import java.math.BigInteger; import java.security.Principal; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.Security; import java.security.cert.CertStore; import java.security.cert.CertStoreException; import java.security.cert.CertificateExpiredException; import java.security.cert.CertificateNotYetValidException; import java.util.Iterator; import java.util.logging.Level; import java.util.logging.Logger; import java.security.cert.X509Certificate; import java.util.Date; import org.bouncycastle.cms.CMSException; import org.bouncycastle.cms.CMSProcessable; import org.bouncycastle.cms.CMSSignedData; import org.bouncycastle.cms.SignerInformation; import org.bouncycastle.jce.provider.BouncyCastleProvider; /* * To change this template, choose Tools | Templates * and open the template in the editor. */ /** * * @author Administrateur */ public class VerifieSignature { public Integer version; public BigInteger serialN; public Principal subject; public Principal issuer; public Date date; public String signAlgo; boolean[] tabKU; public boolean auth; public boolean revok; public boolean verifieSignature(byte[] signaturePKCS7){ try { System.out.println("Vérification de la signature ...."); /**lecture de l'enveloppe PKCS7**/ CMSSignedData signature = new CMSSignedData(signaturePKCS7); /**récuperation des informations sur le signataire**/ SignerInformation signer = (SignerInformation) signature.getSignerInfos().getSigners().iterator().next(); /**récupération du certificat du signataire**/ Security.addProvider(new BouncyCastleProvider()); CertStore cs = signature.getCertificatesAndCRLs("Collection", "BC"); Iterator iter = cs.getCertificates(signer.getSID()).iterator(); X509Certificate certificate = (X509Certificate) iter.next(); // Affichage du contenu de la certificat String[] infos_emetteur = certificate.getIssuerDN().getName().split("(=|, )", -1); System.out.println("\tCertificate for: " + certificate.getSubjectDN()); subject= certificate.getSubjectDN(); System.out.println("\tCertificate issued by: " + certificate.getIssuerDN()); issuer= certificate.getIssuerDN(); for (int i = 0; i < infos_emetteur.length; i += 2) { if (infos_emetteur[i].equals("C")) System.out.println("\tCountryName : " + infos_emetteur[i + 1]); if (infos_emetteur[i].equals("O")) System.out.println("\tOrganizationName : " + infos_emetteur[i + 1]); if (infos_emetteur[i].equals("CN")) System.out.println("\tCommonName : " + infos_emetteur[i + 1]); } System.out.println("\tThe certificate is valid from " + certificate.getNotBefore() + " to " + certificate.getNotAfter()); date = certificate.getNotAfter(); System.out.println("\tCertificate SN# " + certificate.getSerialNumber()); serialN = certificate.getSerialNumber(); System.out.println("\tGenerated with " + certificate.getSigAlgName()); signAlgo = certificate.getSigAlgName(); Verification_Certificat1 vc = new Verification_Certificat1(); auth = vc.isAuthentic(certificate); revok = vc.verifierRevok(certificate); /**récupération de l'empreinte qui à été signé**/ CMSProcessable sc = signature.getSignedContent(); //byte[] data = (byte[]) sc.getContent(); /**Verifie la signature**/ System.out.println("Validité de la signature : "+signer.verify(certificate, "BC")); } catch (CertStoreException ex) { Logger.getLogger(SignaturePKCS7.class.getName()).log(Level.SEVERE, null, ex); } catch (NoSuchAlgorithmException ex) { Logger.getLogger(SignaturePKCS7.class.getName()).log(Level.SEVERE, null, ex); } catch (NoSuchProviderException ex) { Logger.getLogger(SignaturePKCS7.class.getName()).log(Level.SEVERE, null, ex); } catch (CertificateExpiredException ex) { Logger.getLogger(SignaturePKCS7.class.getName()).log(Level.SEVERE, null, ex); } catch (CertificateNotYetValidException ex) { Logger.getLogger(SignaturePKCS7.class.getName()).log(Level.SEVERE, null, ex); } catch (CMSException ex) { Logger.getLogger(SignaturePKCS7.class.getName()).log(Level.SEVERE, null, ex); } return true; } public boolean getRevok() { return revok; } public boolean getAuth() { return auth; } public Integer getVersion() { return version; } public BigInteger getSerialN() { return serialN; } public Principal getSubject() { return subject; } public Principal getIssuer() { return issuer; } public Date getDate() { return date; } public String getSignAlgo() { return signAlgo; } // public static void main(String[] args) throws IOException, CertificateExpiredException, CertificateNotYetValidException // { // // // Chargement du fichier signé // String chemin="c:/test.txt.pk7"; // File f = new File(chemin); // byte[] buffer = new byte[(int)f.length()]; // DataInputStream in = new DataInputStream(new FileInputStream(f)); // in.readFully(buffer); // in.close(); // VerifieSignature vs = new VerifieSignature(); // vs.verifieSignature(buffer); // } // }