Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 868339 Details for
Bug 1070579
itext: port to bouncycastle 1.50
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
port to bouncycastle 1.50
0001-Port-to-bouncycastle-1.50.patch (text/plain), 13.00 KB, created by
Michal Srb
on 2014-02-27 06:52:22 UTC
(
hide
)
Description:
port to bouncycastle 1.50
Filename:
MIME Type:
Creator:
Michal Srb
Created:
2014-02-27 06:52:22 UTC
Size:
13.00 KB
patch
obsolete
>From c1267522e730b5b0e0c905f2fedc3e8adb818bef Mon Sep 17 00:00:00 2001 >From: Michal Srb <msrb@redhat.com> >Date: Thu, 27 Feb 2014 07:38:54 +0100 >Subject: [PATCH] Port to bouncycastle 1.50 > >--- > src/core/com/lowagie/text/pdf/PdfPKCS7.java | 38 +++++++++++++--------- > .../text/pdf/PdfPublicKeySecurityHandler.java | 15 ++++----- > src/core/com/lowagie/text/pdf/PdfReader.java | 4 ++- > 3 files changed, 32 insertions(+), 25 deletions(-) > >diff --git a/src/core/com/lowagie/text/pdf/PdfPKCS7.java b/src/core/com/lowagie/text/pdf/PdfPKCS7.java >index 8ccc73e..289a1e0 100755 >--- a/src/core/com/lowagie/text/pdf/PdfPKCS7.java >+++ b/src/core/com/lowagie/text/pdf/PdfPKCS7.java >@@ -75,7 +75,7 @@ import java.util.HashSet; > import java.util.Iterator; > import java.util.Set; > >-import org.bouncycastle.asn1.ASN1Encodable; >+import org.bouncycastle.asn1.ASN1Encoding; > import org.bouncycastle.asn1.ASN1EncodableVector; > import org.bouncycastle.asn1.ASN1InputStream; > import org.bouncycastle.asn1.ASN1OutputStream; >@@ -85,13 +85,13 @@ import org.bouncycastle.asn1.ASN1TaggedObject; > import org.bouncycastle.asn1.DEREnumerated; > import org.bouncycastle.asn1.DERInteger; > import org.bouncycastle.asn1.DERNull; >-import org.bouncycastle.asn1.DERObject; >+import org.bouncycastle.asn1.ASN1Primitive; > import org.bouncycastle.asn1.DERObjectIdentifier; > import org.bouncycastle.asn1.DEROctetString; > import org.bouncycastle.asn1.DEROutputStream; > import org.bouncycastle.asn1.DERSequence; > import org.bouncycastle.asn1.DERSet; >-import org.bouncycastle.asn1.DERString; >+import org.bouncycastle.asn1.ASN1String; > import org.bouncycastle.asn1.DERTaggedObject; > import org.bouncycastle.asn1.DERUTCTime; > import org.bouncycastle.asn1.cms.AttributeTable; >@@ -100,14 +100,19 @@ import org.bouncycastle.asn1.ocsp.BasicOCSPResponse; > import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers; > import org.bouncycastle.jce.provider.X509CRLParser; > import org.bouncycastle.jce.provider.X509CertParser; >+ > import com.lowagie.text.ExceptionConverter; >+ > import java.security.cert.CertificateParsingException; > import java.util.Date; >+ > import org.bouncycastle.asn1.ASN1OctetString; > import org.bouncycastle.asn1.cms.ContentInfo; > import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; > import org.bouncycastle.asn1.tsp.MessageImprint; > import org.bouncycastle.asn1.x509.X509Extensions; >+import org.bouncycastle.cms.SignerInformationVerifier; >+import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder; > import org.bouncycastle.ocsp.BasicOCSPResp; > import org.bouncycastle.ocsp.CertificateID; > import org.bouncycastle.ocsp.SingleResp; >@@ -379,7 +384,7 @@ public class PdfPKCS7 { > // > // Basic checks to make sure it's a PKCS#7 SignedData Object > // >- DERObject pkcs; >+ ASN1Primitive pkcs; > > try { > pkcs = din.readObject(); >@@ -464,7 +469,7 @@ public class PdfPKCS7 { > if (signerInfo.getObjectAt(next) instanceof ASN1TaggedObject) { > ASN1TaggedObject tagsig = (ASN1TaggedObject)signerInfo.getObjectAt(next); > ASN1Set sseq = ASN1Set.getInstance(tagsig, false); >- sigAttr = sseq.getEncoded(ASN1Encodable.DER); >+ sigAttr = sseq.getEncoded(ASN1Encoding.DER); > > for (int k = 0; k < sseq.size(); ++k) { > ASN1Sequence seq2 = (ASN1Sequence)sseq.getObjectAt(k); >@@ -928,7 +933,8 @@ public class PdfPKCS7 { > if (!keystore.isCertificateEntry(alias)) > continue; > X509Certificate certStoreX509 = (X509Certificate)keystore.getCertificate(alias); >- ts.validate(certStoreX509, provider); >+ SignerInformationVerifier siv = new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider).build(certStoreX509); >+ ts.validate(siv); > return