1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.crypto.signer.internal.cms

File BcCMSUtils.java

 

Coverage histogram

../../../../../../img/srcFileCovDistChart8.png
54% of files have more coverage

Code metrics

6
14
5
1
125
62
9
0.64
2.8
5
1.8

Classes

Class Line # Actions
BcCMSUtils 45 14 0% 9 5
0.880%
 

Contributing tests

This file is covered by 7 tests. .

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20   
21    package org.xwiki.crypto.signer.internal.cms;
22   
23    import java.security.GeneralSecurityException;
24    import java.util.Collection;
25   
26    import org.bouncycastle.cms.CMSException;
27    import org.bouncycastle.cms.CMSProcessableByteArray;
28    import org.bouncycastle.cms.CMSSignedData;
29    import org.bouncycastle.cms.DefaultCMSSignatureAlgorithmNameGenerator;
30    import org.bouncycastle.cms.SignerInformation;
31    import org.bouncycastle.cms.SignerInformationVerifier;
32    import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
33    import org.bouncycastle.operator.DigestCalculatorProvider;
34    import org.xwiki.crypto.DigestFactory;
35    import org.xwiki.crypto.pkix.CertificateFactory;
36    import org.xwiki.crypto.pkix.params.CertifiedPublicKey;
37    import org.xwiki.crypto.signer.internal.BcContentVerifierProviderBuilder;
38   
39    /**
40    * Utility class for Bouncy Castle CMS.
41    *
42    * @version $Id: f3a4431024463aa6ec85c2f6a315d7c4a040992f $
43    * @since 6.0M1
44    */
 
45    public final class BcCMSUtils
46    {
 
47  0 toggle private BcCMSUtils()
48    {
49    // Utility class
50    }
51   
52    /**
53    * Verify a CMS signature.
54    *
55    * @param signer the signer to verify.
56    * @param certKey the certified public key of the signer.
57    * @param contentVerifierProviderBuilder a builder of content provider.
58    * @param digestProvider a digest provider.
59    * @return true if the signature is verified and the certificate was valid at the time of signature.
60    * @throws CMSException if the verifier is unable to create appropriate ContentVerifiers or DigestCalculators.
61    */
 
62  9 toggle public static boolean verify(SignerInformation signer,
63    CertifiedPublicKey certKey, BcContentVerifierProviderBuilder contentVerifierProviderBuilder,
64    DigestFactory digestProvider) throws CMSException
65    {
66  9 if (certKey == null) {
67  0 throw new CMSException("No certified key for proceeding to signature validation.");
68    }
69   
70  9 return signer.verify(
71    new SignerInformationVerifier(
72    new DefaultCMSSignatureAlgorithmNameGenerator(),
73    new DefaultSignatureAlgorithmIdentifierFinder(),
74    contentVerifierProviderBuilder.build(certKey),
75    (DigestCalculatorProvider) digestProvider));
76    }
77   
78    /**
79    * Build a Bouncy Castle {@link CMSSignedData} from bytes.
80    *
81    * @param signature the signature.
82    * @param data the data signed.
83    * @return a CMS signed data.
84    * @throws GeneralSecurityException if the signature could not be decoded.
85    */
 
86  9 toggle public static CMSSignedData getSignedData(byte[] signature, byte[] data) throws GeneralSecurityException
87    {
88  9 CMSSignedData signedData;
89  9 try {
90  9 if (data != null) {
91  7 signedData = new CMSSignedData(new CMSProcessableByteArray(data), signature);
92    } else {
93  2 signedData = new CMSSignedData(signature);
94    }
95    } catch (CMSException e) {
96  0 throw new GeneralSecurityException("Unable to decode signature", e);
97    }
98  9 return signedData;
99    }
100   
101    /**
102    * Create a new {@link org.xwiki.crypto.signer.param.CMSSignedDataVerified} for the given signed data.
103    *
104    * The verified data is filled with the signed data content, content type, and certificates.
105    *
106    * @param signedData the signed data about to be verified.
107    * @param factory a certificate factory to be used for certificates conversion.
108    * @return a new verified signed data to be completed with the signature verifications.
109    */
 
110  9 toggle public static BcCMSSignedDataVerified getCMSSignedDataVerified(CMSSignedData signedData,
111    CertificateFactory factory)
112    {
113  9 BcCMSSignedDataVerified verifiedData = new BcCMSSignedDataVerified(signedData.getSignedContentTypeOID(),
114  9 (signedData.getSignedContent() != null ? (byte[]) signedData.getSignedContent().getContent() : null));
115   
116  9 BcStoreUtils.addCertificatesToVerifiedData(signedData.getCertificates(), verifiedData, factory);
117  9 return verifiedData;
118    }
119   
 
120  9 toggle @SuppressWarnings("unchecked")
121    static Collection<SignerInformation> getSigners(CMSSignedData signedData)
122    {
123  9 return signedData.getSignerInfos().getSigners();
124    }
125    }