iaik.smime
Class TrustVerifier

java.lang.Object
  extended by iaik.smime.TrustVerifier

public class TrustVerifier
extends java.lang.Object

A TrustVerifier object keeps track of trusted certificates and verifies certificate chains. The class implements a very simple trust verifier (for example, it does not handle X.509v3 extensions and has no kind of revocation checking) that can be replaced by a more advanced one if desired.


Field Summary
protected  java.io.PrintWriter debugWriter_
          Writer to which debug information may be written.
protected  java.util.Hashtable trustedCerts_
          Trust store holding the certificates using IssuerAndSerialNumber as key.
 
Constructor Summary
TrustVerifier()
          Creates a new TrustVerifier.
 
Method Summary
 void addTrustedCertificate(X509Certificate cert)
          Adds a trusted certificate.
 boolean checkEMail(java.lang.String emailFROM, X509Certificate signer)
          Checks if the email given in the From header corresponds to the one given in the certificate.
 X509Certificate[] getCertificates(java.security.Principal subjectDN)
          Returns all certificates with the given subjectDN.
 X509Certificate[] getCertificates(java.lang.String email)
          Returns all certificates with the given email address.
static java.util.Enumeration getEmailAddresses(X509Certificate cert)
          Returns the email adresses of the subject in the given certificate.
 java.util.Enumeration getTrustedCertificates()
          Enumerates the explicitly trusted certificates.
 X509Certificate getTrustedIssuerCert(X509Certificate cert)
          Gets the issuer certificate of the given certificate (if available in the pool of trusted certificates).
 X509Certificate[] getTrustedIssuerCerts(X509Certificate cert)
          Gets all issuer certificates of the given certificate (if available in the pool of trusted certificates).
 boolean isTrustedCertificate(X509Certificate cert)
          Checks if the given certificate is explicitly trusted.
 boolean removeTrustedCertificate(X509Certificate cert)
          Removes a trusted certificate.
 void setDebugStream(java.io.OutputStream out)
          Sets the stream to which debug information shall be printed.
 int size()
          Returns the number of explicitly trusted certificates.
 void verifyCertificateChain(X509Certificate[] certs)
          Verifies a certificate chain.
 void verifyCertificateChain(X509Certificate[] certs, java.lang.String debugID)
          Verifies a certificate chain.
 boolean verifyChain(X509Certificate[] certs)
          Deprecated. use verifyCertificateChain instead
 boolean verifyChain(X509Certificate[] certs, java.lang.String debugID)
          Deprecated. use verifyCertificateChain instead
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

trustedCerts_

protected java.util.Hashtable trustedCerts_
Trust store holding the certificates using IssuerAndSerialNumber as key.


debugWriter_

protected java.io.PrintWriter debugWriter_
Writer to which debug information may be written.

Constructor Detail

TrustVerifier

public TrustVerifier()
Creates a new TrustVerifier. Initially the list of trusted certificates is empty.

Method Detail

addTrustedCertificate

public void addTrustedCertificate(X509Certificate cert)
Adds a trusted certificate.

Parameters:
cert - the trusted certificate to be added.

removeTrustedCertificate

public boolean removeTrustedCertificate(X509Certificate cert)
Removes a trusted certificate. If the certificate was not trusted this method does nothing.

Parameters:
cert - the certificate to be removed from the trust repository
Returns:
true if the cert successfully has been remove, false otherwise

size

public int size()
Returns the number of explicitly trusted certificates.

Returns:
the number of explicitly trusted certificates

getTrustedCertificates

public java.util.Enumeration getTrustedCertificates()
Enumerates the explicitly trusted certificates. The enumeration maybe empty.

Returns:
the explicitly trusted certificates

getCertificates

public X509Certificate[] getCertificates(java.security.Principal subjectDN)
Returns all certificates with the given subjectDN.

Parameters:
subjectDN - the subjectDN to be searched for
Returns:
all certificates with the given subjectDN; the array may be empty if no certificate with the subjectDN is included

getCertificates

public X509Certificate[] getCertificates(java.lang.String email)
Returns all certificates with the given email address.

Parameters:
email - the email address to be searched for
Returns:
all certificates with the given email address; the array may be empty if no certificate with the email address is included

isTrustedCertificate

public boolean isTrustedCertificate(X509Certificate cert)
Checks if the given certificate is explicitly trusted.

Parameters:
cert - the cert which shall be checked for trust
Returns:
true if the cert is trusted, false otherwise

getTrustedIssuerCert

public X509Certificate getTrustedIssuerCert(X509Certificate cert)
Gets the issuer certificate of the given certificate (if available in the pool of trusted certificates).

Parameters:
cert - the cert to be searched for a trusted issuer
Returns:
the trusted issuer certificate or null if no trusted issuer cert is in the repository

getTrustedIssuerCerts

public X509Certificate[] getTrustedIssuerCerts(X509Certificate cert)
Gets all issuer certificates of the given certificate (if available in the pool of trusted certificates).

Parameters:
cert - the cert to be searched for trusted issuers
Returns:
the trusted issuer certificates; the array may be empty if no trusted issuer certs are in the repository

verifyChain

public boolean verifyChain(X509Certificate[] certs)
Deprecated. use verifyCertificateChain instead

Verifies a certificate chain. The end entity certificate should be at index 0 in the array. The chain should either be null, a full certificate chain (up to and including the self signed root certificate), or an incomplete certificate chain.

