Clover Coverage Report
Coverage timestamp: Sun Mar 23 2008 08:24:39 GMT
10   98   6   3.33
8   26   0.8   3
3     2.67  
1    
 
 
  SimpleSignatureVerifier       Line # 44 10 6 66.7% 0.6666667
 
  (1)
 
1    /*
2    * Copyright (c) 2000-2005, University of Salford
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions are met:
7    *
8    * Redistributions of source code must retain the above copyright notice, this
9    * list of conditions and the following disclaimer.
10    *
11    * Redistributions in binary form must reproduce the above copyright notice,
12    * this list of conditions and the following disclaimer in the documentation
13    * and/or other materials provided with the distribution.
14    *
15    * Neither the name of the University of Salford nor the names of its
16    * contributors may be used to endorse or promote products derived from this
17    * software without specific prior written permission.
18    *
19    * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
20    * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21    * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22    * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
23    * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24    * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25    * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26    * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27    * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28    * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29    * POSSIBILITY OF SUCH DAMAGE.
30    */
31   
32    package issrg.pba.rbac;
33   
34    /**
35    * This class takes an issrg.security.Verifier object and lets do simple
36    * signature verification. Generally, it gets the signer's Public Key
37    * Certificates and applies them in turn. If any of them succeeds, the
38    * signature verification succeeds.
39    *
40    * @author A Otenko
41    * @version 1.0
42    */
43   
 
44    public class SimpleSignatureVerifier implements issrg.pba.rbac.SignatureVerifier {
45   
46    private issrg.security.Verifier sv = null;
47   
 
48  0 toggle protected SimpleSignatureVerifier() {
49    }
50   
51    /**
52    * This constructor builds a SimpleSignatureVerifier given a Verifier.
53    */
 
54  4 toggle public SimpleSignatureVerifier(issrg.security.Verifier verifier){
55  4 sv = verifier;
56    }
57   
58    /**
59    * This method checks if there is any Public Key Certificate that can verify
60    * the digital signature.
61    *
62    * @param data - the byte array that has been signed
63    * @param signature - the byte array of the digital signature
64    * @param algID - the signature algorithm identifier; normally it is a
65    * standard algorithm identifier (e.g. an OID), but can be an
66    * implementation-specific identifier, if the Verifier can understand it
67    * @param signer - the TokenLocator pointing to the signer's entry with
68    * Public Key Certificates
69    */
 
70  1009 toggle public boolean checkSignature(byte [] data, byte [] signature, String algID, issrg.utils.repository.TokenLocator signer) throws issrg.pba.rbac.PkiException {
71  1009 try{
72  1009 java.security.cert.X509Certificate[] certs = sv.getVerificationCertificates(signer);
73   
74    //System.out.println("got "+certs.length+" signature validation PKCs"); //*************
75   
76  1009 if (certs!=null){
77  1009 for (int i=0; i<certs.length; i++){
78    //System.out.println("PKC["+i+"] sigAlgOID="+certs[i].getSigAlgOID()+"; actual signature alg OID="+algID); //*************
79    //if (certs[i].getSigAlgOID().equals(algID)){ // looking for particular PKCs only (with the right algID)
80  1009 if (signer.getEntry().getEntryName().equals(certs[i].getSubjectDN())){ // make sure the PKC belongs to the signer
81  1009 if (sv.verify(data, signature, algID, new java.security.cert.X509Certificate[]{certs[i]})){ // but there can be several PKCs with the same aldID; so try all of them, until the signature matches
82    //System.out.println("signature verified"); //*************
83  1009 return true;
84    }
85    //System.out.println("signature didn't verify"); //*************
86    }
87    }
88    }
89   
90  0 return false;
91    }catch (Throwable th){
92    //System.out.println("Exception has been thrown: "+th.getMessage()); //*************
93    //th.printStackTrace(); //************
94  0 throw new PkiException(th.getMessage(), th);
95    }
96    }
97    }
98