1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
|
21 |
|
package org.xwiki.crypto.signer.internal.cms; |
22 |
|
|
23 |
|
import java.io.IOException; |
24 |
|
import java.security.GeneralSecurityException; |
25 |
|
import java.util.ArrayList; |
26 |
|
import java.util.Collection; |
27 |
|
import java.util.List; |
28 |
|
|
29 |
|
import javax.inject.Inject; |
30 |
|
import javax.inject.Singleton; |
31 |
|
|
32 |
|
import org.bouncycastle.cms.CMSException; |
33 |
|
import org.bouncycastle.cms.CMSProcessableByteArray; |
34 |
|
import org.bouncycastle.cms.CMSSignedDataGenerator; |
35 |
|
import org.bouncycastle.cms.SignerInfoGeneratorBuilder; |
36 |
|
import org.bouncycastle.cms.SignerInformation; |
37 |
|
import org.bouncycastle.cms.SignerInformationStore; |
38 |
|
import org.bouncycastle.operator.DigestCalculatorProvider; |
39 |
|
import org.bouncycastle.operator.OperatorCreationException; |
40 |
|
import org.xwiki.component.annotation.Component; |
41 |
|
import org.xwiki.component.phase.Initializable; |
42 |
|
import org.xwiki.component.phase.InitializationException; |
43 |
|
import org.xwiki.crypto.DigestFactory; |
44 |
|
import org.xwiki.crypto.pkix.CertifyingSigner; |
45 |
|
import org.xwiki.crypto.pkix.internal.BcUtils; |
46 |
|
import org.xwiki.crypto.pkix.params.CertifiedPublicKey; |
47 |
|
import org.xwiki.crypto.signer.param.CMSSignedDataGeneratorParameters; |
48 |
|
import org.xwiki.crypto.signer.param.CMSSignerInfo; |
49 |
|
|
50 |
|
|
51 |
|
@link |
52 |
|
|
53 |
|
@version |
54 |
|
@since |
55 |
|
|
56 |
|
@Component |
57 |
|
@Singleton |
|
|
| 74.3% |
Uncovered Elements: 9 (35) |
Complexity: 10 |
Complexity Density: 0.42 |
|
58 |
|
public class DefaultCMSSignedDataGenerator implements org.xwiki.crypto.signer.CMSSignedDataGenerator, Initializable |
59 |
|
{ |
60 |
|
@Inject |
61 |
|
private DigestFactory digestProvider; |
62 |
|
|
|
|
| 50% |
Uncovered Elements: 2 (4) |
Complexity: 2 |
Complexity Density: 1 |
|
63 |
7 |
@Override... |
64 |
|
public void initialize() throws InitializationException |
65 |
|
{ |
66 |
7 |
if (!(this.digestProvider instanceof DigestCalculatorProvider)) { |
67 |
0 |
throw new InitializationException("Incompatible DigestFactory for this signed data generator."); |
68 |
|
} |
69 |
|
} |
70 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
71 |
7 |
@Override... |
72 |
|
public byte[] generate(byte[] data, CMSSignedDataGeneratorParameters parameters) throws GeneralSecurityException |
73 |
|
{ |
74 |
7 |
return generate(data, parameters, false); |
75 |
|
} |
76 |
|
|
|
|
| 74.1% |
Uncovered Elements: 7 (27) |
Complexity: 7 |
Complexity Density: 0.33 |
|
77 |
9 |
@Override... |
78 |
|
public byte[] generate(byte[] data, CMSSignedDataGeneratorParameters parameters, boolean embedData) |
79 |
|
throws GeneralSecurityException |
80 |
|
{ |
81 |
9 |
CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); |
82 |
|
|
83 |
9 |
Collection<CMSSignerInfo> signersInfo = parameters.getSignatures(); |
84 |
9 |
if (!signersInfo.isEmpty()) { |
85 |
|
|
86 |
2 |
List<SignerInformation> signers = new ArrayList<SignerInformation>(parameters.getSignatures().size()); |
87 |
2 |
for (CMSSignerInfo signerInfo : parameters.getSignatures()) { |
88 |
2 |
if (!(signerInfo instanceof BcCMSSignerInfo)) { |
89 |
0 |
throw new GeneralSecurityException("Incompatible pre-calculated signature for this signed data " |
90 |
|
+ "generator"); |
91 |
|
} |
92 |
2 |
signers.add(((BcCMSSignerInfo) signerInfo).getSignerInfo()); |
93 |
|
} |
94 |
2 |
generator.addSigners(new SignerInformationStore(signers)); |
95 |
|
} |
96 |
|
|
97 |
9 |
try { |
98 |
|
|
99 |
9 |
Collection<CertifyingSigner> signers = parameters.getSigners(); |
100 |
9 |
for (CertifyingSigner signer : signers) { |
101 |
7 |
if (signer.getAlgorithmIdentifier() == null) { |
102 |
0 |
throw new GeneralSecurityException("Incompatible signer for this signed data generator for subject " |
103 |
|
+ signer.getCertifier().getSubject().getName()); |
104 |
|
} |
105 |
|
|
106 |
7 |
generator.addSignerInfoGenerator( |
107 |
|
new SignerInfoGeneratorBuilder((DigestCalculatorProvider) this.digestProvider) |
108 |
|
.build(signer, BcUtils.getX509CertificateHolder(signer.getCertifier())) |
109 |
|
); |
110 |
|
} |
111 |
|
|
112 |
|
|
113 |
9 |
for (CertifiedPublicKey certifiedPublicKey : parameters.getCertificates()) { |
114 |
10 |
generator.addCertificate(BcUtils.getX509CertificateHolder(certifiedPublicKey)); |
115 |
|
} |
116 |
|
|
117 |
9 |
return generator.generate(new CMSProcessableByteArray(data), embedData).getEncoded(); |
118 |
|
} catch (CMSException e) { |
119 |
0 |
throw new GeneralSecurityException("Unable to generate CMS signature", e); |
120 |
|
} catch (OperatorCreationException e) { |
121 |
0 |
throw new GeneralSecurityException("Unable to prepare signers", e); |
122 |
|
} catch (IOException e) { |
123 |
0 |
throw new GeneralSecurityException("Unable to encode signed data", e); |
124 |
|
} |
125 |
|
} |
126 |
|
} |