profilemanager.java
来自「一个agent 工具包,可以开发移动设备应用,考虑了安全措施」· Java 代码 · 共 669 行 · 第 1/2 页
JAVA
669 行
System.out.println(" 17");
return true; //true;
}
/**
* This method is used for verify signed message
* @param data the signed data,
* @return the data.
**/
/* public byte[] verifySignedData ( byte [] in ,X509Certificate cert)
throws java.security.NoSuchAlgorithmException,
iaik.asn1.CodingException,
com.entrust.security.exceptions.EntrustBaseException,
java.security.SignatureException,
iaik.pkcs.PKCSException,
java.io.IOException
{
//if ( pki == null || pki.directoryAddress == null || ! pki.directoryAddress.onLine ) // OffLine
if ( ( pki != null ) &&
( pki.localCertificateCRLList != null ) &&
( pki.localCertificateCRLList.certInCRL( cert ) ) )
return null;
ETKPKCS7 pkcs7 = new ETKPKCS7(profile);
X509Certificate certs[] = null;
SignedData sign=null;
ContentInfo ci = pkcs7.decodeInputStream( new ByteArrayInputStream(in) );
PKCS7Content cont = pkcs7.decodeContentInfo(ci);
if (ci.getContentType().equals(iaik.asn1.ObjectID.pkcs7_signedData)) {
sign = (SignedData) cont;
// Extract the signature cert if there is one
certs = sign.getCertificates();
}
else if (!ci.getContentType().equals(iaik.asn1.ObjectID.pkcs7_envelopedData))
{
// System.err.println("Che mi hai dato ?");
return null; //false;
}
EnvelopedData env = (EnvelopedData) cont;
Data data = pkcs7.encodeData("non-PKCS#7");
try {
PKCS7Content ret = pkcs7.decodeSignedData(sign,cert,data);
String msg = pkcs7.decodeData(data); // (Data)ret ???
// new java.io.DataOutputStream(out).writeBytes(msg);
return msg.getBytes();
} catch (Exception e){ return null; } //false;}
// return null;
//return certs; //true;
}
*/
/**
* This method is used for verify signed message
* @param data the signed data,
* @return the data.
**/
public X509Certificate [] verifySignedData (java.io.InputStream in,java.io.OutputStream out,X509Certificate cert)
throws java.security.NoSuchAlgorithmException,
iaik.asn1.CodingException,
com.entrust.security.exceptions.EntrustBaseException,
java.security.SignatureException,
iaik.pkcs.PKCSException,
java.io.IOException
{
//if ( pki == null || pki.directoryAddress == null || ! pki.directoryAddress.onLine ) // OffLine
/* if ( ( pki != null ) &&
( pki.localCertificateCRLList != null ) &&
( pki.localCertificateCRLList.certInCRL( cert ) ) )
return null;
*/
ETKPKCS7 pkcs7 = new ETKPKCS7(profile);
X509Certificate certs []= null;
SignedData signedData = null;
//SignedData sign=null;
ContentInfo contentInfo = pkcs7.decodeInputStream(in);
signedData = (SignedData) contentInfo.getContent( );
//modifica di rebecca al 19 novembre
//PKCS7Content cont=ci.getContent();
// if (ci.getContent()== null)
//System.out.println(" non c'e' contenuto ");
//PKCS7Content cont = pkcs7.decodeContentInfo(ci);
//sign = (SignedData) cont;
//certs= sign.getCertificates();
certs= signedData.getCertificates();
/*
if (ci.getContentType().equals(iaik.asn1.ObjectID.pkcs7_signedData)) {
System.out.println(" 7");
sign = (SignedData) cont;
// Extract the signature cert if there is one
// certs = sign.getCertificates();
}
else if (!ci.getContentType().equals(iaik.asn1.ObjectID.pkcs7_envelopedData))
{
System.out.println(" 8");
// System.err.println("Che mi hai dato ?");
return null; //false;
}
*/
System.out.println(" 9");
/* modifica di rebecca al 18 novembre
EnvelopedData env = (EnvelopedData) cont;
System.out.println(" 10");
Data data = pkcs7.encodeData("non-PKCS#7");
System.out.println(" 11");
*/
try {
System.out.println(" 12");
//tolto da rebecca il 18 novembre PKCS7Content ret = pkcs7.decodeSignedData(sign,cert,data);
//PKCS7Content ret = pkcs7.decodeSignedData(sign,certs,null);
JNDIDirectory directory;
if ( pki == null || pki.directoryAddress == null || ! pki.directoryAddress.onLine ) // OffLine
directory = null;
else // OnLine
directory = pki.directoryAddress.connectDirectory();
System.out.println(" 12,1");
pkcs7.setVerifier( new ETKCertificateVerifier( directory, profile ) );
System.out.println(" 12,2");
Data ret =(Data)pkcs7.decodeSignedData(signedData,null,null);
System.out.println(" 13");
/* modifica di rebecca al 18 novembre
String msg = pkcs7.decodeData(data); // (Data)ret ???
System.out.println(" 14");
new java.io.DataOutputStream(out).writeBytes(msg);
System.out.println(" 15");
*/
} catch (Exception e){ System.out.println(" 16");
return null; }//false;}
System.out.println(" 17");
return certs; //true;
}
/*************************************************************************************/
/**
* This method is used for encrypt message
* @param data the data to encrypt,
* @return the encrypt data,
* @param certificate name to encrypt.
