| /******************************************************************************* |
| * Copyright (c) 2007, 2010 IBM Corporation and others. All rights reserved. |
| * This program and the accompanying materials are made available under the |
| * terms of the Eclipse Public License v1.0 which accompanies this distribution, |
| * and is available at http://www.eclipse.org/legal/epl-v10.html |
| * |
| * Contributors: IBM Corporation - initial API and implementation |
| ******************************************************************************/ |
| package org.eclipse.osgi.internal.signedcontent; |
| |
| import java.io.File; |
| import java.io.IOException; |
| import java.security.GeneralSecurityException; |
| import java.security.cert.*; |
| import java.util.ArrayList; |
| import java.util.Date; |
| import org.eclipse.osgi.internal.provisional.verifier.*; |
| import org.eclipse.osgi.signedcontent.*; |
| import org.osgi.framework.Bundle; |
| |
| public class LegacyVerifierFactory implements CertificateVerifierFactory { |
| private final SignedContentFactory signedContentFactory; |
| |
| public LegacyVerifierFactory(SignedContentFactory signedContentFactory) { |
| this.signedContentFactory = signedContentFactory; |
| } |
| |
| public CertificateVerifier getVerifier(File content) throws IOException { |
| try { |
| return new LegacyVerifier(signedContentFactory.getSignedContent(content)); |
| } catch (GeneralSecurityException e) { |
| throw (IOException) new IOException(e.getMessage()).initCause(e); |
| } |
| } |
| |
| public CertificateVerifier getVerifier(Bundle bundle) throws IOException { |
| try { |
| return new LegacyVerifier(signedContentFactory.getSignedContent(bundle)); |
| } catch (GeneralSecurityException e) { |
| throw (IOException) new IOException(e.getMessage()).initCause(e); |
| } |
| } |
| |
| static class LegacyVerifier implements CertificateVerifier { |
| private final SignedContent signedContent; |
| |
| public LegacyVerifier(SignedContent signedContent) { |
| this.signedContent = signedContent; |
| } |
| |
| public void checkContent() throws CertificateException, CertificateExpiredException { |
| SignedContentEntry[] entries = signedContent.getSignedEntries(); |
| for (int i = 0; i < entries.length; i++) { |
| try { |
| entries[i].verify(); |
| } catch (InvalidContentException e) { |
| throw (SecurityException) new SecurityException(e.getMessage()).initCause(e); |
| } catch (IOException e) { |
| throw (SecurityException) new SecurityException(e.getMessage()).initCause(e); |
| } |
| } |
| SignerInfo[] infos = signedContent.getSignerInfos(); |
| for (int i = 0; i < infos.length; i++) |
| signedContent.checkValidity(infos[i]); |
| } |
| |
| public CertificateChain[] getChains() { |
| SignerInfo infos[] = signedContent.getSignerInfos(); |
| CertificateChain[] chains = new CertificateChain[infos.length]; |
| for (int i = 0; i < chains.length; i++) |
| chains[i] = new LegacyChain(infos[i], signedContent); |
| return chains; |
| } |
| |
| public boolean isSigned() { |
| return signedContent.isSigned(); |
| } |
| |
| public String[] verifyContent() { |
| ArrayList invalidContent = new ArrayList(0); |
| SignedContentEntry[] entries = signedContent.getSignedEntries(); |
| for (int i = 0; i < entries.length; i++) { |
| try { |
| entries[i].verify(); |
| } catch (InvalidContentException e) { |
| invalidContent.add(entries[i].getName()); |
| } catch (IOException e) { |
| invalidContent.add(entries[i].getName()); |
| } |
| } |
| return (String[]) invalidContent.toArray(new String[invalidContent.size()]); |
| } |
| } |
| |
| static class LegacyChain implements CertificateChain { |
| private final SignerInfo signerInfo; |
| private final SignedContent content; |
| |
| public LegacyChain(SignerInfo signerInfo, SignedContent content) { |
| this.signerInfo = signerInfo; |
| this.content = content; |
| } |
| |
| public Certificate[] getCertificates() { |
| return signerInfo.getCertificateChain(); |
| } |
| |
| public String getChain() { |
| StringBuffer sb = new StringBuffer(); |
| Certificate[] certs = getCertificates(); |
| for (int i = 0; i < certs.length; i++) { |
| X509Certificate x509Cert = ((X509Certificate) certs[i]); |
| sb.append(x509Cert.getSubjectDN().getName()); |
| sb.append("; "); //$NON-NLS-1$ |
| } |
| return sb.toString(); |
| } |
| |
| public Certificate getRoot() { |
| Certificate[] certs = getCertificates(); |
| return certs.length > 0 ? certs[certs.length - 1] : null; |
| } |
| |
| public Certificate getSigner() { |
| Certificate[] certs = getCertificates(); |
| return certs.length > 0 ? certs[0] : null; |
| } |
| |
| public Date getSigningTime() { |
| return content.getSigningTime(signerInfo); |
| } |
| |
| public boolean isTrusted() { |
| return signerInfo.isTrusted(); |
| } |
| |
| } |
| } |