issrg.test.ds.TestDS.testIssuing
| SimpleSignatureVerifier | Line # 44 | 10 | 6 | 66.7% |
0.6666667
|
| (1) | |||
| Result | |||
|
0.5714286
|
issrg.test.ds.TestDS.testIssuing
issrg.test.ds.TestDS.testIssuing
|
1 PASS | |
| 1 | /* | |
| 2 | * Copyright (c) 2000-2005, University of Salford | |
| 3 | * All rights reserved. | |
| 4 | * | |
| 5 | * Redistribution and use in source and binary forms, with or without | |
| 6 | * modification, are permitted provided that the following conditions are met: | |
| 7 | * | |
| 8 | * Redistributions of source code must retain the above copyright notice, this | |
| 9 | * list of conditions and the following disclaimer. | |
| 10 | * | |
| 11 | * Redistributions in binary form must reproduce the above copyright notice, | |
| 12 | * this list of conditions and the following disclaimer in the documentation | |
| 13 | * and/or other materials provided with the distribution. | |
| 14 | * | |
| 15 | * Neither the name of the University of Salford nor the names of its | |
| 16 | * contributors may be used to endorse or promote products derived from this | |
| 17 | * software without specific prior written permission. | |
| 18 | * | |
| 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | |
| 20 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
| 21 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
| 22 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE | |
| 23 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
| 24 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |
| 25 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
| 26 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |
| 27 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
| 28 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
| 29 | * POSSIBILITY OF SUCH DAMAGE. | |
| 30 | */ | |
| 31 | ||
| 32 | package issrg.pba.rbac; | |
| 33 | ||
| 34 | /** | |
| 35 | * This class takes an issrg.security.Verifier object and lets do simple | |
| 36 | * signature verification. Generally, it gets the signer's Public Key | |
| 37 | * Certificates and applies them in turn. If any of them succeeds, the | |
| 38 | * signature verification succeeds. | |
| 39 | * | |
| 40 | * @author A Otenko | |
| 41 | * @version 1.0 | |
| 42 | */ | |
| 43 | ||
| 44 | public class SimpleSignatureVerifier implements issrg.pba.rbac.SignatureVerifier { | |
| 45 | ||
| 46 | private issrg.security.Verifier sv = null; | |
| 47 | ||
| 48 | 0 |
 protected SimpleSignatureVerifier() { |
| 49 | } | |
| 50 | ||
| 51 | /** | |
| 52 | * This constructor builds a SimpleSignatureVerifier given a Verifier. | |
| 53 | */ | |
| 54 | 4 |
public SimpleSignatureVerifier(issrg.security.Verifier verifier){ |
| 55 | 4 | sv = verifier; |
| 56 | } | |
| 57 | ||
| 58 | /** | |
| 59 | * This method checks if there is any Public Key Certificate that can verify | |
| 60 | * the digital signature. | |
| 61 | * | |
| 62 | * @param data - the byte array that has been signed | |
| 63 | * @param signature - the byte array of the digital signature | |
| 64 | * @param algID - the signature algorithm identifier; normally it is a | |
| 65 | * standard algorithm identifier (e.g. an OID), but can be an | |
| 66 | * implementation-specific identifier, if the Verifier can understand it | |
| 67 | * @param signer - the TokenLocator pointing to the signer's entry with | |
| 68 | * Public Key Certificates | |
| 69 | */ | |
| 70 | 1009 |
public boolean checkSignature(byte [] data, byte [] signature, String algID, issrg.utils.repository.TokenLocator signer) throws issrg.pba.rbac.PkiException { |
| 71 | 1009 | try{ |
| 72 | 1009 | java.security.cert.X509Certificate[] certs = sv.getVerificationCertificates(signer); |
| 73 | ||
| 74 | //System.out.println("got "+certs.length+" signature validation PKCs"); //************* | |
| 75 | ||
| 76 | 1009 | if (certs!=null){ |
| 77 | 1009 | for (int i=0; i<certs.length; i++){ |
| 78 | //System.out.println("PKC["+i+"] sigAlgOID="+certs[i].getSigAlgOID()+"; actual signature alg OID="+algID); //************* | |
| 79 | //if (certs[i].getSigAlgOID().equals(algID)){ // looking for particular PKCs only (with the right algID) | |
| 80 | 1009 | if (signer.getEntry().getEntryName().equals(certs[i].getSubjectDN())){ // make sure the PKC belongs to the signer |
| 81 | 1009 | if (sv.verify(data, signature, algID, new java.security.cert.X509Certificate[]{certs[i]})){ // but there can be several PKCs with the same aldID; so try all of them, until the signature matches |
| 82 | //System.out.println("signature verified"); //************* | |
| 83 | 1009 | return true; |
| 84 | } | |
| 85 | //System.out.println("signature didn't verify"); //************* | |
| 86 | } | |
| 87 | } | |
| 88 | } | |
| 89 | ||
| 90 | 0 | return false; |
| 91 | }catch (Throwable th){ | |
| 92 | //System.out.println("Exception has been thrown: "+th.getMessage()); //************* | |
| 93 | //th.printStackTrace(); //************ | |
| 94 | 0 | throw new PkiException(th.getMessage(), th); |
| 95 | } | |
| 96 | } | |
| 97 | } | |
| 98 | ||
|
||||||||||
