public void testMD5WithRSAAddSignersSHA1() throws Exception { MimeMultipart smm = generateMultiPartRsa("SHA1withRSA", msg, SMIMESignedGenerator.STANDARD_MICALGS); SMIMESigned s = new SMIMESigned(smm); assertEquals("sha-1", getMicAlg(smm)); List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); Store certs = new JcaCertStore(certList); SMIMESignedGenerator gen = new SMIMESignedGenerator(); gen.addSignerInfoGenerator( new JcaSimpleSignerInfoGeneratorBuilder() .setProvider(BC) .build("MD5withRSA", _signKP.getPrivate(), _signCert)); gen.addSigners(s.getSignerInfos()); gen.addCertificates(certs); smm = gen.generate(msg); SMIMESigned newS = new SMIMESigned(gen.generate(msg)); verifyMessageBytes(msg, newS.getContent()); verifySigners(newS.getCertificates(), newS.getSignerInfos()); assertEquals("\"md5,sha-1\"", getMicAlg(smm)); }
public void testGOST3411WithECGOST3410() throws Exception { MimeMultipart smm = generateMultiPartECGost(msg); SMIMESigned s = new SMIMESigned(smm); assertEquals("gostr3411-94", getMicAlg(smm)); assertEquals(getDigestOid(s.getSignerInfos()), CryptoProObjectIdentifiers.gostR3411.getId()); verifyMessageBytes(msg, s.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testSHA512WithRSARfc3851() throws Exception { MimeMultipart smm = generateMultiPartRsa("SHA512withRSA", msg, SMIMESignedGenerator.RFC3851_MICALGS); SMIMESigned s = new SMIMESigned(smm); assertEquals("sha512", getMicAlg(smm)); assertEquals(getDigestOid(s.getSignerInfos()), NISTObjectIdentifiers.id_sha512.toString()); verifyMessageBytes(msg, s.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testRIPEMD160WithRSA() throws Exception { MimeMultipart smm = generateMultiPartRsa("RIPEMD160withRSA", msg, SMIMESignedGenerator.RFC3851_MICALGS); SMIMESigned s = new SMIMESigned(smm); assertEquals("unknown", getMicAlg(smm)); assertEquals(getDigestOid(s.getSignerInfos()), TeleTrusTObjectIdentifiers.ripemd160.toString()); verifyMessageBytes(msg, s.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testMD5WithRSA() throws Exception { MimeMultipart smm = generateMultiPartRsa("MD5withRSA", msg, SMIMESignedGenerator.RFC3851_MICALGS); SMIMESigned s = new SMIMESigned(smm); assertEquals("md5", getMicAlg(smm)); assertEquals(getDigestOid(s.getSignerInfos()), PKCSObjectIdentifiers.md5.toString()); verifyMessageBytes(msg, s.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void multipartMixedTest(MimeBodyPart part1, MimeBodyPart part2) throws Exception { MimeMultipart mp = new MimeMultipart(); mp.addBodyPart(part1); mp.addBodyPart(part2); MimeBodyPart m = new MimeBodyPart(); m.setContent(mp); MimeMultipart smm = generateMultiPartRsa("SHA1withRSA", m, SMIMESignedGenerator.RFC3851_MICALGS); SMIMESigned s = new SMIMESigned(smm); verifySigners(s.getCertificates(), s.getSignerInfos()); AttributeTable attr = ((SignerInformation) s.getSignerInfos().getSigners().iterator().next()) .getSignedAttributes(); Attribute a = attr.get(CMSAttributes.messageDigest); byte[] contentDigest = ASN1OctetString.getInstance(a.getAttrValues().getObjectAt(0)).getOctets(); mp = (MimeMultipart) m.getContent(); ContentType contentType = new ContentType(mp.getContentType()); String boundary = "--" + contentType.getParameter("boundary"); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); LineOutputStream lOut = new LineOutputStream(bOut); Enumeration headers = m.getAllHeaderLines(); while (headers.hasMoreElements()) { lOut.writeln((String) headers.nextElement()); } lOut.writeln(); // CRLF separator lOut.writeln(boundary); writePart(mp.getBodyPart(0), bOut); lOut.writeln(); // CRLF terminator lOut.writeln(boundary); writePart(mp.getBodyPart(1), bOut); lOut.writeln(); lOut.writeln(boundary + "--"); MessageDigest dig = MessageDigest.getInstance("SHA1", BC); assertTrue(Arrays.equals(contentDigest, dig.digest(bOut.toByteArray()))); }
public void testBasicAS2() throws Exception { MimeMessage message = loadMessage("basicAS2.message"); SMIMESigned s = new SMIMESigned((MimeMultipart) message.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testSignAttachmentOnly() throws Exception { MimeMessage m = loadMessage("attachonly.eml"); List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); Store certs = new JcaCertStore(certList); ASN1EncodableVector signedAttrs = generateSignedAttributes(); SMIMESignedGenerator gen = new SMIMESignedGenerator("binary"); gen.addSignerInfoGenerator( new JcaSimpleSignerInfoGeneratorBuilder() .setProvider(BC) .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("SHA1withRSA", _signKP.getPrivate(), _signCert)); gen.addCertificates(certs); MimeMultipart mm = gen.generate(m); SMIMESigned s = new SMIMESigned(mm); verifySigners(s.getCertificates(), s.getSignerInfos()); SMIMESignedParser sp = new SMIMESignedParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), mm); verifySigners(sp.getCertificates(), sp.getSignerInfos()); }