**/
public void encryptData(java.io.InputStream in,java.io.OutputStream out,X509Certificate certs)
throws java.security.NoSuchAlgorithmException,
iaik.pkcs.PKCSException,
java.io.IOException
{
encryptData(in,out,new X509Certificate[] {certs});
}
public void encryptData(java.io.InputStream in,java.io.OutputStream out,X509Certificate certs[])
throws java.security.NoSuchAlgorithmException,
iaik.pkcs.PKCSException,
java.io.IOException
{
ETKPKCS7 pkcs7 = new ETKPKCS7(profile);
Data encdata = new Data(in,0);
// Data encdata = pkcs7.encodeData(data);
EnvelopedData envdata = pkcs7.encodeEnvelopedData(encdata,certs);
ContentInfo continfo = pkcs7.encodeContentInfo(envdata);
continfo.writeTo(out);
}
/**
* This method is used for encrypt message
* @param data the data to encrypt,
* @return the decrypt data,
* @param certificate name to encrypt.
**/
public void decryptData(java.io.InputStream in,java.io.OutputStream out)
throws java.security.NoSuchAlgorithmException,
iaik.pkcs.PKCSException,
java.security.InvalidKeyException,
iaik.pkcs.PKCSException,
java.io.IOException
{
ETKPKCS7 pkcs7 = new ETKPKCS7(profile);
// ContentInfo data type
(pkcs7.encodeContentInfo(pkcs7.decodeContentInfo(pkcs7.decodeInputStream(in)))).writeTo(out);
}
/*****************************************************************************/
public void signAndEncryptData(java.io.InputStream in,java.io.OutputStream out,X509Certificate certs[])
throws java.security.NoSuchAlgorithmException,
iaik.pkcs.PKCSException,
java.io.IOException,
iaik.asn1.CodingException,
com.entrust.security.exceptions.EntrustBaseException
{
ETKPKCS7 pkcs7 = new ETKPKCS7(profile);
Data encdata = new Data(in,0);
// Data encdata = pkcs7.encodeData(data);
EnvelopedData envdata = pkcs7.encodeEnvelopedData(encdata,certs);
SignedData signed = pkcs7.encodeSignedData(envdata,ETKPKCS7.SIGNED_CONTENT);
ContentInfo continfo = pkcs7.encodeContentInfo(signed);
System.out.println("The resulting object is:"+continfo.getContentType());
continfo.writeTo(out);
}
/**
* Decrypts and verify data.
* @param in the input stream containing the DER encoded encrypted data
* @param out the output stream where to put the encoded data
* @return the signing certificates
*/
public X509Certificate[] decryptAndVerifyData(java.io.InputStream in,java.io.OutputStream out)
throws java.security.NoSuchAlgorithmException,
iaik.pkcs.PKCSException,
java.io.IOException,
java.security.InvalidKeyException
{
ETKPKCS7 pkcs7 = new ETKPKCS7(profile);
ContentInfo ci = pkcs7.decodeInputStream(in);
PKCS7Content cont = pkcs7.decodeContentInfo(ci);
EnvelopedData env;
X509Certificate certs[] = null;
if (ci.getContentType().equals(iaik.asn1.ObjectID.pkcs7_signedAndEnvelopedData)) {
SignedData sign = (SignedData) cont;
// Extract the signature cert if there is one
certs = sign.getCertificates();
//if (certs!=null)
// certs = pki.getValidCertificates(profile,certs);
} else if (!ci.getContentType().equals(iaik.asn1.ObjectID.pkcs7_envelopedData)) {
System.err.println("Che mi hai dato ?");
return null;
}
env = (EnvelopedData) cont;
Data msg = (Data) pkcs7.decodeEnvelopedData(env);
new java.io.DataOutputStream(out).writeBytes(pkcs7.decodeData(msg));
return certs;
}
/**
* Return the the Distinguish Name
*/
public String getDistinguishName()
throws InfrastructureException
{
if (this.profile == null) throw new InfrastructureException("Profile is null");
return ((this.profile.getSigningCertificate()).getSubjectDN()).getName();
}
public ETKCertificateVerifier getETKCertificateVerifier()
throws InfrastructureException
{
JNDIDirectory directory = null;
if (pki == null) throw new InfrastructureException("Infrastructure is null");
if ((pki.getInfrastructureAddress()).onLine)
{
pki.connectDirectory();
directory = (pki.getInfrastructureAddress()).getDirectory();
}
ETKCertificateVerifier verifier = new ETKCertificateVerifier( directory, profile );
verifier.getContext().setCrlsRequired( (pki.getInfrastructureAddress()).onLine);
return verifier;
}
public String toString()
{
try {
return ( (profile == null) ?
("Profile user: logoff\n") :
("Profile user: " + profile.toString()) );
} catch ( Exception e ) { System.err.println("Cannot read Distinguish Name." + e); }
return "ProfileManager";
}
public void update ( ProfileManager profile )
{
// The pki the profile belongs to
this.pki = profile.pki;
// The managed profile
this.profile = profile.profile;
}
protected String getCurrentFileName()
{
return ( pkcs7FileName + ( cont++ ) + extension );
}
}⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?