@Override public SignerInfo getSignerInfo(byte[] signerId) throws SignatureException { synchronized(certPathStore) { SignerInfo signerInfo = certPathStore.getSignerInfo(signerId); File signerFile = new File(signerIdToFileName(signerId)); if (signerInfo == null) { if (signerFile.exists()) { FileInputStream file = null; try { file = new FileInputStream(signerFile); ProtocolSignerInfo data = ProtocolSignerInfo.newBuilder().mergeFrom(file).build(); signerInfo = new SignerInfo(data); } catch (SignatureException | IOException e) { throw new SignatureException("Failed to parse signer info from file: " + signerFile.getAbsolutePath(), e); } finally { FileUtils.closeAndIgnoreException(file, signerFile, LOG); } } } return signerInfo; } }
/** * Public constructor. * @param hashAlg The hash algorithm to use to calculate the signer id (which * is the base-64-encoding of the hash of the PkiPath-encoding of the cert * chain). * @param certs the cert chain used by this signer. Cert of the signer is * first, and cert of the CA is last. * @param domain the domain that the certificates are issued to. This should * match the CN in the target certificate. * @throws SignatureException if the certs couldn't be parsed into a cert * chain, or if the hash couldn't be calculated. */ public SignerInfo(HashAlgorithm hashAlg, List<X509Certificate> certs, String domain) throws SignatureException { Preconditions.checkArgument(certs.size() > 0, "need at least one" + "cert in the chain"); try { this.protobuf = ProtocolSignerInfo.newBuilder() .setHashAlgorithm(hashAlg) .setDomain(domain) .addAllCertificate(getCertificatesAsListOfByteArrays(certs)) .build(); } catch (CertificateEncodingException e) { throw new SignatureException("couldn't parse certificates", e); } this.certChain = ImmutableList.copyOf(certs); this.signerId = calculateSignerId(this.certChain); }
public void testGetSignerId_fromProtobuf() throws Exception { ProtocolSignerInfo protobuf = ProtocolSignerInfo.newBuilder() .setHashAlgorithm(HashAlgorithm.SHA256) .addCertificate(ByteString.copyFrom( CertConstantUtil.SERVER_PUB_CERT.getEncoded())) .addCertificate(ByteString.copyFrom( CertConstantUtil.INTERMEDIATE_PUB_CERT.getEncoded())) .setDomain(DOMAIN) .build(); signerInfo = new SignerInfo(protobuf); assertEquals("zBYbw+lLkXGao+LfNWbv/faS+yAlsAmUfCNqXBxeFtI=", base64(signerInfo.getSignerId())); }
public void testGetSignerId_fromProtobuf() throws Exception { ProtocolSignerInfo protobuf = ProtocolSignerInfo.newBuilder() .setHashAlgorithm(HashAlgorithm.SHA256) .addCertificate(ByteString.copyFrom( CertConstantUtil.SERVER_PUB_CERT.getEncoded())) .addCertificate(ByteString.copyFrom( CertConstantUtil.INTERMEDIATE_PUB_CERT.getEncoded())) .setDomain(DOMAIN) .build(); signerInfo = new SignerInfo(protobuf); assertEquals("zBYbw+lLkXGao+LfNWbv/faS+yAlsAmUfCNqXBxeFtI=", base64(signerInfo.getSignerId())); }