k7CJExiw4mFX8wgPUHrGt289170HS+UJZDw=="; + String expectedSignatureBase64 = "1JnHvXd24R99jZFl5KzJer1iMFGIdrGRmu09h7QkGzo5kgk3cLHdDesitNjK131lmpgAEwnI99j" + + "tyfJfiMjFZV4VqSAmr68W12r3Jc4ACE17WNa7hGgLC7Gw+m70x9UX5dgv6ws02VlIe9i44iGJ6fN57Piy5LBitxWkAjEEMNjmqO6" + + "GdnBlxNuSc9m+eImG91nqXa6BLNFFAPD3FzaEbqW8Ob/l8ayd9xXosTNMz0ywsV/l/zthra/7olAvRLqCrMtzI9ltC7kd40xWNes" + + "ehLxfQIIoAUiDF9iRCzBavXR6O7jUf56QES6ScjQ43a62V0JIdbUDSdRJPr+zesPQug=="; byte[] signature = DigitalSignatures.sign(PRIVATE_KEY, dataToSign.getBytes());