true; > } > catch (Exception ex) { >@@ -949,7 +955,7 @@ public class PdfPKCS7 { > */ > public static String getOCSPURL(X509Certificate certificate) throws CertificateParsingException { > try { >- DERObject obj = getExtensionValue(certificate, X509Extensions.AuthorityInfoAccess.getId()); >+ ASN1Primitive obj = getExtensionValue(certificate, X509Extensions.AuthorityInfoAccess.getId()); > if (obj == null) { > return null; > } >@@ -961,7 +967,7 @@ public class PdfPKCS7 { > continue; > } else { > if ((AccessDescription.getObjectAt(0) instanceof DERObjectIdentifier) && ((DERObjectIdentifier)AccessDescription.getObjectAt(0)).getId().equals("1.3.6.1.5.5.7.48.1")) { >- String AccessLocation = getStringFromGeneralName((DERObject)AccessDescription.getObjectAt(1)); >+ String AccessLocation = getStringFromGeneralName((ASN1Primitive)AccessDescription.getObjectAt(1)); > if ( AccessLocation == null ) { > return "" ; > } else { >@@ -999,7 +1005,7 @@ public class PdfPKCS7 { > return false; > } > >- private static DERObject getExtensionValue(X509Certificate cert, String oid) throws IOException { >+ private static ASN1Primitive getExtensionValue(X509Certificate cert, String oid) throws IOException { > byte[] bytes = cert.getExtensionValue(oid); > if (bytes == null) { > return null; >@@ -1010,7 +1016,7 @@ public class PdfPKCS7 { > return aIn.readObject(); > } > >- private static String getStringFromGeneralName(DERObject names) throws IOException { >+ private static String getStringFromGeneralName(ASN1Primitive names) throws IOException { > DERTaggedObject taggedObject = (DERTaggedObject) names ; > return new String(ASN1OctetString.getInstance(taggedObject, false).getOctets(), "ISO-8859-1"); > } >@@ -1020,11 +1026,11 @@ public class PdfPKCS7 { > * @param enc a TBSCertificate in a byte array > * @return a DERObject > */ >- private static DERObject getIssuer(byte[] enc) { >+ private static ASN1Primitive getIssuer(byte[] enc) { > try { > ASN1InputStream in = new ASN1InputStream(new ByteArrayInputStream(enc)); > ASN1Sequence seq = (ASN1Sequence)in.readObject(); >- return (DERObject)seq.getObjectAt(seq.getObjectAt(0) instanceof DERTaggedObject ? 3 : 2); >+ return (ASN1Primitive)seq.getObjectAt(seq.getObjectAt(0) instanceof DERTaggedObject ? 3 : 2); > } > catch (IOException e) { > throw new ExceptionConverter(e); >@@ -1036,11 +1042,11 @@ public class PdfPKCS7 { > * @param enc A TBSCertificate in a byte array > * @return a DERObject > */ >- private static DERObject getSubject(byte[] enc) { >+ private static ASN1Primitive getSubject(byte[] enc) { > try { > ASN1InputStream in = new ASN1InputStream(new ByteArrayInputStream(enc)); > ASN1Sequence seq = (ASN1Sequence)in.readObject(); >- return (DERObject)seq.getObjectAt(seq.getObjectAt(0) instanceof DERTaggedObject ? 5 : 4); >+ return (ASN1Primitive)seq.getObjectAt(seq.getObjectAt(0) instanceof DERTaggedObject ? 5 : 4); > } > catch (IOException e) { > throw new ExceptionConverter(e); >@@ -1340,7 +1346,7 @@ public class PdfPKCS7 { > */ > public byte[] getAuthenticatedAttributeBytes(byte secondDigest[], Calendar signingTime, byte[] ocsp) { > try { >- return getAuthenticatedAttributeSet(secondDigest, signingTime, ocsp).getEncoded(ASN1Encodable.DER); >+ return getAuthenticatedAttributeSet(secondDigest, signingTime, ocsp).getEncoded(ASN1Encoding.DER); > } > catch (Exception e) { > throw new ExceptionConverter(e); >@@ -1575,7 +1581,7 @@ public class PdfPKCS7 { > vs = new ArrayList(); > values.put(id, vs); > } >- vs.add(((DERString)s.getObjectAt(1)).getString()); >+ vs.add(((ASN1Primitive)s.getObjectAt(1)).toString()); > } > } > } >diff --git a/src/core/com/lowagie/text/pdf/PdfPublicKeySecurityHandler.java b/src/core/com/lowagie/text/pdf/PdfPublicKeySecurityHandler.java >index ed30814..0878306 100644 >--- a/src/core/com/lowagie/text/pdf/PdfPublicKeySecurityHandler.java >+++ b/src/core/com/lowagie/text/pdf/PdfPublicKeySecurityHandler.java >@@ -92,7 +92,6 @@ package com.lowagie.text.pdf; > import java.io.ByteArrayInputStream; > import java.io.ByteArrayOutputStream; > import java.io.IOException; >- > import java.security.AlgorithmParameterGenerator; > import