org.eclipse.osgi_3.7.2.v20120110-1415

leValueCollectionMap.EntryIterator(ShrinkableValueCollectionMap.this);
    }
    
    public int size()
    {
      return ShrinkableValueCollectionMap.this.size();
    }
  }
  
  private final class EntryIterator
    implements Iterator<Map.Entry<K, Collection<V>>>
  {
    private final Iterator<? extends K> iter;
    private K last;
    
    EntryIterator()
    {
      iter = map.keySet().iterator();
    }
    
    public boolean hasNext()
    {
      return iter.hasNext();
    }
    
    public Map.Entry<K, Collection<V>> next()
    {
      last = iter.next();
      return new ShrinkableValueCollectionMap.Entry(ShrinkableValueCollectionMap.this, last);
    }
    
    public void remove()
    {
      iter.remove();
      if (values != null) {
        values.remove(last);
      }
    }
  }
  
  private final class Entry
    implements Map.Entry<K, Collection<V>>
  {
    private final K key;
    private Collection<V> value;
    
    Entry()
    {
      key = k;
    }
    
    public K getKey()
    {
      return (K)key;
    }
    
    public Collection<V> getValue()
    {
      if (value == null) {
        value = get(key);
      }
      return value;
    }
    
    public Collection<V> setValue(Collection<V> value)
    {
      throw new UnsupportedOperationException();
    }
    
    public String toString()
    {
      return getKey() + "=" + getValue();
    }
    
    public int hashCode()
    {
      return ShrinkableValueCollectionMap.hash(getKey()) ^ ShrinkableValueCollectionMap.hash(getValue());
    }
    
    public boolean equals(Object obj)
    {
      if (obj == this) {
        return true;
      }
      if (!(obj instanceof Map.Entry)) {
        return false;
      }
      Map.Entry<?, ?> other = (Map.Entry)obj;
      return (ShrinkableValueCollectionMap.equality(getKey(), other.getKey())) && (ShrinkableValueCollectionMap.equality(getValue(), other.getValue()));
    }
  }
  
  static int hash(Object one)
  {
    return one == null ? 0 : one.hashCode();
  }
  
  static boolean equality(Object one, Object two)
  {
    return one == null ? false : two == null ? true : one.equals(two);
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.serviceregistry.ShrinkableValueCollectionMap
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.math.BigInteger;
import java.security.SignatureException;

public class BERProcessor
{
  byte[] buffer;
  int offset;
  int lastOffset;
  int contentOffset;
  int contentLength;
  int endOffset;
  int classOfTag;
  static final int UNIVERSAL_TAGCLASS = 0;
  static final int APPLICATION_TAGCLASS = 1;
  static final int CONTEXTSPECIFIC_TAGCLASS = 2;
  static final int PRIVATE_TAGCLASS = 3;
  static final byte BOOLTAG = 1;
  static final byte INTTAG = 2;
  static final byte OIDTAG = 6;
  static final byte SEQTAG = 16;
  static final byte SETTAG = 17;
  static final byte NULLTAG = 5;
  static final String[] tagNames = { "<null>", "boolean", "int", "bitstring", "octetstring", "null", "objid", "objdesc", "external", "real", "enum", "pdv", "utf8", "relobjid", "resv", "resv", "sequence", "set", "char string" };
  public boolean constructed;
  public byte tag;
  
  public BERProcessor(byte[] buffer, int offset, int len)
    throws SignatureException
  {
    this.buffer = buffer;
    this.offset = offset;
    lastOffset = (len + offset);
    processStructure();
  }
  
  public void processStructure()
    throws SignatureException
  {
    if (offset == -1) {
      return;
    }
    endOffset = offset;
    
    classOfTag = ((buffer[offset] & 0xFF) >> 6);
    
    constructed = ((buffer[offset] & 0x20) != 0);
    
    byte tagNumber = (byte)(buffer[offset] & 0x1F);
    if (tagNumber < 32)
    {
      tag = tagNumber;
      endOffset = (offset + 1);
    }
    else
    {
      throw new SignatureException("Can't handle tags > 32");
    }
    if ((buffer[endOffset] & 0x80) == 0)
    {
      contentLength = buffer[endOffset];
      endOffset += 1;
    }
    else
    {
      int octetCount = buffer[endOffset] & 0x7F;
      if (octetCount > 3) {
        throw new SignatureException("ContentLength octet count too large: " + octetCount);
      }
      contentLength = 0;
      endOffset += 1;
      for (int i = 0; i < octetCount; i++)
      {
        contentLength <<= 8;
        contentLength |= buffer[endOffset] & 0xFF;
        endOffset += 1;
      }
      if (octetCount == 0) {
        contentLength = -1;
      }
    }
    contentOffset = endOffset;
    if (contentLength != -1) {
      endOffset += contentLength;
    }
    if (endOffset > lastOffset) {
      throw new SignatureException("Content length too large: " + endOffset + " > " + lastOffset);
    }
  }
  
