Example usage for org.bouncycastle.cms CMSEnvelopedDataParser getContentEncryptionAlgorithm

List of usage examples for org.bouncycastle.cms CMSEnvelopedDataParser getContentEncryptionAlgorithm

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cms.*
  5. CMSEnvelopedDataParser
  6. getContentEncryptionAlgorithm

Introduction

In this page you can find the example usage for org.bouncycastle.cms CMSEnvelopedDataParser getContentEncryptionAlgorithm.

Prototype

public AlgorithmIdentifier getContentEncryptionAlgorithm()

Source Link

Document

Return the content encryption algorithm details for the data in this object.

Usage

From source file:be.e_contract.mycarenet.etee.Unsealer.java

License:Open Source License

@SuppressWarnings("unchecked")
private byte[] decrypt(byte[] encryptedData) throws CMSException, IOException {
    CMSEnvelopedDataParser cmsEnvelopedDataParser = new CMSEnvelopedDataParser(encryptedData);
    LOG.debug("content encryption algo: "
            + cmsEnvelopedDataParser.getContentEncryptionAlgorithm().getAlgorithm().getId());

    RecipientInformationStore recipientInformationStore = cmsEnvelopedDataParser.getRecipientInfos();
    RecipientId recipientId = new JceKeyTransRecipientId(this.decryptionCertificate);
    Collection<RecipientInformation> recipients = recipientInformationStore.getRecipients(recipientId);
    LOG.debug("number of recipients for given decryption cert: " + recipients.size());
    if (0 == recipients.size()) {
        recipients = recipientInformationStore.getRecipients();
        LOG.debug("number of all recipients: " + recipients.size());
        Iterator<RecipientInformation> recipientsIterator = recipients.iterator();
        while (recipientsIterator.hasNext()) {
            RecipientInformation recipientInformation = recipientsIterator.next();
            RecipientId actualRecipientId = recipientInformation.getRID();
            LOG.debug("actual recipient id type: " + actualRecipientId.getClass().getName());
            if (actualRecipientId instanceof KeyTransRecipientId) {
                KeyTransRecipientId actualKeyTransRecipientId = (KeyTransRecipientId) actualRecipientId;
                LOG.debug("actual recipient issuer: " + actualKeyTransRecipientId.getIssuer());
                LOG.debug("actual recipient serial number: " + actualKeyTransRecipientId.getSerialNumber());
            }/*  ww w.j  ava2 s . c  o  m*/
        }
        throw new SecurityException("message does not seem to be addressed to you");
    }
    Iterator<RecipientInformation> recipientsIterator = recipients.iterator();
    RecipientInformation recipientInformation = recipientsIterator.next();

    AsymmetricKeyParameter privKeyParams = PrivateKeyFactory.createKey(this.decryptionPrivateKey.getEncoded());
    BcRSAKeyTransEnvelopedRecipient recipient = new BcRSAKeyTransEnvelopedRecipient(privKeyParams);
    byte[] decryptedContent = recipientInformation.getContent(recipient);
    return decryptedContent;
}

From source file:test.integ.be.e_contract.mycarenet.etee.SealTest.java

License:Open Source License

@Test
public void testSeal() throws Exception {
    InputStream sealInputStream = SealTest.class.getResourceAsStream("/seal-fcorneli.der");
    assertNotNull(sealInputStream);/*from  ww  w  . j  a  v a2 s. c  o  m*/
    byte[] cmsData = IOUtils.toByteArray(sealInputStream);

    // check outer signature
    byte[] data = getVerifiedContent(cmsData);

    // decrypt content

    CMSEnvelopedDataParser cmsEnvelopedDataParser = new CMSEnvelopedDataParser(data);
    LOG.debug("content encryption algo: "
            + cmsEnvelopedDataParser.getContentEncryptionAlgorithm().getAlgorithm().getId());