public void testExtraNlInPostamble() throws Exception { MimeMessage message = loadMessage("extra-nl.eml"); SMIMESigned s = new SMIMESigned((MimeMultipart) message.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testMultiAlternative() throws Exception { MimeMessage message = loadMessage("multi-alternative.eml"); SMIMESigned s = new SMIMESigned((MimeMultipart) message.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testMimeMultipartBinaryReader() throws Exception { MimeBodyPart m = createMultipartMessage(); List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); Store certs = new JcaCertStore(certList); ASN1EncodableVector signedAttrs = generateSignedAttributes(); SMIMESignedGenerator gen = new SMIMESignedGenerator("binary"); gen.addSignerInfoGenerator( new JcaSimpleSignerInfoGeneratorBuilder() .setProvider(BC) .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("SHA1withRSA", _signKP.getPrivate(), _signCert)); gen.addCertificates(certs); MimeMultipart mm = gen.generate(m); SMIMESigned s = new SMIMESigned(mm, "binary"); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testSHA1withDSA() throws Exception { dsaSignKP = CMSTestUtil.makeDsaKeyPair(); dsaSignCert = CMSTestUtil.makeCertificate(dsaSignKP, _origDN, dsaSignKP, _origDN); dsaOrigKP = CMSTestUtil.makeDsaKeyPair(); dsaOrigCert = CMSTestUtil.makeCertificate(dsaOrigKP, _signDN, dsaSignKP, _origDN); List certList = new ArrayList(); certList.add(dsaOrigCert); certList.add(dsaSignCert); Store certs = new JcaCertStore(certList); SMIMESignedGenerator gen = new SMIMESignedGenerator(); gen.addSignerInfoGenerator( new JcaSimpleSignerInfoGeneratorBuilder() .setProvider("BC") .build("SHA1withDSA", dsaOrigKP.getPrivate(), dsaOrigCert)); gen.addCertificates(certs); MimeMultipart smm = gen.generate(msg); SMIMESigned s = new SMIMESigned(smm); verifyMessageBytes(msg, s.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testSHA1WithRSAEncapsulated() throws Exception { MimeBodyPart res = generateEncapsulatedRsa("SHA1withRSA", msg); SMIMESigned s = new SMIMESigned(res); verifyMessageBytes(msg, s.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testSHA1WithRSA() throws Exception { MimeMultipart smm = generateMultiPartRsa("SHA1withRSA", msg, SMIMESignedGenerator.RFC3851_MICALGS); SMIMESigned s = new SMIMESigned(smm); verifyMessageBytes(msg, s.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); }
public void testMimeMultipart() throws Exception { MimeBodyPart m = createMultipartMessage(); List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); Store certs = new JcaCertStore(certList); ASN1EncodableVector signedAttrs = generateSignedAttributes(); SMIMESignedGenerator gen = new SMIMESignedGenerator("binary"); gen.addSignerInfoGenerator( new JcaSimpleSignerInfoGeneratorBuilder() .setProvider(BC) .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("SHA1withRSA", _signKP.getPrivate(), _signCert)); gen.addCertificates(certs); MimeMultipart mm = gen.generate(m); SMIMESigned s = new SMIMESigned(mm); verifySigners(s.getCertificates(), s.getSignerInfos()); byte[] contentDigest = (byte[]) gen.getGeneratedDigests().get(SMIMESignedGenerator.DIGEST_SHA1); AttributeTable table = ((SignerInformation) s.getSignerInfos().getSigners().iterator().next()) .getSignedAttributes(); Attribute hash = table.get(CMSAttributes.messageDigest); assertTrue( MessageDigest.isEqual( contentDigest, ((ASN1OctetString) hash.getAttrValues().getObjectAt(0)).getOctets())); }
public void testSHA1WithRSAAddSigners() throws Exception { MimeMultipart smm = generateMultiPartRsa("SHA1withRSA", msg, SMIMESignedGenerator.RFC3851_MICALGS); SMIMESigned s = new SMIMESigned(smm); List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); Store certs = new JcaCertStore(certList); SMIMESignedGenerator gen = new SMIMESignedGenerator(); gen.addSigners(s.getSignerInfos()); gen.addCertificates(certs); SMIMESigned newS = new SMIMESigned(gen.generate(msg)); verifyMessageBytes(msg, newS.getContent()); verifySigners(newS.getCertificates(), newS.getSignerInfos()); }
