List of usage examples for org.bouncycastle.cms CMSAlgorithm AES128_CBC
ASN1ObjectIdentifier AES128_CBC
To view the source code for org.bouncycastle.cms CMSAlgorithm AES128_CBC.
Click Source Link
From source file:be.e_contract.mycarenet.etee.Sealer.java
License:Open Source License
private byte[] encrypt(byte[] data) throws CertificateEncodingException, CMSException, IOException { CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator(); for (X509Certificate destinationCertificate : this.destinationCertificates) { cmsEnvelopedDataGenerator/* www . j ava 2 s .c o m*/ .addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(destinationCertificate) .setProvider(BouncyCastleProvider.PROVIDER_NAME)); } CMSTypedData cmsTypedData = new CMSProcessableByteArray(data); CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(cmsTypedData, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC) .setProvider(BouncyCastleProvider.PROVIDER_NAME).build()); return cmsEnvelopedData.getEncoded(); }
From source file:com.maiereni.host.web.util.impl.BouncyCastleEncryptorImpl.java
License:Apache License
public byte[] encryptData(@Nonnull final byte[] data) throws Exception { CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator(); JceKeyTransRecipientInfoGenerator jceKey = new JceKeyTransRecipientInfoGenerator(certificate); cmsEnvelopedDataGenerator.addRecipientInfoGenerator(jceKey); CMSTypedData msg = new CMSProcessableByteArray(data); OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC") .build();// w w w .j av a 2s. c o m CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(msg, encryptor); return cmsEnvelopedData.getEncoded(); }
From source file:com.silverpeas.util.cryptage.SilverCryptFactoryAsymetric.java
License:Open Source License
public byte[] goCrypting(String stringUnCrypted, String fileName) throws CryptageException { try {//from w w w . j av a 2 s. c o m // Chargement de la chaine crypter byte[] buffer = stringToByteArray(stringUnCrypted); // Chiffrement du document CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator(); // La variable cert correspond au certificat du destinataire // La cl publique de ce certificat servira chiffrer la cl // symtrique RecipientInfoGenerator generator = new JceKeyTransRecipientInfoGenerator(getKeys(fileName).getCert()) .setProvider("BC"); gen.addRecipientInfoGenerator(generator); // Choix de l'algorithme cl symtrique pour chiffrer le document. // AES est un standard. Vous pouvez donc l'utiliser sans crainte. // Il faut savoir qu'en france la taille maximum autorise est de 128 // bits pour les cls symtriques (ou cls secrtes) OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC") .build(); CMSEnvelopedData envData = gen.generate(new CMSProcessableByteArray(buffer), encryptor); byte[] pkcs7envelopedData = envData.getEncoded(); return pkcs7envelopedData; } catch (CryptageException e) { throw e; } catch (Exception e) { throw new CryptageException("SilverCryptFactory.goCrypting", SilverpeasException.ERROR, "util.CRYPT_FAILED", e); } }
From source file:de.mendelson.comm.as2.message.AS2MessageCreation.java
/** * Encrypts a byte array and returns it//from ww w . ja v a 2 s. c o m */ private void encryptDataToMessage(AS2Message message, String receiverCryptAlias, int encryptionType, Partner receiver) throws Exception { AS2MessageInfo info = (AS2MessageInfo) message.getAS2Info(); BCCryptoHelper cryptoHelper = new BCCryptoHelper(); X509Certificate certificate = this.encryptionCertManager.getX509Certificate(receiverCryptAlias); CMSEnvelopedDataStreamGenerator dataGenerator = new CMSEnvelopedDataStreamGenerator(); dataGenerator .addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(certificate).setProvider("BC")); DeferredFileOutputStream encryptedOutput = null; OutputStream out = null; try { //if the data is less then 3MB perform the operaion in memory else stream to disk encryptedOutput = new DeferredFileOutputStream(3 * 1024 * 1024, "as2encryptdata_", ".mem", null); if (encryptionType == AS2Message.ENCRYPTION_3DES) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_DES) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_WRAP, 56).setProvider("BC") .build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_40) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 40).