  public String toString()
  {
    StringBuffer sb = new StringBuffer();
    switch (classOfTag)
    {
    case 0: 
      sb.append('U');
      break;
    case 1: 
      sb.append('A');
      break;
    case 2: 
      sb.append('C');
      break;
    case 3: 
      sb.append('P');
    }
    sb.append(constructed ? 'C' : 'P');
    sb.append(" tag=" + tag);
    if (tag < tagNames.length) {
      sb.append("(" + tagNames[tag] + ")");
    }
    sb.append(" len=");
    sb.append(contentLength);
    switch (tag)
    {
    case 2: 
      sb.append(" value=" + getIntValue());
      break;
    case 6: 
      sb.append(" value=");
      int[] oid = getObjId();
      for (int i = 0; i < oid.length; i++)
      {
        if (i > 0) {
          sb.append('.');
        }
        sb.append(oid[i]);
      }
    }
    if ((tag == 12) || ((tag >= 18) && (tag <= 22)) || ((tag >= 25) && (tag <= 30)))
    {
      sb.append(" value=");
      sb.append(getString());
    }
    return sb.toString();
  }
  
  public BERProcessor stepInto()
    throws SignatureException
  {
    return new BERProcessor(buffer, contentOffset, contentLength);
  }
  
  public void stepOver()
    throws SignatureException
  {
    offset = endOffset;
    if (endOffset >= lastOffset)
    {
      offset = -1;
      return;
    }
    processStructure();
  }
  
  public boolean endOfSequence()
  {
    return offset == -1;
  }
  
  public String getString()
  {
    return new String(buffer, contentOffset, contentLength);
  }
  
  public BigInteger getIntValue()
  {
    return new BigInteger(getBytes());
  }
  
  public int[] getObjId()
  {
    int count = 0;
    for (int i = 0; i < contentLength; i++) {
      if ((buffer[(contentOffset + i)] & 0x80) == 0) {
        count++;
      }
    }
    count++;
    int[] oid = new int[count];
    int index = 0;
    int currentValue = 0;
    for (int i = 0; i < contentLength; i++)
    {
      currentValue <<= 7;
      currentValue |= buffer[(contentOffset + i)] & 0x7F;
      if ((buffer[(contentOffset + i)] & 0x80) == 0)
      {
        if (index == 0)
        {
          oid[(index++)] = (currentValue / 40);
          oid[(index++)] = (currentValue % 40);
        }
        else
        {
          oid[(index++)] = currentValue;
        }
        currentValue = 0;
      }
    }
    return oid;
  }
  
  public byte[] getBytes()
  {
    byte[] v = new byte[contentLength];
    System.arraycopy(buffer, contentOffset, v, 0, contentLength);
    return v;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.BERProcessor
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

public class Base64
{
  private static final byte equalSign = 61;
  static char[] digits = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 
    'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 
    'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 
    'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' };
  
  public static byte[] decode(byte[] data)
  {
    if (data.length == 0) {
      return data;
    }
    int lastRealDataIndex = data.length - 1;
    while (data[lastRealDataIndex] == 61) {
      lastRealDataIndex--;
    }
    int padBytes = data.length - 1 - lastRealDataIndex;
    int byteLength = data.length * 6 / 8 - padBytes;
    byte[] result = new byte[byteLength];
    
    int dataIndex = 0;
    int resultIndex = 0;
    int allBits = 0;
    
    int resultChunks = (lastRealDataIndex + 1) / 4;
    for (int i = 0; i < resultChunks; i++)
    {
      allBits = 0;
      for (int j = 0; j < 4; j++) {
        allBits = allBits << 6 | decodeDigit(data[(dataIndex++)]);
      }
      for (int j = resultIndex + 2; j >= resultIndex; j--)
      {
        result[j] = ((byte)(allBits & 0xFF));
        allBits >>>= 8;
      }
      resultIndex += 3;
    }
    switch (padBytes)
    {
    case 1: 
      allBits = 0;
      for (int j = 0; j < 3; j++) {
        allBits = allBits << 6 | decodeDigit(data[(dataIndex++)]);
      }
      allBits <<= 6;
      
      allBits >>>= 8;
      for (int j = resultIndex + 1; j >= resultIndex; j--)
      {
        result[j] = ((byte)(allBits & 0xFF));
        
        allBits >>>= 8;
      }
      break;
    case 2: 
      allBits = 0;
      for (int j = 0; j < 2; j++) {
        allBits = allBits << 6 | decodeDigit(data[(dataIndex++)]);
      }
      allBits <<= 6;
      allBits <<= 6;
      
