List of usage examples for org.bouncycastle.cert.crmf.jcajce JceAsymmetricValueDecryptorGenerator getValueDecryptor
public InputDecryptor getValueDecryptor(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey) throws CRMFException
From source file:org.cryptable.pki.communication.PKICMPMessages.java
License:Open Source License
/** * Process the certification in the PKIBody content. This is used by the initialization process * certification and keyupdate process// w w w .ja v a 2s. co m * * @param pkiBody * @return * @throws IOException * @throws CMSException * @throws CRMFException * @throws InvalidKeySpecException * @throws NoSuchAlgorithmException * @throws CertificateException */ CertificationResult processCertification(PKIBody pkiBody) throws IOException, CMSException, CRMFException, InvalidKeySpecException, NoSuchAlgorithmException, CertificateException { CertificationResult certificationResult = new CertificationResult(); CertRepMessage certRepMessage = CertRepMessage.getInstance(pkiBody.getContent()); CertResponse[] certResponses = certRepMessage.getResponse(); certificationResult.setCertificateId(certResponses[0].getCertReqId().getValue()); CMPCertificate certificate = certResponses[0].getCertifiedKeyPair().getCertOrEncCert().getCertificate(); certificationResult.setX509Certificate(new JcaX509CertificateConverter() .getCertificate(new X509CertificateHolder(certificate.getX509v3PKCert()))); EncryptedValue encPrivateKey = certResponses[0].getCertifiedKeyPair().getPrivateKey(); if (encPrivateKey != null) { JceAsymmetricValueDecryptorGenerator jceAsymmetricValueDecryptorGenerator = new JceAsymmetricValueDecryptorGenerator( pkiKeyStore.getSenderPrivateKey()); InputDecryptor decryptor = jceAsymmetricValueDecryptorGenerator.getValueDecryptor( encPrivateKey.getKeyAlg(), encPrivateKey.getSymmAlg(), encPrivateKey.getEncSymmKey().getBytes()); InputStream dataIn = decryptor .getInputStream(new ByteArrayInputStream(encPrivateKey.getEncValue().getBytes())); byte[] data = Streams.readAll(dataIn); PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(data); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); certificationResult.setPrivateKey(keyFactory.generatePrivate(pkcs8EncodedKeySpec)); } CMPCertificate[] caPubs = certRepMessage.getCaPubs(); for (CMPCertificate cmpCertificate : caPubs) { certificationResult.addX509CertificateToChain(new JcaX509CertificateConverter() .getCertificate(new X509CertificateHolder(cmpCertificate.getX509v3PKCert()))); } return certificationResult; }