This implementation does the following in order:

  1. If the chain is null, it returns true if null is trusted, otherwise false.
  2. The chain is verified starting at the user certificate via verifyCert(). If any call returns true it returns true, if any throws an exception it returns false.
  3. If the previous steps did not cause the method to stop it returns true if and only if size() returns 0, i.e. no certificates are trusted at all.

That means invalid certificate chains (signatures that do not verify, expired certificates) are never accepted. If trusted certificates are set only valid chains containing a trusted certificate are accepted, otherwise all valid chains are accepted.

Parameters:
certs - the cert chain to be verified
Returns:
true if the chain verifies up to a trusted certificate or the chain verifies and there are no trusted certificates in the pool (all is trusted), false otherwise

verifyChain

public boolean verifyChain(X509Certificate[] certs,
                           java.lang.String debugID)
Deprecated. use verifyCertificateChain instead

Verifies a certificate chain. The end entity certificate should be at index 0 in the array. The chain should either be null, a full certificate chain (up to and including the self signed root certificate), or an incomplete certificate chain.

This implementation does the following in order:

  1. If the chain is null, it returns true if null is trusted, otherwise false.
  2. The chain is verified starting at the user certificate via verifyCert(). If any call returns true it returns true, if any throws an exception it returns false.
  3. If the previous steps did not cause the method to stop it returns true if and only if size() returns 0, i.e. no certificates are trusted at all.

That means invalid certificate chains (signatures that do not verify, expired certificates) are never accepted. If trusted certificates are set only valid chains containing a trusted certificate are accepted, otherwise all valid chains are accepted.

Parameters:
certs - the cert chain to be verified
debugID - an ID to may be printed in front of debug messages; may be null
Returns:
true if the chain verifies up to a trusted certificate or the chain verifies and there are no trusted certificates in the pool (all is trusted), false otherwise

verifyCertificateChain

public void verifyCertificateChain(X509Certificate[] certs)
                            throws java.security.cert.CertificateException
Verifies a certificate chain. The end entity certificate should be at index 0 in the array. The chain should either be null, a full certificate chain (up to and including the self signed root certificate), or an incomplete certificate chain.

This implementation does the following in order:

  1. If the chain is null, it returns true if null is trusted, otherwise false.
  2. The chain is verified starting at the user certificate via verifyCert(). If any call returns true it returns true, if any throws an exception it returns false.
  3. If the previous steps did not cause the method to stop it returns true if and only if size() returns 0, i.e. no certificates are trusted at all.

That means invalid certificate chains (signatures that do not verify, expired certificates) are never accepted. If trusted certificates are set only valid chains containing a trusted certificate are accepted, otherwise all valid chains are accepted.

Parameters:
certs - the cert chain to be verified
Throws:
java.security.cert.CertificateException - if the chain does not verify up to a trusted certificate

verifyCertificateChain

public void verifyCertificateChain(X509Certificate[] certs,
                                   java.lang.String debugID)
                            throws java.security.cert.CertificateException
Verifies a certificate chain. The end entity certificate should be at index 0 in the array. The chain should either be null, a full certificate chain (up to and including the self signed root certificate), or an incomplete certificate chain.

This implementation does the following in order:

  1. If the chain is null, it returns true if null is trusted, otherwise false.
  2. The chain is verified starting at the user certificate via verifyCert(). If any call returns true it returns true, if any throws an exception it returns false.
  3. If the previous steps did not cause the method to stop it returns true if and only if size() returns 0, i.e. no certificates are trusted at all.

That means invalid certificate chains (signatures that do not verify, expired certificates) are never accepted. If trusted certificates are set only valid chains containing a trusted certificate are accepted, otherwise all valid chains are accepted.

Parameters:
certs - the cert chain to be verified
debugID - an ID to may be printed in front of debug messages; may be null
Throws:
java.security.cert.CertificateException - if the chain does not verify up to a trusted certificate

setDebugStream

public void setDebugStream(java.io.OutputStream out)
Sets the stream to which debug information shall be printed.

Parameters:
out - the stream to which debug information shall be written; maybe null for disabling debug output

checkEMail

public boolean checkEMail(java.lang.String emailFROM,
                          X509Certificate signer)
Checks if the email given in the From header corresponds to the one given in the certificate. This method performs the following checks:
  1. If there is the email given in the subjectDN of the cert and is equal to the email of the From header, this method returns true. If it is not equal this method returns false.
  2. If there is an email given in the subjectAltName extension of the cert and is equal to the email of the From header, this method returns true. If it is not equal this method returns false.
  3. If there is neither an email given in the subjectDN field nor in the subAltName extension, this method returns true if the cert is a CA cert which for S/MIME does not have to contain an email. If the cert is an end entity cert and has no email, this method returns false.

Parameters:
emailFROM - the email given in the From header field (the email has to be formatted as an "addr-spec" as defined in RFC 822. An addr-spec has the form "local-part@domain".
signer - the signer certificate
Returns:
true if this certificate contains an email that matches to the From: email, or if the certificate does not contain an email but is a CA certificate; false if emails are present in the certificate but none of them matches to the From: email, or if the certificate is an end entity certificate without an email

getEmailAddresses

public static java.util.Enumeration getEmailAddresses(X509Certificate cert)
Returns the email adresses of the subject in the given certificate. The method checks also adresses in the subject alternative name extension.

Parameters:
cert - the certificate to be searched for any included email address
Returns:
an Enumeration of all email addresses (String objects) contained in the given certificate

This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).

IAIK-CMS 5.1, (c) 2002 IAIK, (c) 2003 - 2010 SIC