      allBits >>>= 8;
      allBits >>>= 8;
      result[resultIndex] = ((byte)(allBits & 0xFF));
    }
    return result;
  }
  
  static int decodeDigit(byte data)
  {
    char charData = (char)data;
    if ((charData <= 'Z') && (charData >= 'A')) {
      return charData - 'A';
    }
    if ((charData <= 'z') && (charData >= 'a')) {
      return charData - 'a' + 26;
    }
    if ((charData <= '9') && (charData >= '0')) {
      return charData - '0' + 52;
    }
    switch (charData)
    {
    case '+': 
      return 62;
    case '/': 
      return 63;
    }
    throw new IllegalArgumentException("Invalid char to decode: " + data);
  }
  
  public static byte[] encode(byte[] data)
  {
    int sourceChunks = data.length / 3;
    int len = (data.length + 2) / 3 * 4;
    byte[] result = new byte[len];
    int extraBytes = data.length - sourceChunks * 3;
    
    int dataIndex = 0;
    int resultIndex = 0;
    int allBits = 0;
    for (int i = 0; i < sourceChunks; i++)
    {
      allBits = 0;
      for (int j = 0; j < 3; j++) {
        allBits = allBits << 8 | data[(dataIndex++)] & 0xFF;
      }
      for (int j = resultIndex + 3; j >= resultIndex; j--)
      {
        result[j] = ((byte)digits[(allBits & 0x3F)]);
        
        allBits >>>= 6;
      }
      resultIndex += 4;
    }
    switch (extraBytes)
    {
    case 1: 
      allBits = data[(dataIndex++)];
      allBits <<= 8;
      allBits <<= 8;
      for (int j = resultIndex + 3; j >= resultIndex; j--)
      {
        result[j] = ((byte)digits[(allBits & 0x3F)]);
        
        allBits >>>= 6;
      }
      result[(result.length - 1)] = 61;
      result[(result.length - 2)] = 61;
      break;
    case 2: 
      allBits = data[(dataIndex++)];
      allBits = allBits << 8 | data[(dataIndex++)] & 0xFF;
      
      allBits <<= 8;
      for (int j = resultIndex + 3; j >= resultIndex; j--)
      {
        result[j] = ((byte)digits[(allBits & 0x3F)]);
        
        allBits >>>= 6;
      }
      result[(result.length - 1)] = 61;
    }
    return result;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.Base64
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import org.eclipse.osgi.baseadaptor.BaseData;
import org.eclipse.osgi.framework.internal.core.AbstractBundle;
import org.eclipse.osgi.internal.provisional.service.security.AuthorizationEngine;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleEvent;
import org.osgi.framework.SynchronousBundleListener;

public class BundleInstallListener
  implements SynchronousBundleListener
{
  public void bundleChanged(BundleEvent event)
  {
    Bundle bundle = event.getBundle();
    switch (event.getType())
    {
    case 1: 
    case 8: 
      TrustEngineListener listener = TrustEngineListener.getInstance();
      AuthorizationEngine authEngine = listener == null ? null : listener.getAuthorizationEngine();
      if (authEngine != null)
      {
        BaseData baseData = (BaseData)((AbstractBundle)bundle).getBundleData();
        SignedStorageHook hook = (SignedStorageHook)baseData.getStorageHook(SignedStorageHook.KEY);
        SignedContent signedContent = hook != null ? signedContent : null;
        authEngine.authorize(signedContent, bundle);
      }
      break;
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.BundleInstallListener
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.FilterInputStream;
import java.io.IOException;
import java.security.MessageDigest;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleFile;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.eclipse.osgi.util.NLS;

class DigestedInputStream
  extends FilterInputStream
{
  private final MessageDigest[] digests;
  private final byte[][] result;
  private final BundleEntry entry;
  private final BundleFile bundleFile;
  private long remaining;
  
  DigestedInputStream(BundleEntry entry, BundleFile bundleFile, SignerInfo[] signerInfos, byte[][] results, long size)
    throws IOException
  {
    super(entry.getInputStream());
    this.entry = entry;
    this.bundleFile = bundleFile;
    remaining = size;
    digests = new MessageDigest[signerInfos.length];
    for (int i = 0; i < signerInfos.length; i++) {
      digests[i] = SignatureBlockProcessor.getMessageDigest(signerInfos[i].getMessageDigestAlgorithm());
    }
    result = results;
  }
  
  public synchronized void mark(int readlimit) {}
  
  public boolean markSupported()
  {
    return false;
  }
  
  public int read()
    throws IOException
  {
    if (remaining <= 0L) {
      return -1;
    }
    int c = super.read();
    if (c != -1)
    {
      for (int i = 0; i < digests.length; i++) {
        digests[i].update((byte)c);
      }
      remaining -= 1L;
    }
    else
    {
      remaining = 0L;
    }
    if (remaining == 0L) {
      verifyDigests();
    }
    return c;
  }
  
