1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.crypto.pkix.internal

File AbstractBcX509CertificateGenerator.java

 

Coverage histogram

../../../../../img/srcFileCovDistChart10.png
0% of files have more coverage

Code metrics

4
26
5
1
158
78
7
0.27
5.2
5
1.4

Classes

Class Line # Actions
AbstractBcX509CertificateGenerator 46 26 0% 7 2
0.9428571594.3%
 

Contributing tests

No tests hitting this source file were found.

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package org.xwiki.crypto.pkix.internal;
21   
22    import java.io.IOException;
23    import java.math.BigInteger;
24    import java.security.GeneralSecurityException;
25    import java.security.SecureRandom;
26    import java.util.Calendar;
27   
28    import org.bouncycastle.asn1.x509.TBSCertificate;
29    import org.xwiki.crypto.params.cipher.asymmetric.PublicKeyParameters;
30    import org.xwiki.crypto.pkix.CertificateGenerator;
31    import org.xwiki.crypto.pkix.CertifyingSigner;
32    import org.xwiki.crypto.pkix.params.CertificateParameters;
33    import org.xwiki.crypto.pkix.params.CertifiedPublicKey;
34    import org.xwiki.crypto.pkix.params.PrincipalIndentifier;
35    import org.xwiki.crypto.pkix.params.x509certificate.X509CertificateGenerationParameters;
36    import org.xwiki.crypto.pkix.params.x509certificate.X509CertificateParameters;
37    import org.xwiki.crypto.signer.Signer;
38    import org.xwiki.crypto.signer.SignerFactory;
39   
40    /**
41    * Base class for X.509 certificate generators.
42    *
43    * @version $Id: d442f48bcf782e6f82eb09b842df9405eaeb1846 $
44    * @since 5.4
45    */
 
46    public abstract class AbstractBcX509CertificateGenerator implements CertificateGenerator
47    {
48    private final Signer signer;
49   
50    private final int validity;
51   
52    private final SignerFactory signerFactory;
53   
54    private final SecureRandom random;
55   
56    /**
57    * Create a initialized certificate generator.
58    *
59    * @param signer a certifying signer initialized with the certified key pair of the issuer
60    * or a signer initialized with the private key of the subject for creating a self sign certificate.
61    * @param parameters the common parameters for all certificate generated by this generator.
62    * @param signerFactory the signer factory to be used by the certificate to verify signature.
63    * @param random a random source.
64    */
 
65  10 toggle public AbstractBcX509CertificateGenerator(Signer signer, X509CertificateGenerationParameters parameters,
66    SignerFactory signerFactory, SecureRandom random)
67    {
68  10 this.signer = signer;
69  10 this.validity = parameters.getValidity();
70  10 this.signerFactory = signerFactory;
71  10 this.random = random;
72    }
73   
74    /**
75    * @return a new instance of a TBS certificate builder.
76    */
77    protected abstract BcX509TBSCertificateBuilder getTBSCertificateBuilder();
78   
79    /**
80    * Extend TBS certificate depending of certificate version.
81    *
82    * @param builder the X.509 TBS certificate builder received from #getTBSCertificateBuilder().
83    * @param issuer the certified public key of the issuer of the certificate, or null for self signed one.
84    * @param subjectName the subject name.
85    * @param subject the subject public key.
86    * @param parameters the X.509 certificate parameters.
87    * @throws IOException on encoding error.
88    */
 
89  3 toggle protected void extendsTBSCertificate(BcX509TBSCertificateBuilder builder, CertifiedPublicKey issuer,
90    PrincipalIndentifier subjectName, PublicKeyParameters subject, X509CertificateParameters parameters)
91    throws IOException
92    {
93    // Do nothing by default.
94    }
95   
96    /**
97    * Build the TBS Certificate.
98    *
99    * @param subjectName the identifier of the public key owner.
100    * @param subject the public key to certify.
101    * @param parameters the subject parameters for this certificate.
102    * @return the TBS certificate.
103    * @throws IOException on encoding error.
104    */
 
105  10 toggle public TBSCertificate buildTBSCertificate(PrincipalIndentifier subjectName,
106    PublicKeyParameters subject, X509CertificateParameters parameters) throws IOException
107    {
108  10 PrincipalIndentifier issuerName;
109  10 CertifiedPublicKey issuer = null;
110   
111  10 if (this.signer instanceof CertifyingSigner) {
112  4 issuer = ((CertifyingSigner) this.signer).getCertifier();
113  4 issuerName = issuer.getSubject();
114    } else {
115  6 issuerName = subjectName;
116    }
117   
118  10 BcX509TBSCertificateBuilder builder = getTBSCertificateBuilder();
119   
120  10 builder.setSerialNumber(new BigInteger(128, this.random)).setIssuer(issuerName);
121   
122  10 addValidityDates(builder);
123   
124  10 extendsTBSCertificate(builder, issuer, subjectName, subject, parameters);
125   
126  10 return builder.setSubject(subjectName).setSubjectPublicKeyInfo(subject).setSignature(this.signer).build();
127    }
128   
 
129  10 toggle @Override
130    public CertifiedPublicKey generate(PrincipalIndentifier subjectName, PublicKeyParameters subject,
131    CertificateParameters parameters) throws IOException, GeneralSecurityException
132    {
133  10 if (!(parameters instanceof X509CertificateParameters)) {
134  0 throw new IllegalArgumentException("Invalid parameters for X.509 certificate: "
135    + parameters.getClass().getName());
136    }
137   
138  10 TBSCertificate tbsCert = buildTBSCertificate(subjectName, subject, (X509CertificateParameters) parameters);
139   
140  10 return new BcX509CertifiedPublicKey(
141    BcUtils.getX509CertificateHolder(tbsCert, BcUtils.updateDEREncodedObject(this.signer, tbsCert).generate()),
142    this.signerFactory);
143    }
144   
 
145  10 toggle private void addValidityDates(BcX509TBSCertificateBuilder builder)
146    {
147  10 Calendar cal = Calendar.getInstance();
148  10 cal.set(Calendar.HOUR, 0);
149  10 cal.set(Calendar.MINUTE, 0);
150  10 cal.set(Calendar.SECOND, 0);
151   
152  10 builder.setStartDate(cal.getTime());
153   
154  10 cal.add(Calendar.DATE, this.validity);
155   
156  10 builder.setEndDate(cal.getTime());
157    }
158    }