1e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrompackage org.bouncycastle.operator.jcajce; 2e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 3e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.IOException; 4e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.OutputStream; 5e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.GeneralSecurityException; 6e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.Provider; 7e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.PublicKey; 8e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.Signature; 9e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.SignatureException; 10e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CertificateEncodingException; 11e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CertificateException; 12e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.X509Certificate; 13e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 14e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.AlgorithmIdentifier; 155db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Rootimport org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 16e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.X509CertificateHolder; 17e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; 18e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.jcajce.DefaultJcaJceHelper; 19e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.jcajce.NamedJcaJceHelper; 20e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.jcajce.ProviderJcaJceHelper; 21e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.ContentVerifier; 22e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.ContentVerifierProvider; 23e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.OperatorCreationException; 24e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.OperatorStreamException; 25e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.RawContentVerifier; 26e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.RuntimeOperatorException; 27e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 28e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrompublic class JcaContentVerifierProviderBuilder 29e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom{ 30e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper()); 31e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 32e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public JcaContentVerifierProviderBuilder() 33e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 34e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 35e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 36e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public JcaContentVerifierProviderBuilder setProvider(Provider provider) 37e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 38e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider)); 39e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 40e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return this; 41e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 42e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 43e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public JcaContentVerifierProviderBuilder setProvider(String providerName) 44e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 45e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.helper = new OperatorHelper(new NamedJcaJceHelper(providerName)); 46e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 47e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return this; 48e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 49e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 50e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifierProvider build(X509CertificateHolder certHolder) 51e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException, CertificateException 52e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 53e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return build(helper.convertCertificate(certHolder)); 54e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 55e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 56e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifierProvider build(final X509Certificate certificate) 57e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 58e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 59e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom final X509CertificateHolder certHolder; 60e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 61e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 62e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 63e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certHolder = new JcaX509CertificateHolder(certificate); 64e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 65e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (CertificateEncodingException e) 66e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 67e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorCreationException("cannot process certificate: " + e.getMessage(), e); 68e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 69e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 70e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new ContentVerifierProvider() 71e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 72e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private SignatureOutputStream stream; 73e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 74e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public boolean hasAssociatedCertificate() 75e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 76e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return true; 77e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 78e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 79e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509CertificateHolder getAssociatedCertificate() 80e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 81e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return certHolder; 82e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 83e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 84e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifier get(AlgorithmIdentifier algorithm) 85e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 86e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 87e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 88e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 89e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature sig = helper.createSignature(algorithm); 90e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 91e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.initVerify(certificate.getPublicKey()); 92e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 93e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom stream = new SignatureOutputStream(sig); 94e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 95e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (GeneralSecurityException e) 96e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 97e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorCreationException("exception on setup: " + e, e); 98e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 99e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 100e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature rawSig = createRawSig(algorithm, certificate.getPublicKey()); 101e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 102e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (rawSig != null) 103e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 104e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new RawSigVerifier(algorithm, stream, rawSig); 105e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 106e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom else 107e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 108e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new SigVerifier(algorithm, stream); 109e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 110e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 111e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom }; 112e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 113e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 114e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifierProvider build(final PublicKey publicKey) 115e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 116e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 117e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new ContentVerifierProvider() 118e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 119e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public boolean hasAssociatedCertificate() 120e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 121e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return false; 122e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 123e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 124e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509CertificateHolder getAssociatedCertificate() 125e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 126e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return null; 127e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 128e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 129e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentVerifier get(AlgorithmIdentifier algorithm) 130e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 131e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 132e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignatureOutputStream stream = createSignatureStream(algorithm, publicKey); 133e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 134e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature rawSig = createRawSig(algorithm, publicKey); 135e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 136e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (rawSig != null) 137e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 138e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new RawSigVerifier(algorithm, stream, rawSig); 139e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 140e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom else 141e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 142e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new SigVerifier(algorithm, stream); 143e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 144e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 145e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom }; 146e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 147e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 1485db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root public ContentVerifierProvider build(SubjectPublicKeyInfo publicKey) 1495db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root throws OperatorCreationException 1505db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root { 1515db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root return this.build(helper.convertPublicKey(publicKey)); 1525db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root } 