  private void verifyDigests()
    throws InvalidContentException
  {
    for (int i = 0; i < digests.length; i++)
    {
      byte[] rc = digests[i].digest();
      if (!MessageDigest.isEqual(result[i], rc)) {
        throw new InvalidContentException(NLS.bind(SignedContentMessages.File_In_Jar_Is_Tampered, entry.getName(), bundleFile.getBaseFile()), null);
      }
    }
  }
  
  public int read(byte[] b, int off, int len)
    throws IOException
  {
    if (remaining <= 0L) {
      return -1;
    }
    int rc = super.read(b, off, len);
    if (rc != -1)
    {
      for (int i = 0; i < digests.length; i++) {
        digests[i].update(b, off, rc);
      }
      remaining -= rc;
    }
    else
    {
      remaining = 0L;
    }
    if (remaining <= 0L) {
      verifyDigests();
    }
    return rc;
  }
  
  public synchronized void reset()
    throws IOException
  {
    throw new IOException("Reset not supported");
  }
  
  public long skip(long n)
    throws IOException
  {
    byte[] buffer = new byte['?'];
    long count = 0L;
    while (n - count > 0L)
    {
      int rc = n - count > buffer.length ? buffer.length : (int)(n - count);
      rc = read(buffer, 0, rc);
      if (rc == -1) {
        break;
      }
      count += rc;
      n -= rc;
    }
    return count;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.DigestedInputStream
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.eclipse.osgi.internal.provisional.verifier.CertificateChain;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignerInfo;

class LegacyVerifierFactory$LegacyChain
  implements CertificateChain
{
  private final SignerInfo signerInfo;
  private final SignedContent content;
  
  public LegacyVerifierFactory$LegacyChain(SignerInfo signerInfo, SignedContent content)
  {
    this.signerInfo = signerInfo;
    this.content = content;
  }
  
  public Certificate[] getCertificates()
  {
    return signerInfo.getCertificateChain();
  }
  
  public String getChain()
  {
    StringBuffer sb = new StringBuffer();
    Certificate[] certs = getCertificates();
    for (int i = 0; i < certs.length; i++)
    {
      X509Certificate x509Cert = (X509Certificate)certs[i];
      sb.append(x509Cert.getSubjectDN().getName());
      sb.append("; ");
    }
    return sb.toString();
  }
  
  public Certificate getRoot()
  {
    Certificate[] certs = getCertificates();
    return certs.length > 0 ? certs[(certs.length - 1)] : null;
  }
  
  public Certificate getSigner()
  {
    Certificate[] certs = getCertificates();
    return certs.length > 0 ? certs[0] : null;
  }
  
  public Date getSigningTime()
  {
    return content.getSigningTime(signerInfo);
  }
  
  public boolean isTrusted()
  {
    return signerInfo.isTrusted();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.LegacyVerifierFactory.LegacyChain
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.util.ArrayList;
import java.util.List;
import org.eclipse.osgi.internal.provisional.verifier.CertificateChain;
import org.eclipse.osgi.internal.provisional.verifier.CertificateVerifier;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;

class LegacyVerifierFactory$LegacyVerifier
  implements CertificateVerifier
{
  private final SignedContent signedContent;
  
  public LegacyVerifierFactory$LegacyVerifier(SignedContent signedContent)
  {
    this.signedContent = signedContent;
  }
  
  public void checkContent()
    throws CertificateException, CertificateExpiredException
  {
    SignedContentEntry[] entries = signedContent.getSignedEntries();
    for (int i = 0; i < entries.length; i++) {
      try
      {
        entries[i].verify();
      }
      catch (InvalidContentException e)
      {
        throw ((SecurityException)new SecurityException(e.getMessage()).initCause(e));
      }
      catch (IOException e)
      {
        throw ((SecurityException)new SecurityException(e.getMessage()).initCause(e));
      }
    }
    SignerInfo[] infos = signedContent.getSignerInfos();
    for (int i = 0; i < infos.length; i++) {
      signedContent.checkValidity(infos[i]);
    }
  }
  
  public CertificateChain[] getChains()
  {
    SignerInfo[] infos = signedContent.getSignerInfos();
    CertificateChain[] chains = new CertificateChain[infos.length];
    for (int i = 0; i < chains.length; i++) {
      chains[i] = new LegacyVerifierFactory.LegacyChain(infos[i], signedContent);
    }
    return chains;
  }
  
