1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.crypto.pkix.internal

File BcX509CertifiedPublicKey.java

 

Coverage histogram

../../../../../img/srcFileCovDistChart8.png
54% of files have more coverage

Code metrics

32
67
19
1
258
186
39
0.58
3.53
19
2.05

Classes

Class Line # Actions
BcX509CertifiedPublicKey 49 67 0% 39 30
0.745762774.6%
 

Contributing tests

This file is covered by 23 tests. .

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package org.xwiki.crypto.pkix.internal;
21   
22    import java.io.IOException;
23    import java.math.BigInteger;
24    import java.security.GeneralSecurityException;
25    import java.util.Arrays;
26    import java.util.Date;
27   
28    import org.apache.commons.lang3.builder.HashCodeBuilder;
29    import org.bouncycastle.asn1.x509.Extensions;
30    import org.bouncycastle.asn1.x509.TBSCertificate;
31    import org.bouncycastle.cert.X509CertificateHolder;
32    import org.bouncycastle.crypto.util.PublicKeyFactory;
33    import org.xwiki.crypto.internal.asymmetric.BcPublicKeyParameters;
34    import org.xwiki.crypto.params.cipher.asymmetric.PublicKeyParameters;
35    import org.xwiki.crypto.pkix.internal.extension.BcX509Extensions;
36    import org.xwiki.crypto.pkix.params.x509certificate.DistinguishedName;
37    import org.xwiki.crypto.pkix.params.x509certificate.X509CertifiedPublicKey;
38    import org.xwiki.crypto.pkix.params.x509certificate.extension.X509Extensions;
39    import org.xwiki.crypto.signer.Signer;
40    import org.xwiki.crypto.signer.SignerFactory;
41    import org.xwiki.crypto.signer.internal.factory.BcSignerFactory;
42   
43    /**
44    * Generic implementation of X509CertifiedPublicKey wrapping a Bouncy Castle holder.
45    *
46    * @version $Id: 29e2b6522381235a8665c36559af61922d49c264 $
47    * @since 5.4
48    */
 
49    public class BcX509CertifiedPublicKey implements X509CertifiedPublicKey
50    {
51    private final X509CertificateHolder holder;
52   
53    private final SignerFactory signerFactory;
54   
 
55  88 toggle BcX509CertifiedPublicKey(X509CertificateHolder holder, SignerFactory signerFactory)
56    {
57  88 this.holder = holder;
58  88 this.signerFactory = signerFactory;
59    }
60   
61    /**
62    * @return the native bouncy castle wrapped holder.
63    */
 
64  51 toggle public X509CertificateHolder getX509CertificateHolder()
65    {
66  51 return this.holder;
67    }
68   
 
69  25 toggle @Override
70    public DistinguishedName getIssuer()
71    {
72  25 return new DistinguishedName(this.holder.getIssuer());
73    }
74   
 
75  20 toggle @Override
76    public DistinguishedName getSubject()
77    {
78  20 return new DistinguishedName(this.holder.getSubject());
79    }
80   
 
81  5 toggle @Override
82    public Date getNotAfter()
83    {
84  5 return this.holder.getNotAfter();
85    }
86   
 
87  5 toggle @Override
88    public Date getNotBefore()
89    {
90  5 return this.holder.getNotBefore();
91    }
92   
 
93  34 toggle @Override
94    public int getVersionNumber()
95    {
96  34 return this.holder.getVersionNumber();
97    }
98   
 
99  8 toggle @Override
100    public BigInteger getSerialNumber()
101    {
102  8 return this.holder.getSerialNumber();
103    }
104   
 
105  15 toggle @Override
106    public boolean isValidOn(Date date)
107    {
108  15 return this.holder.isValidOn(date);
109    }
110   
 
111  9 toggle @Override
112    public boolean isRootCA()
113    {
114  9 X509Extensions exts = this.getExtensions();
115  9 if (exts != null) {
116  5 return exts.hasCertificateAuthorityBasicConstraints() && isSelfSigned();
117    }
118  4 return isSelfSigned();
119    }
120   
 
121  305 toggle @Override
122    public X509Extensions getExtensions()
123    {
124  305 Extensions extensions = this.holder.getExtensions();
125  305 return (extensions != null) ? new BcX509Extensions(extensions) : null;
126    }
127   
 