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_64) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 64).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_128) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 128).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_196) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 196).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_AES_128) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_AES_192) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES192_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_AES_256) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES256_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC4_40) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier( cryptoHelper.convertAlgorithmNameToOID(BCCryptoHelper.ALGORITHM_RC4)), 40) .setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC4_56) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier( cryptoHelper.convertAlgorithmNameToOID(BCCryptoHelper.ALGORITHM_RC4)), 56) .setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC4_128) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier( cryptoHelper.convertAlgorithmNameToOID(BCCryptoHelper.ALGORITHM_RC4)), 128) .setProvider("BC").build()); } if (out == null) { throw new Exception("Internal failure: unsupported encryption type " + encryptionType); } InputStream in = null; try { in = message.getDecryptedRawDataInputStream(); this.copyStreams(in, out); } finally { if (in != null) { in.close(); } } } finally { if (out != null) { out.close(); } if (encryptedOutput != null) { encryptedOutput.close(); } } //size of the data was < than the threshold if (encryptedOutput.isInMemory()) { message.setRawData(encryptedOutput.getData()); } else { //data has been written to a temp file: reread and return ByteArrayOutputStream memOut = new ByteArrayOutputStream(); encryptedOutput.writeTo(memOut); memOut.flush(); memOut.close(); //finally delete the temp file boolean deleted = encryptedOutput.getFile().delete(); message.setRawData(memOut.toByteArray()); } if (this.logger != null) { String cryptAlias = this.encryptionCertManager .getAliasByFingerprint(receiver.getCryptFingerprintSHA1()); this.logger.log(Level.INFO, this.rb.getResourceString("message.encrypted", new Object[] { info.getMessageId(), cryptAlias, this.rbMessage.getResourceString("encryption." + receiver.getEncryptionType()) }), info); } }
From source file:eu.inn.biometric.signature.crypto.BCCryptoProvider.java
License:Open Source License
@Override public byte[] encrypt(byte[] toEncrypt, List<X509Certificate> certs, Integer maxKeyLength) throws Exception { int keySize = Cipher.getMaxAllowedKeyLength("AES"); if (maxKeyLength != null) if (keySize > maxKeyLength) keySize = maxKeyLength;//from w ww. jav a2 s .c o m String algIdentifier = CMSAlgorithm.AES128_CBC.getId(); if (keySize >= 256) algIdentifier = CMSAlgorithm.AES256_CBC.getId(); CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator(); for (X509Certificate cert : certs) gen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(cert)); CMSTypedData data = new CMSProcessableByteArray(toEncrypt); CMSEnvelopedData enveloped = gen.generate(data, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(algIdentifier)).build()); return enveloped.getEncoded(); }
From source file:org.silverpeas.core.security.encryption.cipher.CMSCipher.java
License:Open Source License