  public boolean isSigned()
  {
    return signedContent.isSigned();
  }
  
  public String[] verifyContent()
  {
    List<String> invalidContent = new ArrayList(0);
    SignedContentEntry[] entries = signedContent.getSignedEntries();
    for (int i = 0; i < entries.length; i++) {
      try
      {
        entries[i].verify();
      }
      catch (InvalidContentException localInvalidContentException)
      {
        invalidContent.add(entries[i].getName());
      }
      catch (IOException localIOException)
      {
        invalidContent.add(entries[i].getName());
      }
    }
    return (String[])invalidContent.toArray(new String[invalidContent.size()]);
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.LegacyVerifierFactory.LegacyVerifier
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.eclipse.osgi.internal.provisional.verifier.CertificateChain;
import org.eclipse.osgi.internal.provisional.verifier.CertificateVerifier;
import org.eclipse.osgi.internal.provisional.verifier.CertificateVerifierFactory;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignedContentFactory;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.osgi.framework.Bundle;

public class LegacyVerifierFactory
  implements CertificateVerifierFactory
{
  private final SignedContentFactory signedContentFactory;
  
  public LegacyVerifierFactory(SignedContentFactory signedContentFactory)
  {
    this.signedContentFactory = signedContentFactory;
  }
  
  public CertificateVerifier getVerifier(File content)
    throws IOException
  {
    try
    {
      return new LegacyVerifier(signedContentFactory.getSignedContent(content));
    }
    catch (GeneralSecurityException e)
    {
      throw ((IOException)new IOException(e.getMessage()).initCause(e));
    }
  }
  
  public CertificateVerifier getVerifier(Bundle bundle)
    throws IOException
  {
    try
    {
      return new LegacyVerifier(signedContentFactory.getSignedContent(bundle));
    }
    catch (GeneralSecurityException e)
    {
      throw ((IOException)new IOException(e.getMessage()).initCause(e));
    }
  }
  
  static class LegacyVerifier
    implements CertificateVerifier
  {
    private final SignedContent signedContent;
    
    public LegacyVerifier(SignedContent signedContent)
    {
      this.signedContent = signedContent;
    }
    
    public void checkContent()
      throws CertificateException, CertificateExpiredException
    {
      SignedContentEntry[] entries = signedContent.getSignedEntries();
      for (int i = 0; i < entries.length; i++) {
        try
        {
          entries[i].verify();
        }
        catch (InvalidContentException e)
        {
          throw ((SecurityException)new SecurityException(e.getMessage()).initCause(e));
        }
        catch (IOException e)
        {
          throw ((SecurityException)new SecurityException(e.getMessage()).initCause(e));
        }
      }
      SignerInfo[] infos = signedContent.getSignerInfos();
      for (int i = 0; i < infos.length; i++) {
        signedContent.checkValidity(infos[i]);
      }
    }
    
    public CertificateChain[] getChains()
    {
      SignerInfo[] infos = signedContent.getSignerInfos();
      CertificateChain[] chains = new CertificateChain[infos.length];
      for (int i = 0; i < chains.length; i++) {
        chains[i] = new LegacyVerifierFactory.LegacyChain(infos[i], signedContent);
      }
      return chains;
    }
    
    public boolean isSigned()
    {
      return signedContent.isSigned();
    }
    
    public String[] verifyContent()
    {
      List<String> invalidContent = new ArrayList(0);
      SignedContentEntry[] entries = signedContent.getSignedEntries();
      for (int i = 0; i < entries.length; i++) {
        try
        {
          entries[i].verify();
        }
        catch (InvalidContentException localInvalidContentException)
        {
          invalidContent.add(entries[i].getName());
        }
        catch (IOException localIOException)
        {
          invalidContent.add(entries[i].getName());
        }
      }
      return (String[])invalidContent.toArray(new String[invalidContent.size()]);
    }
  }
  
  static class LegacyChain
    implements CertificateChain
  {
    private final SignerInfo signerInfo;
    private final SignedContent content;
    
    public LegacyChain(SignerInfo signerInfo, SignedContent content)
    {
      this.signerInfo = signerInfo;
      this.content = content;
    }
    
    public Certificate[] getCertificates()
    {
      return signerInfo.getCertificateChain();
    }
    
    public String getChain()
    {
      StringBuffer sb = new StringBuffer();
      Certificate[] certs = getCertificates();
      for (int i = 0; i < certs.length; i++)
      {
        X509Certificate x509Cert = (X509Certificate)certs[i];
        sb.append(x509Cert.getSubjectDN().getName());
        sb.append("; ");
      }
      return sb.toString();
    }
    
    public Certificate getRoot()
    {
      Certificate[] certs = getCertificates();
      return certs.length > 0 ? certs[(certs.length - 1)] : null;
    }
    
