private void checkContents() throws PKCS7Exception {
String contents = this.getContents();
if (contents == null) {
throw new PKCS7Exception();
}
if (!contents.startsWith(HEADER) || !contents.endsWith(FOOTER)) {
throw new PKCS7Exception("Header or/and footer missing.");
}
String in = getContentsFilename();
String[] args = {"openssl", "pkcs7", "-inform", "PEM", "-in", in, "-noout"};
BashReader br = BashReader.read(args);
if (br == null || br.getExitValue() != 0) {
String message;
if (br == null) {
message = "Error while cheking the PKCS7 data.";
} else {
message = br.getErrorMessage();
}
Logger.error(TAG, message + "\r\tfor " + getContents());
throw new PKCS7Exception(message);
}
}
public boolean encrypt() throws CertificateException {
if (!isSigned || getSignedDataDER() == null || getSignedDataPEM() == null) {
throw new CertificateException(
"Please sign the PKCS7 first with a signer and its private key.");
}
// As the first statement of this methods implies it, the encryption process come right after
// the signing process
// This means the encrypt should be very similar to the signing process, and thus easier to
// understand
// This file should exist, so get its contents or dump the signed data if the file is not there.
File tempSigned = new File("tmp/temp-" + getFilename(false) + ".signed");
File tempEnc = new File("tmp/temp-" + getFilename(false) + ".encrypted");
if (!tempSigned.exists()) {
FileWriter.write(getDERSignedDataAsString(), tempSigned.getPath());
}
addTempFile(tempSigned);
// Create a temp file that will contain the signer
File tempSignerBlob = new File("tmp/temp-" + getFilename(false) + ".signer");
if (!FileWriter.write(this.getCertSigner().getBlob(), tempSignerBlob.getAbsolutePath())) {
throw new PKCS7Exception("Couldn't write the signer's blob of data to the file.");
}
addTempFile(tempSignerBlob);
String[] args = {
"openssl",
"cms",
"-encrypt",
"-in",
tempSigned.getPath(),
"-out",
tempEnc.getPath(),
tempSignerBlob.getPath()
};
BashReader bashReader = BashReader.read(args);
if (bashReader == null || bashReader.getExitValue() != 0) {
if (bashReader == null) {
throw new PKCS7Exception(
"The command \"" + BashReader.toSingleString(args) + "\" failed (null).");
}
throw new PKCS7Exception(
"The command \""
+ BashReader.toSingleString(args)
+ "\" failed - "
+ bashReader.getOutput()
+ " ("
+ bashReader.getExitValue()
+ ")");
}
// Now we have a file with encrypted data!
this.encryptedData = BashReader.toSingleString(FileReader.getLines(tempEnc)).trim().getBytes();
this.isEncrypted = true;
if (cleanTempFiles()) {
Logger.debug("PKCS7", "PKCS7.encrypt(): Temp files all cleaned up.");
} else {
Logger.debug("PKCS7", "PKCS7.encrypt(): Temp files NOT cleaned up (all or some).");
}
return isEncrypted;
}
public static void main(String[] args) {
String rawData = /*"-----BEGIN PKCS7-----\n" +*/
"MIIGugYJKoZIhvcNAQcCoIIGqzCCBqcCAQExDjAMBggqhkiG9w0CBQUAMIIDIQYJ\n"
+ "KoZIhvcNAQcBoIIDEgSCAw4wggMKBgkqhkiG9w0BBwOgggL7MIIC9wIBADGCAUow\n"
+ "ggFGAgEAMC4wKTELMAkGA1UEChMCcWExGjAYBgNVBAMTEVN0VmluY2VudFFBQ0Ey\n"
+ "MDExAgEBMA0GCSqGSIb3DQEBAQUABIIBAJAuX2pGfDb4QvwQh8KHmtoeZ4Yawkcc\n"
