[Jruby-extras-devel] [1079] trunk/jopenssl: Finish implementation of reading of Signed PKCS#7 stuff

[nobody]

Title: [1079] trunk/jopenssl: Finish implementation of reading of Signed PKCS#7 stuff

Revision

1079

Author

olabini

Date

2008-07-27 12:10:46 -0400 (Sun, 27 Jul 2008)

Log Message

Finish implementation of reading of Signed PKCS#7 stuff

Modified Paths

• trunk/jopenssl/src/java/org/jruby/ext/openssl/impl/Signed.java
• trunk/jopenssl/test/test_java_pkcs7.rb
• trunk/jopenssl/test/test_java_smime.rb

Diff

Modified: trunk/jopenssl/src/java/org/jruby/ext/openssl/impl/Signed.java (1078 => 1079)

--- trunk/jopenssl/src/java/org/jruby/ext/openssl/impl/Signed.java	2008-07-27 16:10:44 UTC (rev 1078)
+++ trunk/jopenssl/src/java/org/jruby/ext/openssl/impl/Signed.java	2008-07-27 16:10:46 UTC (rev 1079)
@@ -27,6 +27,7 @@
  ***** END LICENSE BLOCK *****/
 package org.jruby.ext.openssl.impl;
 
+import java.security.cert.CertificateParsingException;
 import java.security.cert.X509CRL;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
@@ -42,6 +43,8 @@
 import org.bouncycastle.asn1.DERTaggedObject;
 import org.bouncycastle.asn1.pkcs.SignerInfo;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import org.bouncycastle.asn1.x509.X509CertificateStructure;
+import org.bouncycastle.jce.provider.X509CertificateObject;
 
 /** PKCS7_SIGNED
  *
@@ -56,12 +59,12 @@
     /**
      * Describe crl here.
      */
-    private List<X509CRL> crl = new ArrayList<X509CRL>();
+    private Set<X509CRL> crl = new HashSet<X509CRL>();
 
     /**
      * Describe cert here.
      */
-    private List<X509Certificate> cert = new ArrayList<X509Certificate>();
+    private Set<X509Certificate> cert = new HashSet<X509Certificate>();
 
     /**
      * Describe mdAlgs here.
@@ -150,9 +153,9 @@
     /**
      * Get the <code>Cert</code> value.
      *
-     * @return a <code>List<X509Certificate></code> value
+     * @return a <code>Set<X509Certificate></code> value
      */
-    public final List<X509Certificate> getCert() {
+    public final Set<X509Certificate> getCert() {
         return cert;
     }
 
@@ -161,16 +164,16 @@
      *
      * @param newCert The new Cert value.
      */
-    public final void setCert(final List<X509Certificate> newCert) {
+    public final void setCert(final Set<X509Certificate> newCert) {
         this.cert = newCert;
     }
 
     /**
      * Get the <code>Crl</code> value.
      *
-     * @return a <code>List<X509CRL></code> value
+     * @return a <code>Set<X509CRL></code> value
      */
-    public final List<X509CRL> getCrl() {
+    public final Set<X509CRL> getCrl() {
         return crl;
     }
 
@@ -179,7 +182,7 @@
      *
      * @param newCrl The new Crl value.
      */
-    public final void setCrl(final List<X509CRL> newCrl) {
+    public final void setCrl(final Set<X509CRL> newCrl) {
         this.crl = newCrl;
     }
 
@@ -232,16 +235,28 @@
         signed.setMdAlgs(algorithmIdentifiersFromASN1Set(digestAlgos));
         signed.setContents(PKCS7.fromASN1(contentInfo));
         if(certificates != null) {
-            System.err.println("Certs: " + certificates);
+            signed.setCert(certificatesFromASN1Set(certificates));
         }
         if(crls != null) {
-            System.err.println("CRLs: " + crls);
+            throw new RuntimeException("TODO implement CRL part");
         }
         signed.setSignerInfo(signerInfosFromASN1Set(signerInfos));
 
         return signed;
     }
 
+    private static Set<X509Certificate> certificatesFromASN1Set(DEREncodable content) {
+        Set<X509Certificate> result = new HashSet<X509Certificate>();
+        X509CertificateStructure struct = X509CertificateStructure.getInstance(content);
+        // TODO: This needs to check for the possibility of PKCS#6 ExtendedCertificate too
+        try {
+            result.add(new X509CertificateObject(struct));
+        } catch(CertificateParsingException ex) {
+            throw new PKCS7Exception(PKCS7.F_B64_READ_PKCS7, PKCS7.R_CERTIFICATE_VERIFY_ERROR, "exception: " + ex);
+        }
+        return result;
+    }
+
     private static Set<AlgorithmIdentifier> algorithmIdentifiersFromASN1Set(DEREncodable content) {
         ASN1Set set = (ASN1Set)content;
         Set<AlgorithmIdentifier> result = new HashSet<AlgorithmIdentifier>();

Modified: trunk/jopenssl/test/test_java_pkcs7.rb (1078 => 1079)

--- trunk/jopenssl/test/test_java_pkcs7.rb	2008-07-27 16:10:44 UTC (rev 1078)
+++ trunk/jopenssl/test/test_java_pkcs7.rb	2008-07-27 16:10:46 UTC (rev 1079)
@@ -626,7 +626,7 @@
       p7.type = PKCS7::NID_pkcs7_signed
       p7.add_certificate(X509Cert)
       assert_equal 1, p7.get_sign.cert.size
-      assert_equal X509Cert, p7.get_sign.cert.get(0)
+      assert_equal X509Cert, p7.get_sign.cert.iterator.next
     end
 
     def test_add_certificate_on_signedAndEnveloped_adds_the_certificate
@@ -674,7 +674,7 @@
       p7.type = PKCS7::NID_pkcs7_signed
       p7.add_crl(X509CRL)
       assert_equal 1, p7.get_sign.crl.size
-      assert_equal X509CRL, p7.get_sign.crl.get(0)
+      assert_equal X509CRL, p7.get_sign.crl.iterator.next
     end
 
     def test_add_crl_on_signedAndEnveloped_adds_the_crl

Modified: trunk/jopenssl/test/test_java_smime.rb (1078 => 1079)

--- trunk/jopenssl/test/test_java_smime.rb	2008-07-27 16:10:44 UTC (rev 1078)
+++ trunk/jopenssl/test/test_java_smime.rb	2008-07-27 16:10:46 UTC (rev 1079)
@@ -161,7 +161,6 @@
       bio = BIO::from_string(MultipartSignedString)
       mime = Mime::DEFAULT
       p7 = SMIME.new(mime).readPKCS7(bio, nil)
-      puts p7
     end
   end
 end

_______________________________________________
Jruby-extras-devel mailing list
Jruby-extras-devel@rubyforge.org
http://rubyforge.org/mailman/listinfo/jruby-extras-devel