1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.crypto.signer.internal.cms

File DefaultCMSSignedDataVerifier.java

 

Coverage histogram

../../../../../../img/srcFileCovDistChart9.png
38% of files have more coverage

Code metrics

2
17
8
1
147
100
10
0.59
2.12
8
1.25

Classes

Class Line # Actions
DefaultCMSSignedDataVerifier 55 17 0% 10 5
0.814814881.5%
 

Contributing tests

This file is covered by 7 tests. .

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20   
21    package org.xwiki.crypto.signer.internal.cms;
22   
23    import java.security.GeneralSecurityException;
24    import java.util.Collection;
25   
26    import javax.inject.Inject;
27    import javax.inject.Named;
28    import javax.inject.Singleton;
29   
30    import org.bouncycastle.cms.CMSException;
31    import org.bouncycastle.cms.CMSSignedData;
32    import org.bouncycastle.cms.SignerInformation;
33    import org.bouncycastle.operator.DigestCalculatorProvider;
34    import org.xwiki.component.annotation.Component;
35    import org.xwiki.component.manager.ComponentManager;
36    import org.xwiki.component.phase.Initializable;
37    import org.xwiki.component.phase.InitializationException;
38    import org.xwiki.crypto.DigestFactory;
39    import org.xwiki.crypto.pkix.CertificateChainBuilder;
40    import org.xwiki.crypto.pkix.CertificateFactory;
41    import org.xwiki.crypto.pkix.CertificateProvider;
42    import org.xwiki.crypto.pkix.params.CertifiedPublicKey;
43    import org.xwiki.crypto.signer.CMSSignedDataVerifier;
44    import org.xwiki.crypto.signer.internal.BcContentVerifierProviderBuilder;
45    import org.xwiki.crypto.signer.param.CMSSignedDataVerified;
46   
47    /**
48    * Default implementation of {@link CMSSignedDataVerifier} based on Bouncy Castle.
49    *
50    * @version $Id: b45c4b63eaa1487cd1610e3ca20d308e982100a1 $
51    * @since 6.0M1
52    */
53    @Component
54    @Singleton
 
55    public class DefaultCMSSignedDataVerifier implements CMSSignedDataVerifier, Initializable
56    {
57    @Inject
58    private DigestFactory digestProvider;
59   
60    @Inject
61    private BcContentVerifierProviderBuilder contentVerifierProviderBuilder;
62   
63    @Inject
64    @Named("X509")
65    private CertificateFactory certFactory;
66   
67    @Inject
68    @Named("X509")
69    private CertificateChainBuilder chainBuilder;
70   
71    @Inject
72    private ComponentManager manager;
73   
 
74  7 toggle @Override
75    public void initialize() throws InitializationException
76    {
77  7 if (!(this.digestProvider instanceof DigestCalculatorProvider)) {
78  0 throw new InitializationException("Incompatible DigestFactory for this signed data verifier.");
79    }
80    }
81   
 
82  1 toggle @Override
83    public CMSSignedDataVerified verify(byte[] signature) throws GeneralSecurityException
84    {
85  1 return verify(signature, null, (CertificateProvider) null);
86    }
87   
 
88  1 toggle @Override
89    public CMSSignedDataVerified verify(byte[] signature, Collection<CertifiedPublicKey> certificates)
90    throws GeneralSecurityException
91    {
92  1 return verify(signature, null, certificates);
93    }
94   
 
95  0 toggle @Override
96    public CMSSignedDataVerified verify(byte[] signature, CertificateProvider certificateProvider)
97    throws GeneralSecurityException
98    {
99  0 return verify(signature, null, certificateProvider);
100    }
101   
 
102  2 toggle @Override
103    public CMSSignedDataVerified verify(byte[] signature, byte[] data) throws GeneralSecurityException
104    {
105  2 return verify(signature, data, (CertificateProvider) null);
106    }
107   
 
108  6 toggle @Override
109    public CMSSignedDataVerified verify(byte[] signature, byte[] data,
110    Collection<CertifiedPublicKey> certificates) throws GeneralSecurityException
111    {
112  6 return verify(signature, data, BcStoreUtils.getCertificateProvider(this.manager, certificates));
113    }
114   
 
115  9 toggle @Override
116    public CMSSignedDataVerified verify(byte[] signature, byte[] data, CertificateProvider certificateProvider)
117    throws GeneralSecurityException
118    {
119  9 CMSSignedData signedData = BcCMSUtils.getSignedData(signature, data);
120   
121  9 CertificateProvider provider = BcStoreUtils.getCertificateProvider(this.manager, signedData.getCertificates(),
122    certificateProvider);
123   
124  9 return verify(signedData, provider);
125    }
126   
 
127  9 toggle private CMSSignedDataVerified verify(CMSSignedData signedData, CertificateProvider provider)
128    {
129  9 BcCMSSignedDataVerified verifiedData = BcCMSUtils.getCMSSignedDataVerified(signedData, this.certFactory);
130   
131  9 for (SignerInformation signer : BcCMSUtils.getSigners(signedData)) {
132  9 CertifiedPublicKey certKey = BcStoreUtils.getCertificate(provider, signer, this.certFactory);
133   
134  9 try {
135  9 verifiedData.addSignature(
136    new BcCMSSignerVerifiedInformation(signer,
137    BcCMSUtils.verify(signer, certKey, this.contentVerifierProviderBuilder, this.digestProvider),
138    this.chainBuilder.build(certKey, provider)));
139    } catch (CMSException e) {
140  0 verifiedData.addSignature(
141    new BcCMSSignerVerifiedInformation(signer, false, this.chainBuilder.build(certKey, provider)));
142    }
143    }
144   
145  9 return verifiedData;
146    }
147    }