List of usage examples for org.bouncycastle.mail.smime SMIMESignedParser SMIMESignedParser
public SMIMESignedParser(DigestCalculatorProvider digCalcProvider, Part message) throws MessagingException, CMSException, SMIMEException
From source file:com.zotoh.crypto.CryptoUte.java
License:Open Source License
/** * @param mp//from w w w .j av a 2 s. c om * @return * @throws IOException * @throws MessagingException * @throws GeneralSecurityException */ public static Object peekSmimeSignedContent(Multipart mp) throws IOException, MessagingException, GeneralSecurityException { tstArgIsType("mulitpart", mp, MimeMultipart.class); try { return new SMIMESignedParser((MimeMultipart) mp, getCharset(mp.getContentType(), "binary")).getContent() .getContent(); } catch (CMSException e) { throw new GeneralSecurityException(e); } }
From source file:eu.peppol.as2.SignedMimeMessage.java
License:EUPL
void parseSignedMessage() { SMIMESignedParser smimeSignedParser = null; try {/*from w w w . j a v a2 s . c om*/ // MimeMessageHelper.dumpMimePartToFile("/tmp/parseSignedMessage.txt", mimeMessage); smimeSignedParser = new SMIMESignedParser(new JcaDigestCalculatorProviderBuilder().build(), (MimeMultipart) mimeMessage.getContent()); } catch (MessagingException | CMSException | IOException | OperatorCreationException e) { throw new IllegalStateException("Unable to create SMIMESignedParser: " + e.getMessage(), e); } Store certs = null; try { certs = smimeSignedParser.getCertificates(); } catch (CMSException e) { throw new IllegalStateException("Unable to retrieve the certificates from signed message."); } // // SignerInfo blocks which contain the signatures // SignerInformationStore signerInfos = null; try { signerInfos = smimeSignedParser.getSignerInfos(); } catch (CMSException e) { throw new IllegalStateException("Unable to get the Signer information from message. " + e.getMessage(), e); } Collection signers = signerInfos.getSigners(); Iterator signersIterator = signers.iterator(); // // Only a single signer, get the first and only certificate // if (signersIterator.hasNext()) { // Retrieves information on first and only signer SignerInformation signer = (SignerInformation) signersIterator.next(); // Retrieves the collection of certificates for first and only signer Collection certCollection = certs.getMatches(signer.getSID()); // Retrieve the first certificate Iterator certIt = certCollection.iterator(); if (certIt.hasNext()) { try { signersX509Certificate = new JcaX509CertificateConverter() .setProvider(new BouncyCastleProvider()) .getCertificate((X509CertificateHolder) certIt.next()); } catch (CertificateException e) { throw new IllegalStateException("Unable to fetch certificate for signer. " + e.getMessage(), e); } } else { throw new IllegalStateException( "Signers certificate was not found, unable to verify the signature"); } // Verify that the signature is correct and that signersIterator was generated when the certificate was current try { if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(new BouncyCastleProvider()) .build(signersX509Certificate))) { throw new IllegalStateException("Verification of signer failed"); } } catch (CMSException e) { throw new IllegalStateException("Unable to verify the signer. " + e.getMessage(), e); } catch (OperatorCreationException e) { throw new IllegalStateException("Unable to verify the signer. " + e.getMessage(), e); } String issuerDN = signersX509Certificate.getIssuerDN().toString(); log.debug("Certificate issued by: " + issuerDN); } else { throw new IllegalStateException("There is no signer information available"); } }
From source file:eu.peppol.as2.SignedMimeMessageInspector.java
License:Open Source License
void parseSignedMessage() { SMIMESignedParser smimeSignedParser = null; try {//from w ww.j ava 2s. co m // MimeMessageHelper.dumpMimePartToFile("/tmp/parseSignedMessage.txt", mimeMessage); smimeSignedParser = new SMIMESignedParser(new BcDigestCalculatorProvider(), (MimeMultipart) mimeMessage.getContent()); } catch (MessagingException e) { throw new IllegalStateException("Unable to get content of message." + e.getMessage(), e); } catch (CMSException e) { throw new IllegalStateException("Unable to get content of message. " + e.getMessage(), e); } catch (IOException e) { throw new IllegalStateException("Unable to get content of message. " + e.getMessage(), e); } Store certs = null; try { certs = smimeSignedParser.getCertificates(); } catch (CMSException e) { throw new IllegalStateException("Unable to retrieve the certificates from signed message."); } // // SignerInfo blocks which contain the signatures // SignerInformationStore signerInfos = null; try { signerInfos = smimeSignedParser.getSignerInfos(); } catch (CMSException e) { throw new IllegalStateException("Unable