1e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrompackage org.bouncycastle.operator.jcajce; 2e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 3e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.IOException; 4e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.OutputStream; 5e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.GeneralSecurityException; 6e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.Provider; 7e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.PublicKey; 8e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.Signature; 9e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.SignatureException; 10e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CertificateEncodingException; 11e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CertificateException; 12e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.X509Certificate; 13e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 14e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.AlgorithmIdentifier; 15e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.X509CertificateHolder; 16e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; 17e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.jcajce.DefaultJcaJceHelper; 18e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.jcajce.NamedJcaJceHelper; 19e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.jcajce.ProviderJcaJceHelper; 20e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.ContentVerifier; 21e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.ContentVerifierProvider; 22e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.OperatorCreationException; 23e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.OperatorStreamException; 24e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.RawContentVerifier; 25e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.RuntimeOperatorException; 26e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 27e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrompublic class JcaContentVerifierProviderBuilder 28e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom{ 29e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper()); 30e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 31e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public JcaContentVerifierProviderBuilder() 32e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 33e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 34e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 35e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public JcaContentVerifierProviderBuilder setProvider(Provider provider) 36e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 37e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider)); 38e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 39e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return this; 40e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 41e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 42e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public JcaContentVerifierProviderBuilder setProvider(String providerName) 43e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 44e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.helper = new OperatorHelper(new NamedJcaJceHelper(providerName)); 45e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 46e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return this; 47e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 48e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 49e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifierProvider build(X509CertificateHolder certHolder) 50e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException, CertificateException 51e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 52e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return build(helper.convertCertificate(certHolder)); 53e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 54e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 55e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifierProvider build(final X509Certificate certificate) 56e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 57e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 58e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom final X509CertificateHolder certHolder; 59e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 60e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 61e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 62e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certHolder = new JcaX509CertificateHolder(certificate); 63e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 64e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (CertificateEncodingException e) 65e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 66e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorCreationException("cannot process certificate: " + e.getMessage(), e); 67e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 68e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 69e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new ContentVerifierProvider() 70e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 71e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private SignatureOutputStream stream; 72e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 73e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public boolean hasAssociatedCertificate() 74e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 75e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return true; 76e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 77e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 78e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509CertificateHolder getAssociatedCertificate() 79e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 80e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return certHolder; 81e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 82e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 83e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifier get(AlgorithmIdentifier algorithm) 84e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 85e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 86e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 87e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 88e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature sig = helper.createSignature(algorithm); 89e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 90e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.initVerify(certificate.getPublicKey()); 91e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 92e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom stream = new SignatureOutputStream(sig); 93e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 94e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (GeneralSecurityException e) 95e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 96e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorCreationException("exception on setup: " + e, e); 97e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 98e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 99e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature rawSig = createRawSig(algorithm, certificate.getPublicKey()); 100e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 101e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (rawSig != null) 102e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 103e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new RawSigVerifier(algorithm, stream, rawSig); 104e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 105e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom else 106e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 107e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new SigVerifier(algorithm, stream); 108e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 109e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 110e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom }; 111e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 112e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 113e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifierProvider build(final PublicKey publicKey) 114e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 115e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 116e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new ContentVerifierProvider() 117e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 118e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public boolean hasAssociatedCertificate() 119e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 120e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return false; 121e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 122e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 123e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509CertificateHolder getAssociatedCertificate() 124e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 125e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return null; 126e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 127e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 128e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifier get(AlgorithmIdentifier algorithm) 129e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 130e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 131e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignatureOutputStream stream = createSignatureStream(algorithm, publicKey); 132e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 133e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature rawSig = createRawSig(algorithm, publicKey); 134e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 135e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (rawSig != null) 136e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 137e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new RawSigVerifier(algorithm, stream, rawSig); 138e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 139e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom else 140e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 141e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new SigVerifier(algorithm, stream); 142e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 143e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 144e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom }; 145e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 146e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 147e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private SignatureOutputStream createSignatureStream(AlgorithmIdentifier algorithm, PublicKey publicKey) 148e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 149e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 150e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 151e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 152e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature sig = helper.createSignature(algorithm); 153e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 154e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.initVerify(publicKey); 155e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 156e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new SignatureOutputStream(sig); 157e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 158e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (GeneralSecurityException e) 159e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 160e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorCreationException("exception on setup: " + e, e); 161e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 162e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 163e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 164e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private Signature createRawSig(AlgorithmIdentifier algorithm, PublicKey publicKey) 165e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 166e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature rawSig; 167e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 168e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 169e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom rawSig = helper.createRawSignature(algorithm); 170e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 171e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (rawSig != null) 172e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 173e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom rawSig.initVerify(publicKey); 174e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 175e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 176e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (Exception e) 177e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 178e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom rawSig = null; 179e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 180e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return rawSig; 181e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 182e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 183e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private class SigVerifier 184e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom implements ContentVerifier 185e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 186e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private SignatureOutputStream stream; 187e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private AlgorithmIdentifier algorithm; 188e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 189e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SigVerifier(AlgorithmIdentifier algorithm, SignatureOutputStream stream) 190e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 191e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.algorithm = algorithm; 192e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.stream = stream; 193e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 194e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 195e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public AlgorithmIdentifier getAlgorithmIdentifier() 196e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 197e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return algorithm; 198e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 199e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 200e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public OutputStream getOutputStream() 201e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 202e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (stream == null) 203e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 204e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new IllegalStateException("verifier not initialised"); 205e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 206e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 207e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return stream; 208e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 209e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 210e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public boolean verify(byte[] expected) 211e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 212e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 213e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 214e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return stream.verify(expected); 215e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 216e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 217e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 218e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new RuntimeOperatorException("exception obtaining signature: " + e.getMessage(), e); 219e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 220e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 221e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 222e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 223e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private class RawSigVerifier 224e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom extends SigVerifier 225e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom implements RawContentVerifier 226e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 227e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private Signature rawSignature; 228e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 229e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom RawSigVerifier(AlgorithmIdentifier algorithm, SignatureOutputStream stream, Signature rawSignature) 230e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 231e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom super(algorithm, stream); 232e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.rawSignature = rawSignature; 233e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 234e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 235e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public boolean verify(byte[] digest, byte[] expected) 236e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 237e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 238e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 239e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom rawSignature.update(digest); 240e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 241e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return rawSignature.verify(expected); 242e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 243e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 244e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 245e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new RuntimeOperatorException("exception obtaining raw signature: " + e.getMessage(), e); 246e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 247e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 248e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 249e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 250e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private class SignatureOutputStream 251e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom extends OutputStream 252e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 253e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private Signature sig; 254e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 255e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignatureOutputStream(Signature sig) 256e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 257e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.sig = sig; 258e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 259e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 260e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public void write(byte[] bytes, int off, int len) 261e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 262e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 263e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 264e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 265e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.update(bytes, off, len); 266e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 267e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 268e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 269e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e); 270e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 271e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 272e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 273e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public void write(byte[] bytes) 274e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 275e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 276e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 277e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 278e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.update(bytes); 279e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 280e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 281e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 282e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e); 283e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 284e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 285e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 286e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public void write(int b) 287e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 288e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 289e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 290e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 291e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.update((byte)b); 292e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 293e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 294e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 295e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e); 296e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 297e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 298e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 299e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom boolean verify(byte[] expected) 300e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws SignatureException 301e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 302e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return sig.verify(expected); 303e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 304e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 305e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom}