| 1 | /* | |
| 2 | * Copyright 2004 by Paulo Soares. | |
| 3 | * | |
| 4 | * The contents of this file are subject to the Mozilla Public License Version 1.1 | |
| 5 | * (the "License"); you may not use this file except in compliance with the License. | |
| 6 | * You may obtain a copy of the License at http://www.mozilla.org/MPL/ | |
| 7 | * | |
| 8 | * Software distributed under the License is distributed on an "AS IS" basis, | |
| 9 | * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License | |
| 10 | * for the specific language governing rights and limitations under the License. | |
| 11 | * | |
| 12 | * The Original Code is 'iText, a free JAVA-PDF library'. | |
| 13 | * | |
| 14 | * The Initial Developer of the Original Code is Bruno Lowagie. Portions created by | |
| 15 | * the Initial Developer are Copyright (C) 1999, 2000, 2001, 2002 by Bruno Lowagie. | |
| 16 | * All Rights Reserved. | |
| 17 | * Co-Developer of the code is Paulo Soares. Portions created by the Co-Developer | |
| 18 | * are Copyright (C) 2000, 2001, 2002 by Paulo Soares. All Rights Reserved. | |
| 19 | * | |
| 20 | * Contributor(s): all the names of the contributors are added in the source code | |
| 21 | * where applicable. | |
| 22 | * | |
| 23 | * Alternatively, the contents of this file may be used under the terms of the | |
| 24 | * LGPL license (the "GNU LIBRARY GENERAL PUBLIC LICENSE"), in which case the | |
| 25 | * provisions of LGPL are applicable instead of those above. If you wish to | |
| 26 | * allow use of your version of this file only under the terms of the LGPL | |
| 27 | * License and not to allow others to use your version of this file under | |
| 28 | * the MPL, indicate your decision by deleting the provisions above and | |
| 29 | * replace them with the notice and other provisions required by the LGPL. | |
| 30 | * If you do not delete the provisions above, a recipient may use your version | |
| 31 | * of this file under either the MPL or the GNU LIBRARY GENERAL PUBLIC LICENSE. | |
| 32 | * | |
| 33 | * This library is free software; you can redistribute it and/or modify it | |
| 34 | * under the terms of the MPL as stated above or under the terms of the GNU | |
| 35 | * Library General Public License as published by the Free Software Foundation; | |
| 36 | * either version 2 of the License, or any later version. | |
| 37 | * | |
| 38 | * This library is distributed in the hope that it will be useful, but WITHOUT | |
| 39 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS | |
| 40 | * FOR A PARTICULAR PURPOSE. See the GNU Library general Public License for more | |
| 41 | * details. | |
| 42 | * | |
| 43 | * If you didn't download this code from the following link, you should check if | |
| 44 | * you aren't using an obsolete version: | |
| 45 | * http://www.lowagie.com/iText/ | |
| 46 | */ | |
| 47 | package com.lowagie.text.pdf; | |
| 48 | ||
| 49 | import com.lowagie.text.ExceptionConverter; | |
| 50 | ||
| 51 | import java.io.ByteArrayOutputStream; | |
| 52 | import java.security.PrivateKey; | |
| 53 | import java.security.cert.CRL; | |
| 54 | import java.security.cert.Certificate; | |
| 55 | ||
| 56 | ||
| 57 | ||
| 58 | /** | |
| 59 | * A signature dictionary representation for the standard filters. | |
| 60 | */ | |
| 61 | public abstract class PdfSigGenericPKCS extends PdfSignature { | |
| 62 | /** | |
| 63 | * The hash algorithm, for example "SHA1" | |
| 64 | */ | |
| 65 | protected String hashAlgorithm; | |
| 66 | /** | |
| 67 | * The crypto provider | |
| 68 | */ | |
| 69 | protected String provider = null; | |
| 70 | /** | |
| 71 | * The class instance that calculates the PKCS#1 and PKCS#7 | |
| 72 | */ | |
| 73 | protected PdfPKCS7 pkcs; | |
| 74 | /** | |
| 75 | * The subject name in the signing certificate (the element "CN") | |
| 76 | */ | |
| 77 | protected String name; | |
| 78 | ||
| 79 | private byte[] externalDigest; | |
| 80 | private byte[] externalRSAdata; | |
| 81 | private String digestEncryptionAlgorithm; | |
| 82 | ||
| 83 | /** | |
| 84 | * Creates a generic standard filter. | |
| 85 | * @param filter the filter name | |
| 86 | * @param subFilter the sub-filter name | |
| 87 | */ | |
| 88 | public PdfSigGenericPKCS(PdfName filter, PdfName subFilter) { | |
| 89 | super(filter, subFilter); | |
| 90 | } | |
| 91 | ||
| 92 | /** | |
| 93 | * Sets the crypto information to sign. | |
| 94 | * @param privKey the private key | |
| 95 | * @param certChain the certificate chain | |
| 96 | * @param crlList the certificate revocation list. It can be <CODE>null</CODE> | |
| 97 | */ | |
| 98 | public void setSignInfo(PrivateKey privKey, Certificate[] certChain, CRL[] crlList) { | |
| 99 | try { | |
| 100 | pkcs = new PdfPKCS7(privKey, certChain, crlList, hashAlgorithm, provider, PdfName.ADBE_PKCS7_SHA1.equals(get(PdfName.SUBFILTER))); | |
| 101 |
1
1. setSignInfo : removed call to com/lowagie/text/pdf/PdfPKCS7::setExternalDigest → NO_COVERAGE |
pkcs.setExternalDigest(externalDigest, externalRSAdata, digestEncryptionAlgorithm); |
| 102 |
1
1. setSignInfo : negated conditional → NO_COVERAGE |
if (PdfName.ADBE_X509_RSA_SHA1.equals(get(PdfName.SUBFILTER))) { |
| 103 | ByteArrayOutputStream bout = new ByteArrayOutputStream(); | |
| 104 | for (Certificate certificate : certChain) { | |
| 105 |
1
1. setSignInfo : removed call to java/io/ByteArrayOutputStream::write → NO_COVERAGE |
bout.write(certificate.getEncoded()); |
| 106 | } | |
| 107 |
1
1. setSignInfo : removed call to java/io/ByteArrayOutputStream::close → NO_COVERAGE |
bout.close(); |
| 108 |
1
1. setSignInfo : removed call to com/lowagie/text/pdf/PdfSigGenericPKCS::setCert → NO_COVERAGE |
setCert(bout.toByteArray()); |
| 109 |
1
1. setSignInfo : removed call to com/lowagie/text/pdf/PdfSigGenericPKCS::setContents → NO_COVERAGE |
setContents(pkcs.getEncodedPKCS1()); |
| 110 | } | |
| 111 | else | |
| 112 |
1
1. setSignInfo : removed call to com/lowagie/text/pdf/PdfSigGenericPKCS::setContents → NO_COVERAGE |
setContents(pkcs.getEncodedPKCS7()); |
| 113 | name = PdfPKCS7.getSubjectFields(pkcs.getSigningCertificate()).getField("CN"); | |
| 114 |
1
1. setSignInfo : negated conditional → NO_COVERAGE |
if (name != null) |
| 115 |
1
1. setSignInfo : removed call to com/lowagie/text/pdf/PdfSigGenericPKCS::put → NO_COVERAGE |
put(PdfName.NAME, new PdfString(name, PdfObject.TEXT_UNICODE)); |
| 116 | pkcs = new PdfPKCS7(privKey, certChain, crlList, hashAlgorithm, provider, PdfName.ADBE_PKCS7_SHA1.equals(get(PdfName.SUBFILTER))); | |
| 117 |
1
1. setSignInfo : removed call to com/lowagie/text/pdf/PdfPKCS7::setExternalDigest → NO_COVERAGE |
pkcs.setExternalDigest(externalDigest, externalRSAdata, digestEncryptionAlgorithm); |
| 118 | } | |
| 119 | catch (Exception e) { | |
| 120 | throw new ExceptionConverter(e); | |
| 121 | } | |
| 122 | } | |
| 123 | ||
| 124 | /** | |
| 125 | * Sets the digest/signature to an external calculated value. | |
| 126 | * @param digest the digest. This is the actual signature | |
| 127 | * @param RSAdata the extra data that goes into the data tag in PKCS#7 | |
| 128 | * @param digestEncryptionAlgorithm the encryption algorithm. It may must be <CODE>null</CODE> if the <CODE>digest</CODE> | |
| 129 | * is also <CODE>null</CODE>. If the <CODE>digest</CODE> is not <CODE>null</CODE> | |
| 130 | * then it may be "RSA" or "DSA" | |
| 131 | */ | |
| 132 | public void setExternalDigest(byte[] digest, byte[] RSAdata, String digestEncryptionAlgorithm) { | |
| 133 | externalDigest = digest; | |
| 134 | externalRSAdata = RSAdata; | |
| 135 | this.digestEncryptionAlgorithm = digestEncryptionAlgorithm; | |
| 136 | } | |
| 137 | ||
| 138 | /** | |
| 139 | * Gets the subject name in the signing certificate (the element "CN") | |
| 140 | * @return the subject name in the signing certificate (the element "CN") | |
| 141 | */ | |
| 142 | public String getName() { | |
| 143 | return name; | |
| 144 | } | |
| 145 | ||
| 146 | /** | |
| 147 | * Gets the class instance that does the actual signing. | |
| 148 | * @return the class instance that does the actual signing | |
| 149 | */ | |
| 150 | public PdfPKCS7 getSigner() { | |
| 151 | return pkcs; | |
| 152 | } | |
| 153 | ||
| 154 | /** | |
| 155 | * Gets the signature content. This can be a PKCS#1 or a PKCS#7. It corresponds to | |
| 156 | * the /Contents key. | |
| 157 | * @return the signature content | |
| 158 | */ | |
| 159 | public byte[] getSignerContents() { | |
| 160 |
1
1. getSignerContents : negated conditional → NO_COVERAGE |
if (PdfName.ADBE_X509_RSA_SHA1.equals(get(PdfName.SUBFILTER))) |
| 161 |
1
1. getSignerContents : mutated return of Object value for com/lowagie/text/pdf/PdfSigGenericPKCS::getSignerContents to ( if (x != null) null else throw new RuntimeException ) → NO_COVERAGE |
return pkcs.getEncodedPKCS1(); |
| 162 | else | |
| 163 |
1
1. getSignerContents : mutated return of Object value for com/lowagie/text/pdf/PdfSigGenericPKCS::getSignerContents to ( if (x != null) null else throw new RuntimeException ) → NO_COVERAGE |
return pkcs.getEncodedPKCS7(); |
| 164 | } | |
| 165 | ||
| 166 | /** | |
| 167 | * Creates a standard filter of the type VeriSign. | |
| 168 | */ | |
| 169 | public static class VeriSign extends PdfSigGenericPKCS { | |
| 170 | /** | |
| 171 | * The constructor for the default provider. | |
| 172 | */ | |
| 173 | public VeriSign() { | |
| 174 | super(PdfName.VERISIGN_PPKVS, PdfName.ADBE_PKCS7_DETACHED); | |
| 175 | hashAlgorithm = "MD5"; | |
| 176 |
1
1. |
put(PdfName.R, new PdfNumber(65537)); |
| 177 | } | |
| 178 | ||
| 179 | /** | |
| 180 | * The constructor for an explicit provider. | |
| 181 | * @param provider the crypto provider | |
| 182 | */ | |
| 183 | public VeriSign(String provider) { | |
| 184 | this(); | |
| 185 | this.provider = provider; | |
| 186 | } | |
| 187 | } | |
| 188 | ||
| 189 | /** | |
| 190 | * Creates a standard filter of the type self signed. | |
| 191 | */ | |
| 192 | public static class PPKLite extends PdfSigGenericPKCS { | |
| 193 | /** | |
| 194 | * The constructor for the default provider. | |
| 195 | */ | |
| 196 | public PPKLite() { | |
| 197 | super(PdfName.ADOBE_PPKLITE, PdfName.ADBE_X509_RSA_SHA1); | |
| 198 | hashAlgorithm = "SHA1"; | |
| 199 |
1
1. |
put(PdfName.R, new PdfNumber(65541)); |
| 200 | } | |
| 201 | ||
| 202 | /** | |
| 203 | * The constructor for an explicit provider. | |
| 204 | * @param provider the crypto provider | |
| 205 | */ | |
| 206 | public PPKLite(String provider) { | |
| 207 | this(); | |
| 208 | this.provider = provider; | |
| 209 | } | |
| 210 | } | |
| 211 | ||
| 212 | /** | |
| 213 | * Creates a standard filter of the type Windows Certificate. | |
| 214 | */ | |
| 215 | public static class PPKMS extends PdfSigGenericPKCS { | |
| 216 | /** | |
| 217 | * The constructor for the default provider. | |
| 218 | */ | |
| 219 | public PPKMS() { | |
| 220 | super(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1); | |
| 221 | hashAlgorithm = "SHA1"; | |
| 222 | } | |
| 223 | ||
| 224 | /** | |
| 225 | * The constructor for an explicit provider. | |
| 226 | * @param provider the crypto provider | |
| 227 | */ | |
| 228 | public PPKMS(String provider) { | |
| 229 | this(); | |
| 230 | this.provider = provider; | |
| 231 | } | |
| 232 | } | |
| 233 | } | |
Mutations | ||
| 101 |
1.1 |
|
| 102 |
1.1 |
|
| 105 |
1.1 |
|
| 107 |
1.1 |
|
| 108 |
1.1 |
|
| 109 |
1.1 |
|
| 112 |
1.1 |
|
| 114 |
1.1 |
|
| 115 |
1.1 |
|
| 117 |
1.1 |
|
| 160 |
1.1 |
|
| 161 |
1.1 |
|
| 163 |
1.1 |
|
| 176 |
1.1 |
|
| 199 |
1.1 |