Lines 27-33
import java.io.InputStream;
Link Here
|
27 |
import java.math.BigInteger; |
27 |
import java.math.BigInteger; |
28 |
import java.security.GeneralSecurityException; |
28 |
import java.security.GeneralSecurityException; |
29 |
import java.security.Security; |
29 |
import java.security.Security; |
30 |
import java.security.cert.CertStore; |
|
|
31 |
import java.security.cert.CertificateException; |
30 |
import java.security.cert.CertificateException; |
32 |
import java.security.cert.CertificateFactory; |
31 |
import java.security.cert.CertificateFactory; |
33 |
import java.security.cert.X509Certificate; |
32 |
import java.security.cert.X509Certificate; |
Lines 36-42
import java.util.Collection;
Link Here
|
36 |
import java.util.Iterator; |
35 |
import java.util.Iterator; |
37 |
import java.util.List; |
36 |
import java.util.List; |
38 |
import java.util.Properties; |
37 |
import java.util.Properties; |
39 |
import java.util.Vector; |
|
|
40 |
|
38 |
|
41 |
import javax.mail.MessagingException; |
39 |
import javax.mail.MessagingException; |
42 |
import javax.mail.Session; |
40 |
import javax.mail.Session; |
Lines 49-66
import org.apache.jmeter.samplers.SampleResult;
Link Here
|
49 |
import org.apache.jorphan.logging.LoggingManager; |
47 |
import org.apache.jorphan.logging.LoggingManager; |
50 |
import org.apache.jorphan.util.JOrphanUtils; |
48 |
import org.apache.jorphan.util.JOrphanUtils; |
51 |
import org.apache.log.Logger; |
49 |
import org.apache.log.Logger; |
|
|
50 |
import org.bouncycastle.asn1.x500.RDN; |
51 |
import org.bouncycastle.asn1.x500.X500Name; |
52 |
import org.bouncycastle.asn1.x500.style.BCStyle; |
52 |
import org.bouncycastle.asn1.x509.GeneralName; |
53 |
import org.bouncycastle.asn1.x509.GeneralName; |
53 |
import org.bouncycastle.asn1.x509.X509Name; |
54 |
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; |
54 |
import org.bouncycastle.cms.CMSException; |
55 |
import org.bouncycastle.cms.CMSException; |
55 |
import org.bouncycastle.cms.SignerInformation; |
56 |
import org.bouncycastle.cms.SignerInformation; |
56 |
import org.bouncycastle.cms.SignerInformationStore; |
57 |
import org.bouncycastle.cms.SignerInformationStore; |
57 |
import org.bouncycastle.cms.jcajce.JcaX509CertSelectorConverter; |
58 |
import org.bouncycastle.cms.SignerInformationVerifier; |
58 |
import org.bouncycastle.jce.PrincipalUtil; |
59 |
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder; |
59 |
import org.bouncycastle.jce.X509Principal; |
|
|
60 |
import org.bouncycastle.jce.provider.BouncyCastleProvider; |
60 |
import org.bouncycastle.jce.provider.BouncyCastleProvider; |
61 |
import org.bouncycastle.mail.smime.SMIMEException; |
61 |
import org.bouncycastle.mail.smime.SMIMEException; |
62 |
import org.bouncycastle.mail.smime.SMIMESignedParser; |
62 |
import org.bouncycastle.mail.smime.SMIMESignedParser; |
|
|
63 |
import org.bouncycastle.operator.OperatorCreationException; |
63 |
import org.bouncycastle.operator.bc.BcDigestCalculatorProvider; |
64 |
import org.bouncycastle.operator.bc.BcDigestCalculatorProvider; |
|
|
65 |
import org.bouncycastle.util.Store; |
64 |
import org.bouncycastle.x509.extension.X509ExtensionUtil; |
66 |
import org.bouncycastle.x509.extension.X509ExtensionUtil; |
65 |
|
67 |
|
66 |
/** |
68 |
/** |
Lines 148-162
class SMIMEAssertion {
Link Here
|
148 |
AssertionResult res = new AssertionResult(name); |
150 |
AssertionResult res = new AssertionResult(name); |
149 |
|
151 |
|
150 |
try { |
152 |
try { |
151 |
CertStore certs = s.getCertificatesAndCRLs("Collection", "BC"); // $NON-NLS-1$ // $NON-NLS-2$ |
153 |
Store certs = s.getCertificates(); // $NON-NLS-1$ // $NON-NLS-2$ |
152 |
SignerInformationStore signers = s.getSignerInfos(); |
154 |
SignerInformationStore signers = s.getSignerInfos(); |
153 |
Iterator<?> signerIt = signers.getSigners().iterator(); |
155 |
Iterator<?> signerIt = signers.getSigners().iterator(); |
154 |
|
156 |
|
155 |
if (signerIt.hasNext()) { |
157 |
if (signerIt.hasNext()) { |
156 |
|
158 |
|
157 |
SignerInformation signer = (SignerInformation) signerIt.next(); |
159 |
SignerInformation signer = (SignerInformation) signerIt.next(); |
158 |
Iterator<?> certIt = certs.getCertificates( |
160 |
Iterator<?> certIt = certs.getMatches(signer.getSID()).iterator(); |
159 |
(new JcaX509CertSelectorConverter()).getCertSelector(signer.getSID())).iterator(); |
|
|
160 |
|
161 |
|
161 |
if (certIt.hasNext()) { |
162 |
if (certIt.hasNext()) { |
162 |
// the signer certificate |
163 |
// the signer certificate |
Lines 164-170
class SMIMEAssertion {
Link Here
|
164 |
|
165 |
|
165 |
if (testElement.isVerifySignature()) { |
166 |
if (testElement.isVerifySignature()) { |
166 |
|
167 |
|
167 |
if (!signer.verify(cert.getPublicKey(), "BC")) { // $NON-NLS-1$ |
168 |
SignerInformationVerifier verifier = null; |
|
|
169 |
try { |
170 |
verifier = new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert.getPublicKey()); |
171 |
} catch (OperatorCreationException e) { |
172 |
log.error("Can't create a provider", e); |
173 |
} |
174 |
if (verifier == null || !signer.verify(verifier)) { // $NON-NLS-1$ |
168 |
res.setFailure(true); |
175 |
res.setFailure(true); |
169 |
res.setFailureMessage("Signature is invalid"); |
176 |
res.setFailureMessage("Signature is invalid"); |
170 |
} |
177 |
} |
Lines 325-334
class SMIMEAssertion {
Link Here
|
325 |
throws CertificateException { |
332 |
throws CertificateException { |
326 |
List<String> res = new ArrayList<>(); |
333 |
List<String> res = new ArrayList<>(); |
327 |
|
334 |
|
328 |
X509Principal subject = PrincipalUtil.getSubjectX509Principal(cert); |
335 |
X500Name subject = new JcaX509CertificateHolder(cert).getSubject(); |
329 |
Vector<?> addresses = subject.getValues(X509Name.EmailAddress); |
336 |
for (RDN email : subject.getRDNs(BCStyle.EmailAddress)) { |
330 |
for (Object address: addresses) { |
337 |
res.add((String) email.toString()); |
331 |
res.add((String) address); |
|
|
332 |
} |
338 |
} |
333 |
|
339 |
|
334 |
Collection<?> subjectAltNames = |
340 |
Collection<?> subjectAltNames = |
335 |
- |
|
|