Example usage for org.bouncycastle.cert.crmf.jcajce JceAsymmetricValueDecryptorGenerator getValueDecryptor

List of usage examples for org.bouncycastle.cert.crmf.jcajce JceAsymmetricValueDecryptorGenerator getValueDecryptor

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cert.crmf.jcajce.*
  5. JceAsymmetricValueDecryptorGenerator
  6. getValueDecryptor

Introduction

In this page you can find the example usage for org.bouncycastle.cert.crmf.jcajce JceAsymmetricValueDecryptorGenerator getValueDecryptor.

Prototype

public InputDecryptor getValueDecryptor(AlgorithmIdentifier keyEncryptionAlgorithm,
            final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
            throws CRMFException

Source Link

Usage

From source file:org.cryptable.pki.communication.PKICMPMessages.java

License:Open Source License

/**
 * Process the certification in the PKIBody content. This is used by the initialization process
 * certification and keyupdate process// w  w  w .ja v a 2s. co  m
 *
 * @param pkiBody
 * @return
 * @throws IOException
 * @throws CMSException
 * @throws CRMFException
 * @throws InvalidKeySpecException
 * @throws NoSuchAlgorithmException
 * @throws CertificateException
 */
CertificationResult processCertification(PKIBody pkiBody) throws IOException, CMSException, CRMFException,
        InvalidKeySpecException, NoSuchAlgorithmException, CertificateException {
    CertificationResult certificationResult = new CertificationResult();
    CertRepMessage certRepMessage = CertRepMessage.getInstance(pkiBody.getContent());
    CertResponse[] certResponses = certRepMessage.getResponse();
    certificationResult.setCertificateId(certResponses[0].getCertReqId().getValue());
    CMPCertificate certificate = certResponses[0].getCertifiedKeyPair().getCertOrEncCert().getCertificate();

    certificationResult.setX509Certificate(new JcaX509CertificateConverter()
            .getCertificate(new X509CertificateHolder(certificate.getX509v3PKCert())));

    EncryptedValue encPrivateKey = certResponses[0].getCertifiedKeyPair().getPrivateKey();
    if (encPrivateKey != null) {
        JceAsymmetricValueDecryptorGenerator jceAsymmetricValueDecryptorGenerator = new JceAsymmetricValueDecryptorGenerator(
                pkiKeyStore.getSenderPrivateKey());
        InputDecryptor decryptor = jceAsymmetricValueDecryptorGenerator.getValueDecryptor(
                encPrivateKey.getKeyAlg(), encPrivateKey.getSymmAlg(),
                encPrivateKey.getEncSymmKey().getBytes());
        InputStream dataIn = decryptor
                .getInputStream(new ByteArrayInputStream(encPrivateKey.getEncValue().getBytes()));
        byte[] data = Streams.readAll(dataIn);
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(data);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");

        certificationResult.setPrivateKey(keyFactory.generatePrivate(pkcs8EncodedKeySpec));
    }

    CMPCertificate[] caPubs = certRepMessage.getCaPubs();
    for (CMPCertificate cmpCertificate : caPubs) {
        certificationResult.addX509CertificateToChain(new JcaX509CertificateConverter()
                .getCertificate(new X509CertificateHolder(cmpCertificate.getX509v3PKCert())));
    }

    return certificationResult;
}