1535db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root 154e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private SignatureOutputStream createSignatureStream(AlgorithmIdentifier algorithm, PublicKey publicKey) 155e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws OperatorCreationException 156e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 157e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 158e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 159e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature sig = helper.createSignature(algorithm); 160e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 161e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.initVerify(publicKey); 162e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 163e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new SignatureOutputStream(sig); 164e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 165e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (GeneralSecurityException e) 166e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 167e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorCreationException("exception on setup: " + e, e); 168e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 169e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 170e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 171e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private Signature createRawSig(AlgorithmIdentifier algorithm, PublicKey publicKey) 172e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 173e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Signature rawSig; 174e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 175e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 176e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom rawSig = helper.createRawSignature(algorithm); 177e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 178e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (rawSig != null) 179e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 180e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom rawSig.initVerify(publicKey); 181e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 182e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 183e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (Exception e) 184e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 185e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom rawSig = null; 186e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 187e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return rawSig; 188e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 189e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 190e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private class SigVerifier 191e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom implements ContentVerifier 192e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 193e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private SignatureOutputStream stream; 194e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private AlgorithmIdentifier algorithm; 195e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 196e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SigVerifier(AlgorithmIdentifier algorithm, SignatureOutputStream stream) 197e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 198e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.algorithm = algorithm; 199e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.stream = stream; 200e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 201e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 202e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public AlgorithmIdentifier getAlgorithmIdentifier() 203e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 204e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return algorithm; 205e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 206e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 207e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public OutputStream getOutputStream() 208e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 209e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (stream == null) 210e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 211e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new IllegalStateException("verifier not initialised"); 212e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 213e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 214e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return stream; 215e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 216e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 217e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public boolean verify(byte[] expected) 218e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 219e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 220e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 221e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return stream.verify(expected); 222e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 223e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 224e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 225e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new RuntimeOperatorException("exception obtaining signature: " + e.getMessage(), e); 226e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 227e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 228e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 229e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 230e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private class RawSigVerifier 231e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom extends SigVerifier 232e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom implements RawContentVerifier 233e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 234e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private Signature rawSignature; 235e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 236e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom RawSigVerifier(AlgorithmIdentifier algorithm, SignatureOutputStream stream, Signature rawSignature) 237e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 238e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom super(algorithm, stream); 239e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.rawSignature = rawSignature; 240e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 241e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 242e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public boolean verify(byte[] digest, byte[] expected) 243e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 244e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 245e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 246e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom rawSignature.update(digest); 247e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 248e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return rawSignature.verify(expected); 249e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 250e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 251e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 252e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new RuntimeOperatorException("exception obtaining raw signature: " + e.getMessage(), e); 253e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 254e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 255e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 256e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 257e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private class SignatureOutputStream 258e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom extends OutputStream 259e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 260e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private Signature sig; 261e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 262e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignatureOutputStream(Signature sig) 263e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 264e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.sig = sig; 265e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 266e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 267e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public void write(byte[] bytes, int off, int len) 268e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 269e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 270e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 271e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 272e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.update(bytes, off, len); 273e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 274e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 275e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 276e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e); 277e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 278e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 279e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 280e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public void write(byte[] bytes) 281e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 282e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 283e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 284e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 285e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.update(bytes); 286e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 287e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 288e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 289e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e); 290e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 291e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 292e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 293e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public void write(int b) 294e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 295e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 296e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 297e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 298e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sig.update((byte)b); 299e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 300e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (SignatureException e) 301e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 302e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e); 303e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 304e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 305e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 306e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom boolean verify(byte[] expected) 307e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws SignatureException 308e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 309e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return sig.verify(expected); 310e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 311e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 312e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom}