List of usage examples for org.bouncycastle.cms CMSAlgorithm DES_EDE3_CBC
ASN1ObjectIdentifier DES_EDE3_CBC
To view the source code for org.bouncycastle.cms CMSAlgorithm DES_EDE3_CBC.
Click Source Link
From source file:de.mendelson.comm.as2.message.AS2MessageCreation.java
/** * Encrypts a byte array and returns it/* ww w. j av a 2 s.c o m*/ */ private void encryptDataToMessage(AS2Message message, String receiverCryptAlias, int encryptionType, Partner receiver) throws Exception { AS2MessageInfo info = (AS2MessageInfo) message.getAS2Info(); BCCryptoHelper cryptoHelper = new BCCryptoHelper(); X509Certificate certificate = this.encryptionCertManager.getX509Certificate(receiverCryptAlias); CMSEnvelopedDataStreamGenerator dataGenerator = new CMSEnvelopedDataStreamGenerator(); dataGenerator .addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(certificate).setProvider("BC")); DeferredFileOutputStream encryptedOutput = null; OutputStream out = null; try { //if the data is less then 3MB perform the operaion in memory else stream to disk encryptedOutput = new DeferredFileOutputStream(3 * 1024 * 1024, "as2encryptdata_", ".mem", null); if (encryptionType == AS2Message.ENCRYPTION_3DES) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_DES) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_WRAP, 56).setProvider("BC") .build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_40) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 40).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_64) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 64).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_128) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 128).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_196) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 196).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_AES_128) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_AES_192) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES192_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_AES_256) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES256_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC4_40) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier( cryptoHelper.convertAlgorithmNameToOID(BCCryptoHelper.ALGORITHM_RC4)), 40) .setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC4_56) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier( cryptoHelper.convertAlgorithmNameToOID(BCCryptoHelper.ALGORITHM_RC4)), 56) .setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC4_128) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier( cryptoHelper.convertAlgorithmNameToOID(BCCryptoHelper.ALGORITHM_RC4)), 128) .setProvider("BC").build()); } if (out == null) { throw new Exception("Internal failure: unsupported encryption type " + encryptionType); } InputStream in = null; try { in = message.getDecryptedRawDataInputStream(); this.copyStreams(in, out); } finally { if (in != null) { in.close(); } } } finally { if (out != null) { out.close(); } if (encryptedOutput != null) { encryptedOutput.close(); } } //size of the data was < than the threshold if (encryptedOutput.isInMemory()) { message.setRawData(encryptedOutput.getData()); } else { //data has been written to a temp file: reread and return ByteArrayOutputStream memOut = new ByteArrayOutputStream(); encryptedOutput.writeTo(memOut); memOut.flush(); memOut.close(); //finally delete the temp file boolean deleted = encryptedOutput.getFile().delete(); message.setRawData(memOut.toByteArray()); } if (this.logger != null) { String cryptAlias = this.encryptionCertManager .getAliasByFingerprint(receiver.getCryptFingerprintSHA1()); this.logger.log(Level.INFO, this.rb.getResourceString("message.encrypted", new Object[] { info.getMessageId(), cryptAlias, this.rbMessage.getResourceString("encryption." + receiver.getEncryptionType()) }), info); } }
From source file:net.markenwerk.utils.mail.smime.SmimeUtil.java
License:Open Source License
private static OutputEncryptor prepareEncryptor() throws CMSException { return new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC) .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(); }
From source file:org.apache.kerby.pkix.EnvelopedDataEngine.java
License:Apache License
/** * Uses a certificate to encrypt data in a CMS EnvelopedData structure and * returns the encoded EnvelopedData as bytes. * <p/>// w ww. ja v a 2 s. c o m * 'encKeyPack' contains a CMS type ContentInfo encoded according to [RFC3852]. * The contentType field of the type ContentInfo is id-envelopedData (1.2.840.113549.1.7.3). * The content field is an EnvelopedData. The contentType field for the type * EnvelopedData is id-signedData (1.2.840.113549.1.7.2). * * @param dataToEnvelope * @param certificate * @return The EnvelopedData bytes. * @throws IOException * @throws CMSException * @throws CertificateEncodingException */ public static byte[] getEnvelopedReplyKeyPack(byte[] dataToEnvelope, X509Certificate certificate) throws IOException, CMSException, CertificateEncodingException { CMSProcessableByteArray content = new CMSProcessableByteArray(dataToEnvelope); CMSEnvelopedDataGenerator envelopeGenerator = new CMSEnvelopedDataGenerator(); envelopeGenerator.addRecipientInfoGenerator( new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(certificate))); CMSEnvelopedData envdata = envelopeGenerator.generate(content, new BcCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).build()); return envdata.getEncoded(); }
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
private byte[] createInitializationRespons2(byte[] senderNonce, byte[] transactionId) throws CMPException, CertificateEncodingException, OperatorException, PKICMPMessageException, IOException, CRMFException { X509CertificateHolder x509CertificateHolder = new JcaX509CertificateHolder(pki.getTestUser3Cert()); //encrypt Private Key KeyWrapper keyWrapper = new JceAsymmetricKeyWrapper(pkiKeyStoreCA.getRecipientCertificate().getPublicKey()) .setProvider("BC"); OutputEncryptor encryptor = new JceCRMFEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC") .build();//w w w .ja v a2s . c om ByteArrayOutputStream bOut = new ByteArrayOutputStream(); OutputStream eOut = encryptor.getOutputStream(bOut); eOut.write(pki.getTestUser3CertPrivateKey().getEncoded()); eOut.close(); AlgorithmIdentifier intendedAlg = null; AlgorithmIdentifier symmAlg = encryptor.getAlgorithmIdentifier(); DERBitString encSymmKey; keyWrapper.generateWrappedKey(encryptor.getKey()); encSymmKey = new DERBitString(keyWrapper.generateWrappedKey(encryptor.getKey())); AlgorithmIdentifier keyAlg = keyWrapper.getAlgorithmIdentifier(); ASN1OctetString valueHint = null; DERBitString encValue = new DERBitString(bOut.toByteArray()); EncryptedValue encryptedPrivateKey = new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, encValue); // Body CertResponse certResponse = new CertResponse(new ASN1Integer(0), new PKIStatusInfo(PKIStatus.granted), new CertifiedKeyPair(new CertOrEncCert(new CMPCertificate(x509CertificateHolder.toASN1Structure())), encryptedPrivateKey, null), null); CertResponse[] certResponses = new CertResponse[1]; certResponses[0] = certResponse; PKIBody pkiBody = new PKIBody(PKIBody.TYPE_INIT_REP, new CertRepMessage(pkiKeyStoreCA.getCMPCertificateChain(), certResponses)); return createProtectedPKIMessage(senderNonce, transactionId, pkiBody); }
From source file:org.dihedron.crypto.operations.encrypt.EncryptZipFile.java
License:Open Source License
@Deprecated public byte[] encrypt(byte[] plaintext, String provider, String url, String name, String filter) throws CryptoException { X509Certificate certificate = null; try {//from ww w .j a va2 s .com logger.info("starting encryption process..."); Properties configuration = new Properties(); configuration.setProperty("provider", provider); configuration.setProperty("ldap.url", url); CertificateLoader loader = CertificateLoaderFactory.makeCertificateLoader(configuration); Properties parameters = new Properties(); parameters.put("name", name); parameters.put("filter", filter); certificate = (X509Certificate) loader.loadCertificate(parameters); logger.info("certificate loaded, supports algorithm: '{}'", certificate.getPublicKey().getAlgorithm()); String[] issuerInfo = certificate.getIssuerDN().getName().split("(=|, )", -1); String[] subjectInfo = certificate.getSubjectDN().getName().split("(=|, )", -1); logger.debug("common name (CN) : '{}'", subjectInfo[3]); logger.debug("address : '{}'", subjectInfo[1]); for (int i = 0; i < issuerInfo.length; i += 2) { if (issuerInfo[i].equals("C")) { logger.debug("CountryName : '{}'", issuerInfo[i + 1]); } if (issuerInfo[i].equals("O")) { logger.debug("OrganizationName : '{}'", issuerInfo[i + 1]); } if (issuerInfo[i].equals("CN")) { logger.debug("CommonName : '{}'", issuerInfo[i + 1]); } } logger.info("certificate is valid from {} until {}, encrypting data...", certificate.getNotBefore(), certificate.getNotAfter()); CMSTypedData message = new CMSProcessableByteArray(plaintext); CMSEnvelopedDataGenerator generator = new CMSEnvelopedDataGenerator(); generator.addRecipientInfoGenerator( new JceKeyTransRecipientInfoGenerator(certificate).setProvider("BC")); CMSEnvelopedData envdata = generator.generate(message, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build()); // String algorithm = CMSEnvelopedDataGenerator.DES_EDE3_CBC; // int keysize = 192; // bits // CMSEnvelopedDataGenerator fact = new CMSEnvelopedDataGenerator(); // fact.addKeyTransRecipient((X509Certificate)certificate); // CMSProcessableByteArray content = new CMSProcessableByteArray(plaintext); // CMSEnvelopedData envdata = fact.generate(content, algorithm, keysize, "BC"); logger.info("... processing done!"); return envdata.getEncoded(); } catch (CMSException e) { logger.error("CMS exception", e); throw new CryptoException("error generating enveloped signature", e); } catch (IOException e) { logger.error("couldn't generate enveloped signature"); throw new CryptoException("error generating enveloped signature", e); // } catch (NoSuchAlgorithmException e) { // logger.error("no such algorithm", e); // throw new CryptoException("Invalid or unsupported algorithm specified", e); // } catch (NoSuchProviderException e) { // logger.error("so such security provider", e); // throw new CryptoException("Error accessing security provider", e); } catch (CertificateLoaderException e) { logger.error("error loading certificate", e); throw new CryptoException("error loading certificate", e); } catch (CertificateEncodingException e) { logger.error("invalid certificate encoding", e); throw new CryptoException("invalid certificate encoding", e); } }
From source file:org.dihedron.crypto.operations.encrypt.EncryptZipFile.java
License:Open Source License
public void encrypt(InputStream plaintext, OutputStream encrypted, String provider, String url, String name, String filter) {/*from ww w . jav a 2 s.c om*/ logger.info("starting encryption"); X509Certificate certificate = null; boolean okCertificato = true; try { logger.info("starting encryption process..."); Properties configuration = new Properties(); configuration.setProperty("provider", provider); configuration.setProperty("ldap.url", url); CertificateLoader loader = CertificateLoaderFactory.makeCertificateLoader(configuration); Properties parameters = new Properties(); parameters.put("name", name); parameters.put("filter", filter); certificate = (X509Certificate) loader.loadCertificate(parameters); logger.info("certificate algorithm: " + certificate.getPublicKey().getAlgorithm()); String[] issuerInfo = certificate.getIssuerDN().getName().split("(=|, )", -1); String[] subjectInfo = certificate.getSubjectDN().getName().split("(=|, )", -1); logger.debug("common name (CN) : " + subjectInfo[3]); logger.debug("address : " + subjectInfo[1] + "\n"); for (int i = 0; i < issuerInfo.length; i += 2) { if (issuerInfo[i].equals("C")) logger.debug("CountryName : " + issuerInfo[i + 1]); if (issuerInfo[i].equals("O")) logger.debug("OrganizationName : " + issuerInfo[i + 1]); if (issuerInfo[i].equals("CN")) logger.debug("CommonName : " + issuerInfo[i + 1]); } logger.info("valid from: " + certificate.getNotBefore() + " until: " + certificate.getNotAfter()); } catch (Exception e) { logger.error("couldn't instantiate X.509 certificate. ", e); okCertificato = false; } if (!okCertificato) { logger.info("no certificate, ending process"); return; } try { logger.info("encrypting data"); CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator(); edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(certificate).setProvider("BC")); OutputStream out = edGen.open(encrypted, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build()); Streams.copy(plaintext, out); out.close(); } catch (CMSException ex) { logger.error("CMSException: ", ex.getUnderlyingException()); } catch (IOException e) { logger.error("couldn't generate enveloped signature"); } catch (CertificateEncodingException e) { logger.error("certificate encoding error", e); // } catch (OperatorCreationException e) { // logger.error("operator creation error", e); } logger.info("encryption ending"); }
From source file:org.dihedron.crypto.operations.encrypt.pkcs7.PKCS7EncryptingStream.java
License:Open Source License
/** * Constructor.//from ww w.j av a 2 s. c om * * @param output * the output stream, to which encrypted data will be written. * @param certificate * the certificate to be used for encryption. */ public PKCS7EncryptingStream(OutputStream output, Certificate certificate) { super(output, certificate); logger.info("encrypting data through certificate supporting algorithm: '{}'", certificate.getPublicKey().getAlgorithm()); if (certificate instanceof X509Certificate) { String[] issuerInfo = ((X509Certificate) certificate).getIssuerDN().getName().split("(=|, )", -1); String[] subjectInfo = ((X509Certificate) certificate).getSubjectDN().getName().split("(=|, )", -1); logger.debug("common name (CN) : '{}'", subjectInfo[3]); logger.debug("address : '{}'", subjectInfo[1]); for (int i = 0; i < issuerInfo.length; i += 2) { if (issuerInfo[i].equals("C")) { logger.debug("CountryName : '{}'", issuerInfo[i + 1]); } if (issuerInfo[i].equals("O")) { logger.debug("OrganizationName : '{}'", issuerInfo[i + 1]); } if (issuerInfo[i].equals("CN")) { logger.debug("CommonName : '{}'", issuerInfo[i + 1]); } } logger.debug("certificate is valid from {} until {}", ((X509Certificate) certificate).getNotBefore(), ((X509Certificate) certificate).getNotAfter()); } try { logger.info("preparing encrypting stream..."); CMSEnvelopedDataStreamGenerator generator = new CMSEnvelopedDataStreamGenerator(); generator.addRecipientInfoGenerator( new JceKeyTransRecipientInfoGenerator((X509Certificate) certificate).setProvider("BC")); stream = generator.open(output, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build()); logger.info("encrypting stream ready!"); } catch (CMSException ex) { logger.error("CMSException: ", ex.getUnderlyingException()); } catch (IOException e) { logger.error("couldn't generate enveloped signature"); } catch (CertificateEncodingException e) { logger.error("certificate encoding error", e); } }
From source file:org.dihedron.crypto.operations.encrypt.pkcs7.Pkcs7Encryptor.java
License:Open Source License
/** * @see org.dihedron.crypto.operations.encrypt.Encryptor#encrypt(byte[]) *//* www .j a va 2 s.c om*/ @Override public byte[] encrypt(byte[] plaintext) throws CryptoException { try { logger.info("encrypting data through certificate supporting algorithm: '{}'", certificate.getPublicKey().getAlgorithm()); String[] issuerInfo = certificate.getIssuerDN().getName().split("(=|, )", -1); String[] subjectInfo = certificate.getSubjectDN().getName().split("(=|, )", -1); logger.debug("common name (CN) : '{}'", subjectInfo[3]); logger.debug("address : '{}'", subjectInfo[1]); for (int i = 0; i < issuerInfo.length; i += 2) { if (issuerInfo[i].equals("C")) { logger.debug("CountryName : '{}'", issuerInfo[i + 1]); } if (issuerInfo[i].equals("O")) { logger.debug("OrganizationName : '{}'", issuerInfo[i + 1]); } if (issuerInfo[i].equals("CN")) { logger.debug("CommonName : '{}'", issuerInfo[i + 1]); } } logger.info("certificate is valid from {} until {}, encrypting data...", certificate.getNotBefore(), certificate.getNotAfter()); ASN1ObjectIdentifier algorithm = CMSAlgorithm.DES_EDE3_CBC; CMSTypedData message = new CMSProcessableByteArray(plaintext); CMSEnvelopedDataGenerator generator = new CMSEnvelopedDataGenerator(); generator.addRecipientInfoGenerator( new JceKeyTransRecipientInfoGenerator(certificate).setProvider("BC")); CMSEnvelopedData ed = generator.generate(message, new JceCMSContentEncryptorBuilder(algorithm).setProvider("BC").build()); logger.info("... processing done!"); return ed.getEncoded(); } catch (CMSException e) { logger.error("CMS exception", e); throw new CryptoException("Error generating enveloped signature", e); } catch (IOException e) { logger.error("couldn't generate enveloped signature"); throw new CryptoException("Error generating enveloped signature", e); } catch (CertificateEncodingException e) { logger.error("invalid certificate encoding", e); throw new CryptoException("Invalid certificate encoding", e); // } catch (OperatorCreationException e) { // logger.error("error creating operator", e); // throw new CryptoException("Error creating operator", e); } }
From source file:org.votingsystem.signature.util.Encryptor.java
License:Open Source License
public byte[] encryptMessage(byte[] bytesToEncrypt, PublicKey publicKey) throws Exception { MimeBodyPart mimeMessage = new MimeBodyPart(); mimeMessage.setText(new String(bytesToEncrypt)); //mimeMessage.setSentDate(new Date());// set the Date: header SMIMEEnvelopedGenerator encryptor = new SMIMEEnvelopedGenerator(); encryptor.addRecipientInfoGenerator( new JceKeyTransRecipientInfoGenerator("".getBytes(), publicKey).setProvider(ContextVS.PROVIDER)); /* Encrypt the message */ MimeBodyPart encryptedPart = encryptor.generate(mimeMessage, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(ContextVS.PROVIDER) .build());//from w w w . j a va 2s . co m ByteArrayOutputStream baos = new ByteArrayOutputStream(); encryptedPart.writeTo(baos); baos.close(); return baos.toByteArray(); }
From source file:org.votingsystem.signature.util.Encryptor.java
License:Open Source License
public static byte[] encryptMessage(byte[] text, X509Certificate receiverCert, Header... headers) throws Exception { MimeMessage mimeMessage = new MimeMessage(ContextVS.MAIL_SESSION); mimeMessage.setText(new String(text, "UTF-8")); // set the Date: header //mimeMessage.setSentDate(new Date()); if (headers != null) { for (Header header : headers) { if (header != null) mimeMessage.setHeader(header.getName(), header.getValue()); }/* w w w.j ava 2 s . co m*/ } SMIMEEnvelopedGenerator encryptor = new SMIMEEnvelopedGenerator(); encryptor.addRecipientInfoGenerator( new JceKeyTransRecipientInfoGenerator(receiverCert).setProvider(ContextVS.PROVIDER)); /* Encrypt the message */ MimeBodyPart encryptedPart = encryptor.generate(mimeMessage, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(ContextVS.PROVIDER) .build()); ByteArrayOutputStream baos = new ByteArrayOutputStream(); encryptedPart.writeTo(baos); baos.close(); return baos.toByteArray(); }