components/camel-as2/camel-as2-api/src/main/java/org/apache/camel/component/as2/api/entity/MultipartSignedEntity.java - camel - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.camel.component.as2.api.entity;

 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.InputStream;
 import java.security.cert.X509Certificate;
 import java.util.Collection;

 import org.apache.camel.component.as2.api.AS2SignedDataGenerator;
 import org.apache.http.HttpException;
 import org.bouncycastle.cert.X509CertificateHolder;
 import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
 import org.bouncycastle.cms.CMSProcessable;
 import org.bouncycastle.cms.CMSProcessableByteArray;
 import org.bouncycastle.cms.CMSSignedData;
 import org.bouncycastle.cms.SignerInformation;
 import org.bouncycastle.cms.SignerInformationStore;
 import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
 import org.bouncycastle.util.Store;

 public class MultipartSignedEntity extends MultipartMimeEntity {

     public MultipartSignedEntity(MimeEntity data, AS2SignedDataGenerator signer, String signatureCharSet, String signatureTransferEncoding, boolean isMainBody, String boundary) throws HttpException {
         super(null, isMainBody, boundary);
         setContentType(signer.createMultipartSignedContentType(this.boundary));
         addPart(data);
         ApplicationPkcs7SignatureEntity signature = new ApplicationPkcs7SignatureEntity(data, signer, signatureCharSet, signatureTransferEncoding, false);
         addPart(signature);
     }

     protected MultipartSignedEntity(String boundary, boolean isMainBody) {
         this.boundary = boundary;
         this.isMainBody = isMainBody;
     }

     public boolean isValid() {
         MimeEntity signedEntity = getSignedDataEntity();
         ApplicationPkcs7SignatureEntity applicationPkcs7SignatureEntity = getSignatureEntity();

         if (signedEntity == null || applicationPkcs7SignatureEntity == null) {
             return false;
         }

         try {
             ByteArrayOutputStream outstream = new ByteArrayOutputStream();
             signedEntity.writeTo(outstream);
             CMSProcessable signedContent = new CMSProcessableByteArray(outstream.toByteArray());

             byte[] signature = applicationPkcs7SignatureEntity.getSignature();
             InputStream is = new ByteArrayInputStream(signature);

             CMSSignedData signedData = new CMSSignedData(signedContent, is);

             Store<X509CertificateHolder> store = signedData.getCertificates();
             SignerInformationStore signers = signedData.getSignerInfos();

             for (SignerInformation signer : signers.getSigners()) {
                 @SuppressWarnings("unchecked")
                 Collection<X509CertificateHolder> certCollection = store.getMatches(signer.getSID());

                 X509CertificateHolder certHolder = certCollection.iterator().next();
                 X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder);
                 if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) {
                     return false;
                 }
             }
         } catch (Exception e) {
             return false;
         }

         return true;
     }

     public MimeEntity getSignedDataEntity() {
         if (getPartCount() > 0) {
             return getPart(0);
         }

         return null;
     }

     public ApplicationPkcs7SignatureEntity getSignatureEntity() {
         if (getPartCount() > 1 && getPart(1) instanceof ApplicationPkcs7SignatureEntity) {
             return (ApplicationPkcs7SignatureEntity)  getPart(1);
         }

         return null;
     }

 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.camel.component.as2.api.entity;

	import java.io.ByteArrayInputStream;
	import java.io.ByteArrayOutputStream;
	import java.io.InputStream;
	import java.security.cert.X509Certificate;
	import java.util.Collection;

	import org.apache.camel.component.as2.api.AS2SignedDataGenerator;
	import org.apache.http.HttpException;
	import org.bouncycastle.cert.X509CertificateHolder;
	import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
	import org.bouncycastle.cms.CMSProcessable;
	import org.bouncycastle.cms.CMSProcessableByteArray;
	import org.bouncycastle.cms.CMSSignedData;
	import org.bouncycastle.cms.SignerInformation;
	import org.bouncycastle.cms.SignerInformationStore;
	import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
	import org.bouncycastle.util.Store;

	public class MultipartSignedEntity extends MultipartMimeEntity {

	public MultipartSignedEntity(MimeEntity data, AS2SignedDataGenerator signer, String signatureCharSet, String signatureTransferEncoding, boolean isMainBody, String boundary) throws HttpException {
	super(null, isMainBody, boundary);
	setContentType(signer.createMultipartSignedContentType(this.boundary));
	addPart(data);
	ApplicationPkcs7SignatureEntity signature = new ApplicationPkcs7SignatureEntity(data, signer, signatureCharSet, signatureTransferEncoding, false);
	addPart(signature);
	}

	protected MultipartSignedEntity(String boundary, boolean isMainBody) {
	this.boundary = boundary;
	this.isMainBody = isMainBody;
	}

	public boolean isValid() {
	MimeEntity signedEntity = getSignedDataEntity();
	ApplicationPkcs7SignatureEntity applicationPkcs7SignatureEntity = getSignatureEntity();

	if (signedEntity == null \|\| applicationPkcs7SignatureEntity == null) {
	return false;
	}

	try {
	ByteArrayOutputStream outstream = new ByteArrayOutputStream();
	signedEntity.writeTo(outstream);
	CMSProcessable signedContent = new CMSProcessableByteArray(outstream.toByteArray());

	byte[] signature = applicationPkcs7SignatureEntity.getSignature();
	InputStream is = new ByteArrayInputStream(signature);

	CMSSignedData signedData = new CMSSignedData(signedContent, is);

	Store<X509CertificateHolder> store = signedData.getCertificates();
	SignerInformationStore signers = signedData.getSignerInfos();

	for (SignerInformation signer : signers.getSigners()) {
	@SuppressWarnings("unchecked")
	Collection<X509CertificateHolder> certCollection = store.getMatches(signer.getSID());

	X509CertificateHolder certHolder = certCollection.iterator().next();
	X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder);
	if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) {
	return false;
	}
	}
	} catch (Exception e) {
	return false;
	}

	return true;
	}

	public MimeEntity getSignedDataEntity() {
	if (getPartCount() > 0) {
	return getPart(0);
	}

	return null;
	}

	public ApplicationPkcs7SignatureEntity getSignatureEntity() {
	if (getPartCount() > 1 && getPart(1) instanceof ApplicationPkcs7SignatureEntity) {
	return (ApplicationPkcs7SignatureEntity) getPart(1);
	}

	return null;
	}

	}