    public Certificate getSigner()
    {
      Certificate[] certs = getCertificates();
      return certs.length > 0 ? certs[0] : null;
    }
    
    public Date getSigningTime()
    {
      return content.getSigningTime(signerInfo);
    }
    
    public boolean isTrusted()
    {
      return signerInfo.isTrusted();
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.LegacyVerifierFactory
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;

public class PKCS7DateParser
{
  static Date parseDate(PKCS7Processor pkcs7Processor, String signer, String file)
    throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException
  {
    Map<int[], byte[]> unsignedAttrs = pkcs7Processor.getUnsignedAttrs();
    if (unsignedAttrs != null)
    {
      byte[] timeStampConstruct = retrieveTimeStampConstruct(unsignedAttrs);
      if (timeStampConstruct != null)
      {
        PKCS7Processor timestampProcess = new PKCS7Processor(timeStampConstruct, 0, timeStampConstruct.length, signer, file);
        timestampProcess.verifyCerts();
        pkcs7Processor.setTSACertificates(timestampProcess.getCertificates());
        return timestampProcess.getSigningTime();
      }
    }
    return null;
  }
  
  private static byte[] retrieveTimeStampConstruct(Map<int[], byte[]> unsignedAttrs)
  {
    Set<int[]> objIDs = unsignedAttrs.keySet();
    Iterator<int[]> iter = objIDs.iterator();
    while (iter.hasNext())
    {
      int[] objID = (int[])iter.next();
      if (Arrays.equals(SignedContentConstants.TIMESTAMP_OID, objID)) {
        return (byte[])unsignedAttrs.get(objID);
      }
    }
    return null;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.PKCS7DateParser
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.DateFormat;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TimeZone;
import javax.security.auth.x500.X500Principal;
import org.eclipse.osgi.util.NLS;

public class PKCS7Processor
  implements SignedContentConstants
{
  static CertificateFactory certFact;
  private final String signer;
  private final String file;
  private Certificate[] certificates;
  private Certificate[] tsaCertificates;
  private Map<int[], byte[]> signedAttrs;
  private Map<int[], byte[]> unsignedAttrs;
  private byte[] signature;
  private String digestAlgorithm;
  private String signatureAlgorithm;
  private Certificate signerCert;
  private Date signingTime;
  
  static
  {
    try
    {
      certFact = CertificateFactory.getInstance("X.509");
    }
    catch (CertificateException e)
    {
      SignedBundleHook.log(e.getMessage(), 4, e);
    }
  }
  
  private static String oid2String(int[] oid)
  {
    StringBuffer sb = new StringBuffer();
    for (int i = 0; i < oid.length; i++)
    {
      if (i > 0) {
        sb.append('.');
      }
      sb.append(oid[i]);
    }
    return sb.toString();
  }
  
  private static String findEncryption(int[] encOid)
    throws NoSuchAlgorithmException
  {
    if (Arrays.equals(DSA_OID, encOid)) {
      return "DSA";
    }
    if (Arrays.equals(RSA_OID, encOid)) {
      return "RSA";
    }
    throw new NoSuchAlgorithmException("No algorithm found for " + oid2String(encOid));
  }
  
  private static String findDigest(int[] digestOid)
    throws NoSuchAlgorithmException
  {
    if (Arrays.equals(SHA1_OID, digestOid)) {
      return "SHA1";
    }
    if (Arrays.equals(MD5_OID, digestOid)) {
      return "MD5";
    }
    if (Arrays.equals(MD2_OID, digestOid)) {
      return "MD2";
    }
    throw new NoSuchAlgorithmException("No algorithm found for " + oid2String(digestOid));
  }
  
  public PKCS7Processor(byte[] pkcs7, int pkcs7Offset, int pkcs7Length, String signer, String file)
    throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException
  {
    this.signer = signer;
    this.file = file;
    
    List<Certificate> certs = null;
    
    BERProcessor bp = new BERProcessor(pkcs7, pkcs7Offset, pkcs7Length);
    
    bp = bp.stepInto();
    if (!Arrays.equals(bp.getObjId(), SIGNEDDATA_OID)) {
      throw new SignatureException(NLS.bind(SignedContentMessages.PKCS7_Invalid_File, signer, file));
    }
    bp.stepOver();
    bp = bp.stepInto();
    bp = bp.stepInto();
    bp.stepOver();
    bp.stepOver();
    
    processEncapContentInfo(bp);
    
    bp.stepOver();
    if ((classOfTag == 2) && (tag == 0)) {
      certs = processCertificates(bp);
    }
    if ((certs == null) || (certs.size() < 1)) {
      throw new SignatureException("There are no certificates in the .RSA/.DSA file!");
    }
    bp.stepOver();
    if ((classOfTag == 0) && (tag == 1)) {
      bp.stepOver();
    }
    processSignerInfos(bp, certs);
    