128  8 toggle @Override
129    public byte[] getAuthorityKeyIdentifier()
130    {
131  8 X509Extensions exts = this.getExtensions();
132  8 if (exts == null) {
133  0 return null;
134    }
135  8 return exts.getAuthorityKeyIdentifier();
136    }
137   
 
138  6 toggle @Override
139    public byte[] getSubjectKeyIdentifier()
140    {
141  6 X509Extensions exts = this.getExtensions();
142  6 if (exts == null) {
143  0 return null;
144    }
145  6 return exts.getSubjectKeyIdentifier();
146    }
147   
 
148  40 toggle @Override
149    public PublicKeyParameters getPublicKeyParameters()
150    {
151  40 try {
152  40 return new BcPublicKeyParameters(PublicKeyFactory.createKey(this.holder.getSubjectPublicKeyInfo()));
153    } catch (IOException e) {
154    // Very unlikely
155  0 throw new UnsupportedOperationException("Unsupported public key encoding.", e);
156    }
157    }
158   
 
159  38 toggle @Override
160    public boolean isSignedBy(PublicKeyParameters publicKey) throws GeneralSecurityException
161    {
162  38 TBSCertificate tbsCert = this.holder.toASN1Structure().getTBSCertificate();
163   
164  38 if (!BcUtils.isAlgorithlIdentifierEqual(tbsCert.getSignature(), this.holder.getSignatureAlgorithm())) {
165  0 return false;
166    }
167   
168  38 Signer signer = null;
169   
170    // Optimisation
171  38 if (this.signerFactory instanceof BcSignerFactory) {
172  38 signer = ((BcSignerFactory) this.signerFactory).getInstance(false, publicKey, tbsCert.getSignature());
173    } else {
174  0 try {
175  0 signer =
176    this.signerFactory.getInstance(false, publicKey, this.holder.getSignatureAlgorithm().getEncoded());
177    } catch (IOException e) {
178  0 return false;
179    }
180    }
181   
182  38 try {
183  38 return BcUtils.updateDEREncodedObject(signer, tbsCert).verify(this.holder.getSignature());
184    } catch (IOException e) {
185  0 return false;
186    }
187    }
188   
 
189  7 toggle @Override
190    public boolean isSelfSigned()
191    {
192  7 X509Extensions exts = this.getExtensions();
193  7 if (exts != null) {
194  3 byte[] issuerId = exts.getAuthorityKeyIdentifier();
195  3 byte[] subjectId = exts.getSubjectKeyIdentifier();
196  3 if (issuerId != null) {
197  3 return Arrays.equals(issuerId, subjectId);
198    }
199    }
200  4 return getIssuer().equals(getSubject());
201    }
202   
 
203  0 toggle @Override
204    public byte[] getEncoded() throws IOException
205    {
206  0 return this.holder.getEncoded();
207    }
208   
209    /**
210    * {@inheritDoc}
211    *
212    * @since 6.0M1
213    */
 
214  108 toggle @Override
215    public boolean equals(Object cert)
216    {
217  108 if (this == cert) {
218  15 return true;
219    }
220  93 if (cert == null || !(cert instanceof X509CertifiedPublicKey)) {
221  0 return false;
222    }
223   
224  93 X509CertifiedPublicKey that = (X509CertifiedPublicKey) cert;
225   
226  93 X509Extensions thisExts = this.getExtensions();
227  93 X509Extensions thatExts = that.getExtensions();
228   
229  93 byte[] thisId = (thisExts != null) ? thisExts.getSubjectKeyIdentifier() : null;
230  93 byte[] thatId = (thatExts != null) ? thatExts.getSubjectKeyIdentifier() : null;
231   
232  93 if (thisId != null) {
233  89 return Arrays.equals(thisId, thatId);
234  4 } else if (thatExts != null) {
235  0 return false;
236    }
237   
238  4 return this.getIssuer().equals(that.getIssuer()) && this.getSerialNumber().equals(that.getSerialNumber());
239    }
240   
241    /**
242    * {@inheritDoc}
243    *
244    * @since 6.0M1
245    */
 
246  0 toggle @Override
247    public int hashCode()
248    {
249  0 X509Extensions exts = this.getExtensions();
250  0 if (exts != null) {
251  0 byte[] id = exts.getSubjectKeyIdentifier();
252  0 if (id != null) {
253  0 return Arrays.hashCode(id);
254    }
255    }
256  0 return new HashCodeBuilder(3, 17).append(getIssuer()).append(getSerialNumber()).toHashCode();
257    }
258    }