List of usage examples for org.bouncycastle.mail.smime SMIMESigned SMIMESigned
public SMIMESigned(MimeMultipart message, String defaultContentTransferEncoding) throws MessagingException, CMSException
From source file:de.mendelson.util.security.BCCryptoHelper.java
/** * Verifies a signature against the passed certificate * * @param contentTransferEncoding one of 7bit quoted-printable base64 8bit * binary//from ww w . jav a2 s. c o m */ public MimeBodyPart verify(Part part, String contentTransferEncoding, Certificate cert) throws Exception { if (part == null) { throw new GeneralSecurityException("Signature verification failed: Mime part is absent"); } if (part.isMimeType("multipart/signed")) { MimeMultipart signedMultiPart = (MimeMultipart) part.getContent(); //possible encoding: 7bit quoted-printable base64 8bit binary SMIMESigned signed = null; if (contentTransferEncoding == null) { //the default encoding in BC is 7bit but the default content transfer encoding in AS2 is binary. signed = new SMIMESigned(signedMultiPart, "binary"); } else { signed = new SMIMESigned(signedMultiPart, contentTransferEncoding); } X509Certificate x509Cert = this.castCertificate(cert); X509CertificateHolder certHolder = new X509CertificateHolder(cert.getEncoded()); SignerInformationVerifier verifier = new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC") .build(certHolder); SignerInformationStore signerStore = signed.getSignerInfos(); Iterator<SignerInformation> iterator = signerStore.getSigners().iterator(); while (iterator.hasNext()) { SignerInformation signerInfo = iterator.next(); if (!signerInfo.verify(verifier)) { StringBuilder signatureCertInfo = new StringBuilder(); //try to gain more information about the problem if (signerInfo.getSID() != null) { if (signerInfo.getSID().getSerialNumber() != null) { signatureCertInfo.append("Serial number (DEC): "); signatureCertInfo.append(signerInfo.getSID().getSerialNumber()); } if (signerInfo.getSID().getIssuer() != null) { if (signatureCertInfo.length() > 0) { signatureCertInfo.append("\n"); } signatureCertInfo.append("Issuer: "); signatureCertInfo.append(signerInfo.getSID().getIssuer().toString()); } } if (signatureCertInfo.length() > 0) { signatureCertInfo.insert(0, "Signature certificate information:\n"); } StringBuilder checkCertInfo = new StringBuilder(); KeystoreCertificate certificate = new KeystoreCertificate(); certificate.setCertificate(x509Cert); checkCertInfo.append("Verification certificate information:\n"); checkCertInfo.append("Serial number (DEC): "); checkCertInfo.append(certificate.getSerialNumberDEC()); checkCertInfo.append("\n"); checkCertInfo.append("Serial number (HEX): "); checkCertInfo.append(certificate.getSerialNumberHEX()); checkCertInfo.append("\n"); checkCertInfo.append("Finger print (SHA-1): "); checkCertInfo.append(certificate.getFingerPrintSHA1()); checkCertInfo.append("\n"); checkCertInfo.append("Valid from: "); checkCertInfo.append( DateFormat.getDateInstance(DateFormat.SHORT).format(certificate.getNotBefore())); checkCertInfo.append("\n"); checkCertInfo.append("Valid to: "); checkCertInfo .append(DateFormat.getDateInstance(DateFormat.SHORT).format(certificate.getNotAfter())); checkCertInfo.append("\n"); checkCertInfo.append("Issuer: "); checkCertInfo.append(x509Cert.getIssuerX500Principal().toString()); StringBuilder message = new StringBuilder("Verification failed"); message.append("\n\n"); message.append(signatureCertInfo); message.append("\n\n"); message.append(checkCertInfo); throw new SignatureException(message.toString()); } } return signed.getContent(); } else { throw new GeneralSecurityException("Content-Type indicates data isn't signed"); } }