    RecipientInformationStore recipientInformationStore = cmsEnvelopedDataParser.getRecipientInfos();
    Collection<RecipientInformation> recipients = recipientInformationStore.getRecipients();
    RecipientInformation recipientInformation = recipients.iterator().next();
    LOG.debug("recipient info type: " + recipientInformation.getClass().getName());
    KeyTransRecipientInformation keyTransRecipientInformation = (KeyTransRecipientInformation) recipientInformation;

    // load eHealth encryption certificate
    KeyStore eHealthKeyStore = KeyStore.getInstance("PKCS12");
    FileInputStream fileInputStream = new FileInputStream(this.config.getEHealthPKCS12Path());
    eHealthKeyStore.load(fileInputStream, this.config.getEHealthPKCS12Password().toCharArray());
    Enumeration<String> aliasesEnum = eHealthKeyStore.aliases();
    aliasesEnum.nextElement(); // skip authentication certificate.
    String alias = aliasesEnum.nextElement();
    X509Certificate eHealthCertificate = (X509Certificate) eHealthKeyStore.getCertificate(alias);
    PrivateKey eHealthPrivateKey = (PrivateKey) eHealthKeyStore.getKey(alias,
            this.config.getEHealthPKCS12Password().toCharArray());

    AsymmetricKeyParameter privKeyParams = PrivateKeyFactory.createKey(eHealthPrivateKey.getEncoded());
    BcRSAKeyTransEnvelopedRecipient recipient = new BcRSAKeyTransEnvelopedRecipient(privKeyParams);
    byte[] decryptedContent = recipientInformation.getContent(recipient);
    assertNotNull(decryptedContent);
    LOG.debug("decrypted content size: " + decryptedContent.length);

    byte[] result = getVerifiedContent(decryptedContent);
    LOG.debug("result: " + new String(result));
}

From source file:test.unit.be.e_contract.mycarenet.etee.SealTest.java

License:Open Source License

@Test
public void testSeal() throws Exception {
    InputStream sealInputStream = SealTest.class.getResourceAsStream("/seal-fcorneli.der");
    assertNotNull(sealInputStream);/*from www . ja  v  a2  s.com*/

    // check outer signature

    CMSSignedData cmsSignedData = new CMSSignedData(sealInputStream);
    SignerInformationStore signers = cmsSignedData.getSignerInfos();
    SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next();
    SignerId signerId = signer.getSID();

    Store certificateStore = cmsSignedData.getCertificates();
    @SuppressWarnings("unchecked")
    Collection<X509CertificateHolder> certificateCollection = certificateStore.getMatches(signerId);
    X509CertificateHolder certificateHolder = certificateCollection.iterator().next();
    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
    X509Certificate certificate = (X509Certificate) certificateFactory
            .generateCertificate(new ByteArrayInputStream(certificateHolder.getEncoded()));

    Security.addProvider(new BouncyCastleProvider());
    SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder()
            .build(certificate);
    boolean signatureResult = signer.verify(signerInformationVerifier);
    assertTrue(signatureResult);

    LOG.debug("signer certificate: " + certificate);

    CMSTypedData signedContent = cmsSignedData.getSignedContent();
    byte[] data = (byte[]) signedContent.getContent();

    // decrypt content

    CMSEnvelopedDataParser cmsEnvelopedDataParser = new CMSEnvelopedDataParser(data);
    LOG.debug("content encryption algo: "
            + cmsEnvelopedDataParser.getContentEncryptionAlgorithm().getAlgorithm().getId());

    RecipientInformationStore recipientInformationStore = cmsEnvelopedDataParser.getRecipientInfos();
    @SuppressWarnings("unchecked")
    Collection<RecipientInformation> recipients = recipientInformationStore.getRecipients();
    RecipientInformation recipientInformation = recipients.iterator().next();
    LOG.debug("recipient info type: " + recipientInformation.getClass().getName());
    KeyTransRecipientInformation keyTransRecipientInformation = (KeyTransRecipientInformation) recipientInformation;

}