java.security.AlgorithmParameters; > import java.security.GeneralSecurityException; >@@ -100,7 +99,6 @@ import java.security.NoSuchAlgorithmException; > import java.security.SecureRandom; > import java.security.cert.Certificate; > import java.security.cert.X509Certificate; >- > import java.util.ArrayList; > > import javax.crypto.Cipher; >@@ -108,7 +106,8 @@ import javax.crypto.KeyGenerator; > import javax.crypto.SecretKey; > > import org.bouncycastle.asn1.ASN1InputStream; >-import org.bouncycastle.asn1.DERObject; >+import org.bouncycastle.asn1.ASN1Primitive; >+import org.bouncycastle.asn1.ASN1Set; > import org.bouncycastle.asn1.DERObjectIdentifier; > import org.bouncycastle.asn1.DEROctetString; > import org.bouncycastle.asn1.DEROutputStream; >@@ -244,7 +243,7 @@ public class PdfPublicKeySecurityHandler { > pkcs7input[22] = two; > pkcs7input[23] = one; > >- DERObject obj = createDERForRecipient(pkcs7input, (X509Certificate)certificate); >+ ASN1Primitive obj = createDERForRecipient(pkcs7input, (X509Certificate)certificate); > > ByteArrayOutputStream baos = new ByteArrayOutputStream(); > >@@ -276,7 +275,7 @@ public class PdfPublicKeySecurityHandler { > return EncodedRecipients; > } > >- private DERObject createDERForRecipient(byte[] in, X509Certificate cert) >+ private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) > throws IOException, > GeneralSecurityException > { >@@ -287,7 +286,7 @@ public class PdfPublicKeySecurityHandler { > AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters(); > ByteArrayInputStream bytearrayinputstream = new ByteArrayInputStream(algorithmparameters.getEncoded("ASN.1")); > ASN1InputStream asn1inputstream = new ASN1InputStream(bytearrayinputstream); >- DERObject derobject = asn1inputstream.readObject(); >+ ASN1Primitive derobject = asn1inputstream.readObject(); > KeyGenerator keygenerator = KeyGenerator.getInstance(s); > keygenerator.init(128); > SecretKey secretkey = keygenerator.generateKey(); >@@ -300,10 +299,10 @@ public class PdfPublicKeySecurityHandler { > AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new DERObjectIdentifier(s), derobject); > EncryptedContentInfo encryptedcontentinfo = > new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring); >- EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, null); >+ EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, (ASN1Set) null); > ContentInfo contentinfo = > new ContentInfo(PKCSObjectIdentifiers.envelopedData, env); >- return contentinfo.getDERObject(); >+ return contentinfo.toASN1Primitive(); > } > > private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0) >diff --git a/src/core/com/lowagie/text/pdf/PdfReader.java b/src/core/com/lowagie/text/pdf/PdfReader.java >index 8699f22..cf9c16a 100755 >--- a/src/core/com/lowagie/text/pdf/PdfReader.java >+++ b/src/core/com/lowagie/text/pdf/PdfReader.java >@@ -67,6 +67,7 @@ import java.util.zip.InflaterInputStream; > import java.util.Stack; > import java.security.Key; > import java.security.MessageDigest; >+import java.security.PrivateKey; > import java.security.cert.Certificate; > > import com.lowagie.text.ExceptionConverter; >@@ -80,6 +81,7 @@ import com.lowagie.text.pdf.internal.PdfViewerPreferencesImp; > > import org.bouncycastle.cms.CMSEnvelopedData; > import org.bouncycastle.cms.RecipientInformation; >+import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient; > > /** Reads a PDF document. > * @author Paulo Soares (psoares@consiste.pt) >@@ -719,7 +721,7 @@ public class PdfReader implements PdfViewerPreferences { > RecipientInformation recipientInfo = (RecipientInformation)recipientCertificatesIt.next(); > > if (recipientInfo.getRID().match(certificate) && !foundRecipient) { >- envelopedData = recipientInfo.getContent(certificateKey, certificateKeyProvider); >+ envelopedData = recipientInfo.getContent(new JceKeyTransEnvelopedRecipient((PrivateKey) certificateKey).setProvider(certificateKeyProvider)); > foundRecipient = true; > } > } >-- >1.8.5.3 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=868339">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1070579
: 868339