    certs = constructCertPath(certs, signerCert);
    
    certificates = ((Certificate[])certs.toArray(new Certificate[certs.size()]));
    verifyCerts();
    if (signingTime == null) {
      signingTime = PKCS7DateParser.parseDate(this, signer, file);
    }
  }
  
  private void processEncapContentInfo(BERProcessor bp)
    throws SignatureException
  {
    BERProcessor encapContentBERS = bp.stepInto();
    if (Arrays.equals(encapContentBERS.getObjId(), TIMESTAMP_TST_OID))
    {
      encapContentBERS.stepOver();
      BERProcessor encapContentBERS1 = encapContentBERS.stepInto();
      
      byte[] bytesman = encapContentBERS1.getBytes();
      BERProcessor eContentStructure = new BERProcessor(bytesman, 0, bytesman.length);
      
      BERProcessor eContentBER = eContentStructure.stepInto();
      int tsaVersion = eContentBER.getIntValue().intValue();
      if (tsaVersion != 1) {
        throw new SignatureException("Not a version 1 time-stamp token");
      }
      eContentBER.stepOver();
      
      eContentBER.stepOver();
      
      eContentBER.stepOver();
      
      eContentBER.stepOver();
      
      String dateString = new String(eContentBER.getBytes());
      if (!dateString.endsWith("Z")) {
        throw new SignatureException("Wrong dateformat used in time-stamp token");
      }
      int dotIndex = dateString.indexOf('.');
      StringBuffer dateFormatSB = new StringBuffer("yyyyMMddHHmmss");
      if (dotIndex != -1)
      {
        int noS = dateString.indexOf('Z') - 1 - dotIndex;
        dateFormatSB.append('.');
        for (int i = 0; i < noS; i++) {
          dateFormatSB.append('s');
        }
      }
      dateFormatSB.append("'Z'");
      try
      {
        DateFormat dateFormt = new SimpleDateFormat(dateFormatSB.toString());
        dateFormt.setTimeZone(TimeZone.getTimeZone("GMT"));
        signingTime = dateFormt.parse(dateString);
      }
      catch (ParseException e)
      {
        throw ((SignatureException)new SignatureException(SignedContentMessages.PKCS7_Parse_Signing_Time).initCause(e));
      }
    }
  }
  
  private List<Certificate> constructCertPath(List<Certificate> certs, Certificate targetCert)
  {
    List<Certificate> certsList = new ArrayList();
    certsList.add(targetCert);
    
    X509Certificate currentCert = (X509Certificate)targetCert;
    int numIteration = certs.size();
    int i = 0;
    while (i < numIteration)
    {
      X500Principal subject = currentCert.getSubjectX500Principal();
      X500Principal issuer = currentCert.getIssuerX500Principal();
      if (subject.equals(issuer)) {
        break;
      }
      currentCert = null;
      Iterator<Certificate> itr = certs.iterator();
      while (itr.hasNext())
      {
        X509Certificate tempCert = (X509Certificate)itr.next();
        if (tempCert.getSubjectX500Principal().equals(issuer))
        {
          certsList.add(tempCert);
          currentCert = tempCert;
        }
      }
      i++;
    }
    return certsList;
  }
  
  public void verifyCerts()
    throws InvalidKeyException, SignatureException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException
  {
    if ((certificates == null) || (certificates.length == 0)) {
      throw new CertificateException("There are no certificates in the signature block file!");
    }
    int len = certificates.length;
    for (int i = 0; i < len; i++)
    {
      X509Certificate currentX509Cert = (X509Certificate)certificates[i];
      if (i == len - 1)
      {
        if (currentX509Cert.getSubjectDN().equals(currentX509Cert.getIssuerDN())) {
          currentX509Cert.verify(currentX509Cert.getPublicKey());
        }
      }
      else
      {
        X509Certificate nextX509Cert = (X509Certificate)certificates[(i + 1)];
        currentX509Cert.verify(nextX509Cert.getPublicKey());
      }
    }
  }
  
  private Certificate processSignerInfos(BERProcessor bp, List<Certificate> certs)
    throws CertificateException, NoSuchAlgorithmException, SignatureException
  {
    bp = bp.stepInto();
    bp = bp.stepInto();
    
    BigInteger signerInfoVersion = bp.getIntValue();
    if (signerInfoVersion.intValue() != 1) {
      throw new CertificateException(SignedContentMessages.PKCS7_SignerInfo_Version_Not_Supported);
    }
    bp.stepOver();
    
    BERProcessor issuerAndSN = bp.stepInto();
    X500Principal signerIssuer = new X500Principal(new ByteArrayInputStream(buffer, offset, endOffset - offset));
    issuerAndSN.stepOver();
    BigInteger sn = issuerAndSN.getIntValue();
    