+ "qihpBVHoLfw8X1JGYIp1QFc9SHYuesv5G3sxN1RxVwrDAZo+aaGWWwbCLjvmlFAr\n"
+ "SO5cBXYtJOvnD9DfNlRC++1miOmi2slzbxC7rq7DNo+uaC6YEE/Np/uFmoftLltC\n"
+ "V6BOgzXWCnDOjTqyuVRyZcjJ5fOJwpwbuAn5jbiEiSQLMUc7hhHdxC0sdlVYwrtO\n"
+ "Yjh/H9LpoO+H1LacTp41XBpK9QBgB80PTtkRzjlMInmjATtdaWYhPdGJh2s5z0bQ\n"
+ "mJc8cd2sIN7LAmV/r7I6dGZZkzSAAWOfUxNWRzGHvdITw24G28kZCeQwggGiBgkq\n"
+ "hkiG9w0BBwEwEQYFKw4DAgcECMa+/NEt+BAtgIIBgEYGsXOk72sGavghfEh80pJO\n"
+ "KNRxgfI99AzhQH/C+HA3yGU8WH3GUPCCIH/UJ3PxMZOgiAhJytucVrboVqwvvqN8\n"
+ "BJHsbj702MPLLwvfD3dgz5CjhXRwd+nYVCIihyTWx2SOqFjBhkWayLTbgXga/eRg\n"
+ "HLV+Pr87rt+6aIiuOrRpfuToxYaeBqAKClj/iJYeRMOCmSxRzx4OPsktg2f06EIw\n"
+ "W6sWikK53GvIocCXpCiymwiKChDYn5iingh4zkcKVq78ZtuzD9JFhha5BRqueCve\n"
+ "iModreVI9WJpc0rLjHRaRafLAsic2zxylxR3ycm/TNQ6aU1XXYmY24n3u9pRHH+k\n"
+ "kxQvzhtt/pw5mwqnTW1Y9J8wMRnW1wPa7uZuv6QxZymfphJWBTCoek5u+pVHCYwf\n"
+ "TGaP0bh8K3Ylsqwi6bIBaBc1bNkLQ4pRQXa70tU61lL+LuCC3f3auimMdUjWr1QP\n"
+ "LtRr8zV9AbpbyNVqfDiGWYX4Xu9XFAxghbu2oKJbSKCCAcEwggG9MIIBJqADAgEC\n"
+ "AiBDMDZGMkVGNjg4Mjc5NUJDQzgyODkxMTkxMkYzRjcyODANBgkqhkiG9w0BAQQF\n"
+ "ADAVMRMwEQYDVQQDEwoxMjcuMC4xLjEwMB4XDTE2MDYyNzE4MDExMFoXDTE2MDcw\n"
+ "MzIwMDExMFowFTETMBEGA1UEAxMKMTI3LjAuMS4xMDCBnzANBgkqhkiG9w0BAQEF\n"
+ "AAOBjQAwgYkCgYEAmlixAXWAbhwCjZN1hRosDwTPNxh4SzoscCAU7UPZk3CDQ10z\n"
+ "YF5em8Ui4xTjcwWnlUwxsWBD64Pai3WAiqBhuB6AVw5rFTVDV4SMDdU+SLuniRZp\n"
+ "LK3BXiFiqHQp5Z7fs+OxDzSGpWR0Y5JQUOCfd6RyJ2D7oBY5L89b4uPbs98CAwEA\n"
+ "ATANBgkqhkiG9w0BAQQFAAOBgQBTx85iXRnNlP9Ojl73OB2K2fK+Yzfo+r3Hf51E\n"
+ "g7EHP1eWYVi59/QYdN+5WcgViQWbgAygLHqQQa/vppmklp9ZnY2mNLtPIwAKE2sf\n"
+ "8yXLW6YNE+T4H0lzY8DLBPjR2NHvboC9USuAEl5/0cP1tp7AnXAodyrQ9USsoZ2c\n"
+ "r3KjpjGCAaYwggGiAgEBMDkwFTETMBEGA1UEAxMKMTI3LjAuMS4xMAIgQzA2RjJF\n"
+ "RjY4ODI3OTVCQ0M4Mjg5MTE5MTJGM0Y3MjgwDAYIKoZIhvcNAgUFAKCBwTASBgpg\n"
+ "hkgBhvhFAQkCMQQTAjE5MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI\n"
+ "hvcNAQkFMQ8XDTE2MDYyNzE4MDExMFowHwYJKoZIhvcNAQkEMRIEEE7F5LZ/EG9Z\n"
+ "lkAsVchtrhwwIAYKYIZIAYb4RQEJBTESBBD6vHMHXuym8XD6AqjAlTUyMDAGCmCG\n"
+ "SAGG+EUBCQcxIhMgQzA2RjJFRjY4ODI3OTVCQ0M4Mjg5MTE5MTJGM0Y3MjgwDQYJ\n"
+ "KoZIhvcNAQEBBQAEgYBYpGW/8dKMHnED09/pkqr2FYTBSlVTIqAIN0ECHt+BmNW3\n"
+ "FhzL5AUEAaAcCf+fPuNgFUITOcM0YYGvzXD0vUrtrzfhSk2wFAU+olH/yYM+0mJ7\n"
+ "ZgVL5zy55NHa7XsrcIVs576RGA6czEoetftYGRykS8zU6SOKFumC86ojkBKeYw==\n" /* +
"-----END PKCS7-----\n"*/;
try {
PKCS7 pkcs7 = new PKCS7(rawData, true);
Logger.printOut(pkcs7.getContentsFilename());
} catch (PKCS7Exception e) {
e.printStackTrace();
}
// rawData =
// BashReader.toSingleString(FileReader.getLines("/home/aakintol/Downloads/cbn_dsa-cert.pem"));
// Signable pkcs7 = new Signable();
// pkcs7.setContents(rawData);
//// pkcs7.createFilename();
// try {
// Certificate signer = Certificate.loadCertificateFromFile("test-signer.pem");
// PrivateKey privateKey = PrivateKey.loadPrivateKey(new File("test-key.key"));
//
// pkcs7.setCertSigner(signer);
// pkcs7.setPrivateKeySigner(privateKey);
// pkcs7.sign();
// int v = pkcs7.verify();
// System.exit(v);
// System.out.println(pkcs7.getDERSignedDataAsString());
// } catch (CertificateException e) {
// e.printStackTrace();