to get the Signer information from message. " + e.getMessage(), e); } Collection signers = signerInfos.getSigners(); Iterator signersIterator = signers.iterator(); // // Only a single signer, get the first and only certificate // if (signersIterator.hasNext()) { // Retrieves information on first and only signer SignerInformation signer = (SignerInformation) signersIterator.next(); // Retrieves the collection of certificates for first and only signer Collection certCollection = certs.getMatches(signer.getSID()); // Retrieve the first certificate Iterator certIt = certCollection.iterator(); if (certIt.hasNext()) { try { signersX509Certificate = new JcaX509CertificateConverter().setProvider(provider) .getCertificate((X509CertificateHolder) certIt.next()); } catch (CertificateException e) { throw new IllegalStateException("Unable to fetch certificate for signer. " + e.getMessage(), e); } } else { throw new IllegalStateException( "Signers certificate was not found, unable to verify the signature"); } // Verify that the signature is correct and that signersIterator was generated when the certificate was current try { if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider) .build(signersX509Certificate))) { throw new IllegalStateException("Verification of signer failed"); } } catch (CMSException e) { throw new IllegalStateException("Unable to verify the signer. " + e.getMessage(), e); } catch (OperatorCreationException e) { throw new IllegalStateException("Unable to verify the signer. " + e.getMessage(), e); } // Verify that the certificate issuer is trusted String issuerDN = signersX509Certificate.getIssuerDN().toString(); log.debug("Verify the certificate issuer : " + issuerDN); //TODO validateCertificate(signersX509Certificate); } else { throw new IllegalStateException("There is no signer information available"); } }
From source file:mitm.common.security.cms.CMSSignedInspectorImplTest.java
License:Open Source License
@Test public void testClearSignedParser() throws Exception { MimeMessage signedMessage = loadMessage("clear-signed-validcertificate.eml"); MimeMultipart multipart = (MimeMultipart) signedMessage.getContent(); SMIMESignedParser signedDataParser = new SMIMESignedParser( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), multipart); CMSSignedDataAdapter signedDataAdapter = CMSAdapterFactory.createAdapter(signedDataParser); assertTrue(signedDataAdapter instanceof CMSSignedDataParserAdapterImpl); testClearSigned(signedDataAdapter);/*w ww. jav a2 s. c om*/ }
From source file:mitm.common.security.cms.CMSSignedInspectorImplTest.java
License:Open Source License
@Test(expected = SignerInfoException.class) public void testClearSignedIncorrectHashParser() throws Exception { MimeMessage signedMessage = loadMessage("clear-signed-hash-incorrect.eml"); MimeMultipart multipart = (MimeMultipart) signedMessage.getContent(); SMIMESignedParser signedData = new SMIMESignedParser( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), multipart); CMSSignedDataAdapter signedDataAdapter = CMSAdapterFactory.createAdapter(signedData); assertTrue(signedDataAdapter instanceof CMSSignedDataParserAdapterImpl); testClearSignedIncorrectHash(signedDataAdapter); }
From source file:mitm.common.security.cms.CMSSignedInspectorImplTest.java
License:Open Source License
@Test public void testClearSignedMultipleSignersParser() throws Exception { MimeMessage signedMessage = loadMessage("clear-signed-multiple-signers-validcertificate.eml"); MimeMultipart multipart = (MimeMultipart) signedMessage.getContent(); SMIMESignedParser signedData = new SMIMESignedParser( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), multipart); CMSSignedDataAdapter signedDataAdapter = CMSAdapterFactory.createAdapter(signedData); assertTrue(signedDataAdapter instanceof CMSSignedDataParserAdapterImpl); testClearSignedMultipleSigners(signedDataAdapter); }
From source file:mitm.common.security.cms.CMSSignedInspectorImplTest.java
License:Open Source License
@Test public void testOpaqueSignedParser() throws Exception { MimeMessage signedMessage = loadMessage("signed-opaque-validcertificate.eml"); SMIMESignedParser signedData = new SMIMESignedParser( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), signedMessage); CMSSignedDataAdapter signedDataAdapter = CMSAdapterFactory.createAdapter(signedData); assertTrue(signedDataAdapter instanceof CMSSignedDataParserAdapterImpl); testOpaqueSigned(signedDataAdapter); }
From source file:no.difi.oxalis.as2.util.SignedMimeMessage.java
License:EUPL
