001: package org.bouncycastle.mail.smime.examples;
002:
003: import java.security.cert.CertStore;
004: import java.security.cert.X509Certificate;
005: import java.util.Collection;
006: import java.util.Iterator;
007: import java.util.Properties;
008:
009: import javax.mail.Session;
010: import javax.mail.internet.MimeMessage;
011: import javax.mail.internet.MimeMultipart;
012:
013: import org.bouncycastle.cms.SignerInformation;
014: import org.bouncycastle.cms.SignerInformationStore;
015: import org.bouncycastle.mail.smime.SMIMESignedParser;
016:
017: import org.bouncycastle.mail.smime.util.SharedFileInputStream;
018:
019: /**
020: * a simple example that reads a basic SMIME signed mail file.
021: */
022: public class ReadLargeSignedMail {
023: /**
024: * verify the signature (assuming the cert is contained in the message)
025: */
026: private static void verify(SMIMESignedParser s) throws Exception {
027: //
028: // extract the information to verify the signatures.
029: //
030:
031: //
032: // certificates and crls passed in the signature - this must happen before
033: // s.getSignerInfos()
034: //
035: CertStore certs = s.getCertificatesAndCRLs("Collection", "BC");
036:
037: //
038: // SignerInfo blocks which contain the signatures
039: //
040: SignerInformationStore signers = s.getSignerInfos();
041:
042: Collection c = signers.getSigners();
043: Iterator it = c.iterator();
044:
045: //
046: // check each signer
047: //
048: while (it.hasNext()) {
049: SignerInformation signer = (SignerInformation) it.next();
050: Collection certCollection = certs.getCertificates(signer
051: .getSID());
052:
053: Iterator certIt = certCollection.iterator();
054: X509Certificate cert = (X509Certificate) certIt.next();
055:
056: //
057: // verify that the sig is correct and that it was generated
058: // when the certificate was current
059: //
060: if (signer.verify(cert, "BC")) {
061: System.out.println("signature verified");
062: } else {
063: System.out.println("signature failed!");
064: }
065: }
066: }
067:
068: public static void main(String[] args) throws Exception {
069: //
070: // Get a Session object with the default properties.
071: //
072: Properties props = System.getProperties();
073:
074: Session session = Session.getDefaultInstance(props, null);
075:
076: MimeMessage msg = new MimeMessage(session,
077: new SharedFileInputStream("signed.message"));
078:
079: //
080: // make sure this was a multipart/signed message - there should be
081: // two parts as we have one part for the content that was signed and
082: // one part for the actual signature.
083: //
084: if (msg.isMimeType("multipart/signed")) {
085: SMIMESignedParser s = new SMIMESignedParser(
086: (MimeMultipart) msg.getContent());
087:
088: System.out.println("Status:");
089:
090: verify(s);
091: } else if (msg.isMimeType("application/pkcs7-mime")) {
092: //
093: // in this case the content is wrapped in the signature block.
094: //
095: SMIMESignedParser s = new SMIMESignedParser(msg);
096:
097: System.out.println("Status:");
098:
099: verify(s);
100: } else {
101: System.err.println("Not a signed message!");
102: }
103: }
104: }
|