/** * Encrypts the specified data by using the specified cryptographic key. * <p>//ww w.java2s . c o m * The String objects handled by the encryption is done according the UTF-8 charset. * @param data the data to encode. * @param keyFilePath the file in which is stored the public key to use in the encryption. * @return the encrypted data in bytes. */ @Override public byte[] encrypt(String data, CipherKey keyFilePath) throws CryptoException { try { // Chargement de la chaine crypter byte[] buffer = stringToByteArray(data); // Chiffrement du document CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator(); // La variable cert correspond au certificat du destinataire // La cl publique de ce certificat servira chiffrer la cl // symtrique if (!keyFilePath.isInFile()) { throw new FileNotFoundException("The PKS#12 file '" + keyFilePath + "' doesn't exist!"); } PKS12KeyStoreWallet wallet = PKS12KeyStoreWallet.getInstance(); PKS12KeyStore keyStore = wallet.getKeyStore(keyFilePath.getKeyFilePath()); RecipientInfoGenerator generator = new JceKeyTransRecipientInfoGenerator(keyStore.getCertificate()) .setProvider("BC"); gen.addRecipientInfoGenerator(generator); // Choix de l'algorithme cl symtrique pour chiffrer le document. // AES est un standard. Vous pouvez donc l'utiliser sans crainte. // Il faut savoir qu'en france la taille maximum autorise est de 128 // bits pour les cls symtriques (ou cls secrtes) OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC") .build(); CMSEnvelopedData envData = gen.generate(new CMSProcessableByteArray(buffer), encryptor); return envData.getEncoded(); } catch (CryptoException e) { throw e; } catch (Exception e) { throw new CryptoException(CryptoException.ENCRYPTION_FAILURE, e); } }
From source file:org.silverpeas.util.crypto.CMSCipher.java
License:Open Source License
/** * Encrypts the specified data by using the specified cryptographic key. * <p/>// w w w . j a va 2 s . co m * The String objects handled by the encryption is done according the UTF-8 charset. * @param data the data to encode. * @param keyFilePath the file in which is stored the public key to use in the encryption. * @return the encrypted data in bytes. */ @Override public byte[] encrypt(String data, CipherKey keyFilePath) throws CryptoException { try { // Chargement de la chaine crypter byte[] buffer = stringToByteArray(data); // Chiffrement du document CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator(); // La variable cert correspond au certificat du destinataire // La cl publique de ce certificat servira chiffrer la cl // symtrique if (!keyFilePath.isInFile()) { throw new FileNotFoundException("The PKS#12 file '" + keyFilePath + "' doesn't exist!"); } PKS12KeyStoreWallet wallet = PKS12KeyStoreWallet.getInstance(); PKS12KeyStore keyStore = wallet.getKeyStore(keyFilePath.getKeyFilePath()); RecipientInfoGenerator generator = new JceKeyTransRecipientInfoGenerator(keyStore.getCertificate()) .setProvider("BC"); gen.addRecipientInfoGenerator(generator); // Choix de l'algorithme cl symtrique pour chiffrer le document. // AES est un standard. Vous pouvez donc l'utiliser sans crainte. // Il faut savoir qu'en france la taille maximum autorise est de 128 // bits pour les cls symtriques (ou cls secrtes) OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC") .build(); CMSEnvelopedData envData = gen.generate(new CMSProcessableByteArray(buffer), encryptor); return envData.getEncoded(); } catch (CryptoException e) { throw e; } catch (Exception e) { throw new CryptoException(CryptoException.ENCRYPTION_FAILURE, e); } }
From source file:org.xipki.pki.scep.client.Client.java
License:Open Source License
private ContentInfo encryptThenSign(final PkiMessage request, final PrivateKey identityKey, final X509Certificate identityCert) throws ScepClientException { ScepHashAlgoType hashAlgo = caCaps.getMostSecureHashAlgo(); if (hashAlgo == ScepHashAlgoType.MD5 && !useInsecureAlgorithms) { throw new ScepClientException("Scep server supports only MD5 but it not permitted in client"); }/*from w w w . java 2 s .c o m*/ String signatureAlgorithm = ScepUtil.getSignatureAlgorithm(identityKey, hashAlgo); ASN1ObjectIdentifier encAlgId; if (caCaps.containsCapability(CaCapability.AES)) { encAlgId = CMSAlgorithm.AES128_CBC; } else if (caCaps.containsCapability(CaCapability.DES3)) { encAlgId = CMSAlgorithm.DES_EDE3_CBC; } else if (useInsecureAlgorithms) { encAlgId = CMSAlgorithm.DES_CBC; } else { // no support of DES throw new ScepClientException("DES will not be supported by this client"); } try { return request.encode(identityKey, signatureAlgorithm, identityCert, new X509Certificate[] { identityCert }, authorityCertStore.getEncryptionCert(), encAlgId); } catch (MessageEncodingException ex) { throw new ScepClientException(ex); } }