void parseSignedMessage() { SMIMESignedParser smimeSignedParser; try {/*from w ww. j a v a 2 s. c om*/ // MimeMessageHelper.dumpMimePartToFile("/tmp/parseSignedMessage.txt", mimeMessage); smimeSignedParser = new SMIMESignedParser(new JcaDigestCalculatorProviderBuilder().build(), (MimeMultipart) mimeMessage.getContent()); } catch (MessagingException | CMSException | IOException | OperatorCreationException e) { throw new IllegalStateException("Unable to create SMIMESignedParser: " + e.getMessage(), e); } Store certs; try { certs = smimeSignedParser.getCertificates(); } catch (CMSException e) { throw new IllegalStateException("Unable to retrieve the certificates from signed message."); } // // SignerInfo blocks which contain the signatures // SignerInformationStore signerInfos; try { signerInfos = smimeSignedParser.getSignerInfos(); } catch (CMSException e) { throw new IllegalStateException("Unable to get the Signer information from message. " + e.getMessage(), e); } Collection signers = signerInfos.getSigners(); Iterator signersIterator = signers.iterator(); // // Only a single signer, get the first and only certificate // if (signersIterator.hasNext()) { // Retrieves information on first and only signer SignerInformation signer = (SignerInformation) signersIterator.next(); // Retrieves the collection of certificates for first and only signer @SuppressWarnings("unchecked") Collection certCollection = certs.getMatches(signer.getSID()); // Retrieve the first certificate Iterator certIt = certCollection.iterator(); if (certIt.hasNext()) { try { signersX509Certificate = new JcaX509CertificateConverter() .setProvider(BouncyCastleProvider.PROVIDER_NAME) .getCertificate((X509CertificateHolder) certIt.next()); } catch (CertificateException e) { throw new IllegalStateException("Unable to fetch certificate for signer. " + e.getMessage(), e); } } else { throw new IllegalStateException( "Signers certificate was not found, unable to verify the signature"); } // Verify that the signature is correct and that signersIterator was generated when the certificate was current /* try { if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(signersX509Certificate))) { throw new IllegalStateException("Verification of signer failed"); } } catch (CMSException | OperatorCreationException e) { throw new IllegalStateException("Unable to verify the signer. " + e.getMessage(), e); } */ String issuerDN = signersX509Certificate.getIssuerDN().toString(); log.debug("Certificate issued by: " + issuerDN); } else { throw new IllegalStateException("There is no signer information available"); } }
From source file:org.apache.jmeter.assertions.SMIMEAssertion.java
License:Apache License
public static AssertionResult getResult(SMIMEAssertionTestElement testElement, SampleResult response, String name) {//from w w w . j a va2s . c om checkForBouncycastle(); AssertionResult res = new AssertionResult(name); try { MimeMessage msg = null; final int msgPos = testElement.getSpecificMessagePositionAsInt(); if (msgPos < 0) { // means counting from end SampleResult[] subResults = response.getSubResults(); final int pos = subResults.length + msgPos; if (log.isDebugEnabled()) { log.debug("Getting message number: " + pos + " of " + subResults.length); } msg = getMessageFromResponse(response, pos); } else { if (log.isDebugEnabled()) { log.debug("Getting message number: " + msgPos); } msg = getMessageFromResponse(response, msgPos); } SMIMESignedParser s = null; if (log.isDebugEnabled()) { log.debug("Content-type: " + msg.getContentType()); } if (msg.isMimeType("multipart/signed")) { // $NON-NLS-1$ MimeMultipart multipart = (MimeMultipart) msg.getContent(); s = new SMIMESignedParser(new BcDigestCalculatorProvider(), multipart); } else if (msg.isMimeType("application/pkcs7-mime") // $NON-NLS-1$ || msg.isMimeType("application/x-pkcs7-mime")) { // $NON-NLS-1$ s = new SMIMESignedParser(new BcDigestCalculatorProvider(), msg); } if (null != s) { log.debug("Found signature"); if (testElement.isNotSigned()) { res.setFailure(true); res.setFailureMessage("Mime message is signed"); } else if (testElement.isVerifySignature() || !testElement.isSignerNoCheck()) { res = verifySignature(testElement, s, name); } } else { log.debug("Did not find signature"); if (!testElement.isNotSigned()) { res.setFailure(true); res.setFailureMessage("Mime message is not signed"); } } } catch (MessagingException e) { String msg = "Cannot parse mime msg: " + e.getMessage(); log.warn(msg, e); res.setFailure(true); res.setFailureMessage(msg); } catch (CMSException e) { res.setFailure(true); res.setFailureMessage("Error reading the signature: " + e.getMessage()); } catch (SMIMEException e) { res.setFailure(true); res.setFailureMessage("Cannot extract signed body part from signature: " + e.getMessage()); } catch (IOException e) { // should never happen log.error("Cannot read mime message content: " + e.getMessage(), e); res.setError(true); res.setFailureMessage(e.getMessage()); } return res; }