diff options
author | Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> | 2021-01-12 10:33:18 +0100 |
---|---|---|
committer | Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> | 2021-01-13 09:14:31 +0100 |
commit | 2b9a4f35e2e50fca4304107b5033b6216af0124d (patch) | |
tree | 554c86f5ddadd2610f5ac554770dede4b3d2b7b8 /csarvalidation/src/main/java/org/onap/cvc/csar/security/SignatureFactory.java | |
parent | 6aab2c816dad5fa8dda7c1fb4597ad5433c6181c (diff) |
Add support for signature in PCKS7 format.
Signed-off-by: Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com>
Change-Id: Ic98d1b9c93c11c484c86338588922c2f347b7c02
Issue-ID: VNFSDK-714
Diffstat (limited to 'csarvalidation/src/main/java/org/onap/cvc/csar/security/SignatureFactory.java')
-rw-r--r-- | csarvalidation/src/main/java/org/onap/cvc/csar/security/SignatureFactory.java | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/security/SignatureFactory.java b/csarvalidation/src/main/java/org/onap/cvc/csar/security/SignatureFactory.java new file mode 100644 index 0000000..00e9fce --- /dev/null +++ b/csarvalidation/src/main/java/org/onap/cvc/csar/security/SignatureFactory.java @@ -0,0 +1,60 @@ +/* + * Copyright 2021 Nokia + * <p> + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * <p> + * http://www.apache.org/licenses/LICENSE-2.0 + * <p> + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.onap.cvc.csar.security; + +import org.apache.commons.codec.binary.Base64; +import org.bouncycastle.asn1.cms.ContentInfo; +import org.bouncycastle.openssl.PEMParser; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStreamReader; + +public class SignatureFactory { + + public static final String PEM_SIGNATURE_BEGIN_TAG = "-----BEGIN CMS-----"; + public static final String PEM_SIGNATURE_END_TAG = "-----END CMS-----"; + + public ContentInfo createSignature(byte[] signatureStream) throws IOException, CmsSignatureLoadingException { + byte[] pemSignatureStream = convertSignatureToPemIfInDerFormat(signatureStream); + try(ByteArrayInputStream signatureInput = new ByteArrayInputStream(pemSignatureStream)) { + Object parsedObject = new PEMParser(new InputStreamReader(signatureInput)).readPemObject().getContent(); + return ContentInfo.getInstance(parsedObject); + } catch (Exception e) { + throw new CmsSignatureLoadingException("Signature is not recognized!", e); + } + } + + private byte[] convertSignatureToPemIfInDerFormat(byte[] signatureStream) throws IOException { + byte[] encodedSignatureStream = signatureStream.clone(); + if (!Base64.isBase64(signatureStream)) { + encodedSignatureStream = Base64.encodeBase64(encodedSignatureStream); + encodedSignatureStream = wrapWithPemTags(encodedSignatureStream); + } + return encodedSignatureStream; + } + + private byte[] wrapWithPemTags(byte[] encodedSignatureStream) throws IOException { + ByteArrayOutputStream outputStream = new ByteArrayOutputStream( ); + outputStream.write( (PEM_SIGNATURE_BEGIN_TAG + "\n").getBytes() ); + outputStream.write( encodedSignatureStream ); + outputStream.write( ("\n" + PEM_SIGNATURE_END_TAG).getBytes() ); + return outputStream.toByteArray(); + } +} |