    Certificate newSignerCert = null;
    
    Iterator<Certificate> itr = certs.iterator();
    while (itr.hasNext())
    {
      X509Certificate cert = (X509Certificate)itr.next();
      if ((cert.getIssuerX500Principal().equals(signerIssuer)) && (cert.getSerialNumber().equals(sn)))
      {
        newSignerCert = cert;
        break;
      }
    }
    if (newSignerCert == null) {
      throw new CertificateException("Signer certificate not in pkcs7block");
    }
    signerCert = newSignerCert;
    
    bp.stepOver();
    
    BERProcessor digestAlg = bp.stepInto();
    digestAlgorithm = findDigest(digestAlg.getObjId());
    
    bp.stepOver();
    
    processSignedAttributes(bp);
    
    BERProcessor encryptionAlg = bp.stepInto();
    signatureAlgorithm = findEncryption(encryptionAlg.getObjId());
    bp.stepOver();
    
    signature = bp.getBytes();
    
    bp.stepOver();
    
    processUnsignedAttributes(bp);
    
    return newSignerCert;
  }
  
  private void processUnsignedAttributes(BERProcessor bp)
    throws SignatureException
  {
    if ((classOfTag == 2) && (tag == 1))
    {
      unsignedAttrs = new HashMap();
      
      BERProcessor unsignedAttrsBERS = bp.stepInto();
      do
      {
        BERProcessor unsignedAttrBER = unsignedAttrsBERS.stepInto();
        
        int[] objID = unsignedAttrBER.getObjId();
        
        unsignedAttrBER.stepOver();
        byte[] structure = unsignedAttrBER.getBytes();
        unsignedAttrs.put(objID, structure);
        unsignedAttrsBERS.stepOver();
      } while (!
      
        unsignedAttrsBERS.endOfSequence());
    }
  }
  
  private void processSignedAttributes(BERProcessor bp)
    throws SignatureException
  {
    if (classOfTag == 2)
    {
      signedAttrs = new HashMap();
      
      BERProcessor signedAttrsBERS = bp.stepInto();
      do
      {
        BERProcessor signedAttrBER = signedAttrsBERS.stepInto();
        int[] signedAttrObjID = signedAttrBER.getObjId();
        
        signedAttrBER.stepOver();
        
        byte[] signedAttrStructure = signedAttrBER.getBytes();
        
        signedAttrs.put(signedAttrObjID, signedAttrStructure);
        
        signedAttrsBERS.stepOver();
      } while (!
      
        signedAttrsBERS.endOfSequence());
      bp.stepOver();
    }
  }
  
  public Certificate[] getCertificates()
  {
    return certificates == null ? new Certificate[0] : certificates;
  }
  
  public void verifySFSignature(byte[] data, int dataOffset, int dataLength)
    throws InvalidKeyException, NoSuchAlgorithmException, SignatureException
  {
    Signature sig = Signature.getInstance(digestAlgorithm + "with" + signatureAlgorithm);
    sig.initVerify(signerCert.getPublicKey());
    sig.update(data, dataOffset, dataLength);
    if (!sig.verify(signature)) {
      throw new SignatureException(NLS.bind(SignedContentMessages.Signature_Not_Verify, signer, file));
    }
  }
  
  public Map<int[], byte[]> getUnsignedAttrs()
  {
    return unsignedAttrs;
  }
  
  public Map<int[], byte[]> getSignedAttrs()
  {
    return signedAttrs;
  }
  
  private List<Certificate> processCertificates(BERProcessor bp)
    throws CertificateException, SignatureException
  {
    List<Certificate> rtvList = new ArrayList(3);
    
    BERProcessor certsBERS = bp.stepInto();
    do
    {
      X509Certificate x509Cert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(buffer, offset, endOffset - offset));
      if (x509Cert != null) {
        rtvList.add(x509Cert);
      }
      certsBERS.stepOver();
    } while (!
    
      certsBERS.endOfSequence());
    return rtvList;
  }
  
  public Date getSigningTime()
  {
    return signingTime;
  }
  
  void setTSACertificates(Certificate[] tsaCertificates)
  {
    this.tsaCertificates = tsaCertificates;
  }
  
  public Certificate[] getTSACertificates()
  {
    return tsaCertificates == null ? new Certificate[0] : tsaCertificates;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.PKCS7Processor
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
p
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84

Further reading...

For more information on Java 1.5 Tiger, you may find Java 1.5 Tiger, A developer's Notebook by D. Flanagan and B. McLaughlin from O'Reilly of interest.

New!JAR listings


Copyright 2006-2019. Infinite Loop Ltd