/** verify the signature (assuming the cert is contained in the message) */ private static void verify(SMIMESigned s) throws Exception { // // extract the information to verify the signatures. // // // certificates and crls passed in the signature // Store certs = s.getCertificates(); // // SignerInfo blocks which contain the signatures // SignerInformationStore signers = s.getSignerInfos(); Collection c = signers.getSigners(); Iterator it = c.iterator(); // // check each signer // while (it.hasNext()) { SignerInformation signer = (SignerInformation) it.next(); Collection certCollection = certs.getMatches(signer.getSID()); Iterator certIt = certCollection.iterator(); X509Certificate cert = new JcaX509CertificateConverter() .setProvider(BC) .getCertificate((X509CertificateHolder) certIt.next()); // // verify that the sig is correct and that it was generated // when the certificate was current // if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert))) { System.out.println("signature verified"); } else { System.out.println("signature failed!"); } } }
public void testWithAttributeCertificate() throws Exception { List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); Store certs = new JcaCertStore(certList); ASN1EncodableVector signedAttrs = generateSignedAttributes(); SMIMESignedGenerator gen = new SMIMESignedGenerator(); gen.addSignerInfoGenerator( new JcaSimpleSignerInfoGeneratorBuilder() .setProvider(BC) .setSignedAttributeGenerator( new DefaultSignedAttributeTableGenerator(new AttributeTable(signedAttrs))) .build("SHA256withRSA", _signKP.getPrivate(), _signCert)); gen.addCertificates(certs); X509AttributeCertificateHolder attrCert = CMSTestUtil.getAttributeCertificate(); List attrCertList = new ArrayList(); attrCertList.add(attrCert); Store store = new CollectionStore(attrCertList); gen.addAttributeCertificates(store); SMIMESigned s = new SMIMESigned(gen.generateEncapsulated(msg)); verifyMessageBytes(msg, s.getContent()); verifySigners(s.getCertificates(), s.getSignerInfos()); Store attrCerts = s.getAttributeCertificates(); assertTrue(attrCerts.getMatches(null).contains(attrCert)); }
public void testDoubleNlCanonical() throws Exception { MimeMessage message = loadMessage("3nnn_smime.eml"); SMIMESigned s = new SMIMESigned((MimeMultipart) message.getContent()); Collection c = s.getSignerInfos().getSigners(); Iterator it = c.iterator(); while (it.hasNext()) { SignerInformation signer = (SignerInformation) it.next(); Collection certCollection = s.getCertificates().getMatches(signer.getSID()); Iterator certIt = certCollection.iterator(); X509CertificateHolder certHolder = (X509CertificateHolder) certIt.next(); // in this case the sig is invalid, but it's the lack of an exception from the content digest // we're looking for Assert.assertFalse( signer.verify( new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certHolder))); } }
/* * test compressing and uncompressing of a multipart-signed message. */ public void testCompressedSHA1WithRSA() throws Exception { List certList = new ArrayList(); certList.add(origCert); certList.add(signCert); Store certs = new JcaCertStore(certList); ASN1EncodableVector signedAttrs = new ASN1EncodableVector(); SMIMECapabilityVector caps = new SMIMECapabilityVector(); caps.addCapability(SMIMECapability.dES_EDE3_CBC); caps.addCapability(SMIMECapability.rC2_CBC, 128); caps.addCapability(SMIMECapability.dES_CBC); signedAttrs.add(new SMIMECapabilitiesAttribute(caps)); SMIMESignedGenerator gen = new SMIMESignedGenerator(); gen.addSignerInfoGenerator( new JcaSimpleSignerInfoGeneratorBuilder() .setProvider("BC") .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("SHA1withRSA", origKP.getPrivate(), origCert)); gen.addCertificates(certs); MimeMultipart smp = gen.generate(msg); MimeMessage bp2 = new MimeMessage((Session) null); bp2.setContent(smp); bp2.saveChanges(); SMIMECompressedGenerator cgen = new SMIMECompressedGenerator(); MimeBodyPart cbp = cgen.generate(bp2, new ZlibCompressor()); SMIMECompressed cm = new SMIMECompressed(cbp); MimeMultipart mm = (MimeMultipart) SMIMEUtil.toMimeBodyPart(cm.getContent(new ZlibExpanderProvider())).getContent(); SMIMESigned s = new SMIMESigned(mm); ByteArrayOutputStream _baos = new ByteArrayOutputStream(); msg.writeTo(_baos); _baos.close(); byte[] _msgBytes = _baos.toByteArray(); _baos = new ByteArrayOutputStream(); s.getContent().writeTo(_baos); _baos.close(); byte[] _resBytes = _baos.toByteArray(); assertEquals(true, Arrays.areEqual(_msgBytes, _resBytes)); certs = s.getCertificates(); SignerInformationStore signers = s.getSignerInfos(); Collection c = signers.getSigners(); Iterator it = c.iterator(); while (it.hasNext()) { SignerInformation signer = (SignerInformation) it.next(); Collection certCollection = certs.getMatches(signer.getSID()); Iterator certIt = certCollection.iterator(); X509CertificateHolder cert = (X509CertificateHolder) certIt.next(); assertEquals( true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))); } }