// System.exit(1);
// }
// BashReader bashReader = BashReader.read("python", "hexdump", "-in", "verified.bin");
// if (bashReader != null) {
// System.out.println(bashReader.getExitValue());
// System.out.println(bashReader.getOutput());
// } else {
// System.out.println("HMMM.");
// }
// Signable signable = new Signable();
// Subject load;
// try {
// load = Subject.load("/C=CA/L=Ottawa/CN=cbnca");
// } catch (Exception e) {
// load = null;
// }
//
// signable.setContents(rawData);
// Logger.debug("set priv key + cert: "+ VerifyUtils.setKeyAndSigner("test-key.key",
// "test-signer.pem", signable));
// signable.sign(null, null, null);
// Logger.debug("signed data: "+signable.getSignedDataPEM());
// Logger.printOut(signable.getCertSigner().getBlob());
// Logger.printOut(new String(signable.getPrivateKeySigner().dumpDER()));
// Logger.printOut(signable.getPrivateKeySigner().dumpPEM());
// Logger.debug("keygen: "+VerifyUtils.generateKey("rsa", 2048, new File("res/out.key"),
// new File("res/out.cert"), signable, load));
//
// signable.setContents("valid contents.");
// Logger.debug("sign: "+SignUtils.execOpenSSLCMSSign("sha1", true, false, false,
// signable));
// Logger.debug("signed? "+signable.isSigned());
// Logger.debug("locate sig pem: "+VerifyUtils.locateSignature("PEM", signable));
// Logger.debug("locate sig der: "+VerifyUtils.locateSignature("DER", signable));
// Logger.debug("pub key extraction: "+VerifyUtils.extractPublicKeyFromCertificate("pem",
// signable));
// Logger.debug("asn1parse: "+SignUtils.execOpenSSLASN1Parse("DER", signable, false));
// Logger.debug("extract rsa bin: "+VerifyUtils.extractBinaryRSAEncryptedHash("sha256",
// signable));
// Hexdump hexReceiver = new Hexdump();
// Logger.debug("hexdump: "+VerifyUtils.performHexdump("res/signed-sha256.bin",
// hexReceiver));
// Logger.debug("hexdump result: "+hexReceiver.getDump());
// Logger.debug("sig verif: "+VerifyUtils.verifySignature("res/signed-sha256.bin",
// "verified256.bin", signable));
// VerifyUtils.locateSignature("PEM", signable);
// try {
// signable.setContents("HAHAHAHAHAHAH to sign.");
// signable.sign();
// } catch (CertificateException e) {
// e.printStackTrace();
// }
try {
Thread.sleep(5000);
BashReader.read("rm", "-rf", "tmp/");
} catch (InterruptedException e) {
e.printStackTrace();
}
// BashReader br = BashReader.read("openssl req -key out.key -new -x509 -days 365 -out
// out.cert -subj \"/CN=cbnca/C=CA/L=Ottawa\"");
//
// Logger.debug(br != null ? br.getExitValue() + " : "+br.getOutput() : "NULL");
// try {
// String[] argv = {"openssl", "req", "-nodes", "-newkey", String.format("%s:%s",
// "rsa", 2048), "-keyout", "java.key", "-subj", "/C=CA/L=Ottawa/OU=CBN"};
// BashReader br = BashReader.read(argv);
// Logger.debug(br != null ? br.toString() : "NULL");
// argv = new String[]{"openssl", "req", "-key", "java.key", "-new", "-x509",
// "-days", "365", "-out", "java.cert", "-subj", "/C=CA/L=Ottawa/OU=CBN"};
// br = BashReader.read(argv);
// Logger.debug(br != null ? br.toString() : "NULL");
// } catch (Exception e) {
// e.printStackTrace();
// }
}
