List of usage examples for org.bouncycastle.cms.jcajce JceKeyTransRecipientInfoGenerator JceKeyTransRecipientInfoGenerator
public JceKeyTransRecipientInfoGenerator(X509Certificate recipientCert) throws CertificateEncodingException
From source file:be.e_contract.mycarenet.etee.Sealer.java
License:Open Source License
private byte[] encrypt(byte[] data) throws CertificateEncodingException, CMSException, IOException { CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator(); for (X509Certificate destinationCertificate : this.destinationCertificates) { cmsEnvelopedDataGenerator/*www.jav a2 s . c o m*/ .addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(destinationCertificate) .setProvider(BouncyCastleProvider.PROVIDER_NAME)); } CMSTypedData cmsTypedData = new CMSProcessableByteArray(data); CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(cmsTypedData, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC) .setProvider(BouncyCastleProvider.PROVIDER_NAME).build()); return cmsEnvelopedData.getEncoded(); }
From source file:br.ufpb.dicomflow.integrationAPI.mail.AbstractMailSender.java
License:Open Source License
private Message signAndEcrypt(Message message, X509Certificate signCert, X509Certificate encryptCert, PrivateKey privateKey) throws Exception { MailcapCommandMap mailcap = (MailcapCommandMap) CommandMap.getDefaultCommandMap(); mailcap.addMailcap(/*from w w w . ja v a 2s . c o m*/ "application/pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_signature"); mailcap.addMailcap( "application/pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_mime"); mailcap.addMailcap( "application/x-pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_signature"); mailcap.addMailcap( "application/x-pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_mime"); mailcap.addMailcap( "multipart/signed;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.multipart_signed"); CommandMap.setDefaultCommandMap(mailcap); /* Create the Signer - SMIMESignedGenerator */ SMIMECapabilityVector capabilities = new SMIMECapabilityVector(); capabilities.addCapability(SMIMECapability.dES_EDE3_CBC); capabilities.addCapability(SMIMECapability.rC2_CBC, 128); capabilities.addCapability(SMIMECapability.dES_CBC); ASN1EncodableVector attributes = new ASN1EncodableVector(); attributes.add(new SMIMEEncryptionKeyPreferenceAttribute( new IssuerAndSerialNumber(new X500Name(((X509Certificate) signCert).getIssuerDN().getName()), ((X509Certificate) signCert).getSerialNumber()))); attributes.add(new SMIMECapabilitiesAttribute(capabilities)); SMIMESignedGenerator signer = new SMIMESignedGenerator(); signer.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder() .setSignedAttributeGenerator(new AttributeTable(attributes)) .build("DSA".equals(privateKey.getAlgorithm()) ? "SHA1withDSA" : "MD5withRSA", privateKey, signCert)); /* Add the list of certs to the generator */ List certList = new ArrayList(); certList.add(signCert); Store certs = new JcaCertStore(certList); signer.addCertificates(certs); /* Sign the message */ MimeMultipart mm = signer.generate((MimeMessage) message); MimeMessage signedMessage = new MimeMessage(message.getSession()); /* Set all original MIME headers in the signed message */ Enumeration headers = ((MimeMessage) message).getAllHeaderLines(); while (headers.hasMoreElements()) { signedMessage.addHeaderLine((String) headers.nextElement()); } /* Set the content of the signed message */ signedMessage.setContent(mm); signedMessage.saveChanges(); /* Create the encrypter - SMIMEEnvelopedGenerator */ SMIMEEnvelopedGenerator encrypter = new SMIMEEnvelopedGenerator(); encrypter.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(encryptCert)); /* Encrypt the message */ MimeBodyPart encryptedPart = encrypter.generate(signedMessage, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC).build()); /* * Create a new MimeMessage that contains the encrypted and signed * content */ ByteArrayOutputStream out = new ByteArrayOutputStream(); encryptedPart.writeTo(out); MimeMessage encryptedMessage = new MimeMessage(message.getSession(), new ByteArrayInputStream(out.toByteArray())); /* Set all original MIME headers in the encrypted message */ headers = ((MimeMessage) message).getAllHeaderLines(); while (headers.hasMoreElements()) { String headerLine = (String) headers.nextElement(); /* * Make sure not to override any content-* headers from the * original message */ if (!Strings.toLowerCase(headerLine).startsWith("content-")) { encryptedMessage.addHeaderLine(headerLine); } } return encryptedMessage; }
From source file:com.maiereni.host.web.util.impl.BouncyCastleEncryptorImpl.java
License:Apache License
public byte[] encryptData(@Nonnull final byte[] data) throws Exception { CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator(); JceKeyTransRecipientInfoGenerator jceKey = new JceKeyTransRecipientInfoGenerator(certificate); cmsEnvelopedDataGenerator.addRecipientInfoGenerator(jceKey); CMSTypedData msg = new CMSProcessableByteArray(data); OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC") .build();/*from w w w. jav a 2 s .c o m*/ CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(msg, encryptor); return cmsEnvelopedData.getEncoded(); }
From source file:com.silverpeas.util.cryptage.SilverCryptFactoryAsymetric.java
License:Open Source License
public byte[] goCrypting(String stringUnCrypted, String fileName) throws CryptageException { try {//w ww . j a v a 2 s . c o m // Chargement de la chaine crypter byte[] buffer = stringToByteArray(stringUnCrypted); // Chiffrement du document CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator(); // La variable cert correspond au certificat du destinataire // La cl publique de ce certificat servira chiffrer la cl // symtrique RecipientInfoGenerator generator = new JceKeyTransRecipientInfoGenerator(getKeys(fileName).getCert()) .setProvider("BC"); gen.addRecipientInfoGenerator(generator); // Choix de l'algorithme cl symtrique pour chiffrer le document. // AES est un standard. Vous pouvez donc l'utiliser sans crainte. // Il faut savoir qu'en france la taille maximum autorise est de 128 // bits pour les cls symtriques (ou cls secrtes) OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC") .build(); CMSEnvelopedData envData = gen.generate(new CMSProcessableByteArray(buffer), encryptor); byte[] pkcs7envelopedData = envData.getEncoded(); return pkcs7envelopedData; } catch (CryptageException e) { throw e; } catch (Exception e) { throw new CryptageException("SilverCryptFactory.goCrypting", SilverpeasException.ERROR, "util.CRYPT_FAILED", e); } }
From source file:com.zotoh.crypto.CryptoUte.java
License:Open Source License
/** * @param cert//from ww w . j a v a 2 s.c o m * @param algo * @param bp * @return * @throws NoSuchAlgorithmException * @throws CertificateEncodingException * @throws GeneralSecurityException */ public static MimeBodyPart smimeEncrypt(Certificate cert, EncryptionAlgo algo, BodyPart bp) throws NoSuchAlgorithmException, CertificateEncodingException, GeneralSecurityException { tstArgIsType("body-part", bp, MimeBodyPart.class); tstObjArg("cert", cert); tstObjArg("algo", algo); SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator(); Provider prov = Crypto.getInstance().getProvider(); RecipientInfoGenerator g; try { g = new JceKeyTransRecipientInfoGenerator((X509Certificate) cert).setProvider(prov); gen.addRecipientInfoGenerator(g); return gen.generate((MimeBodyPart) bp, new JceCMSContentEncryptorBuilder(algo.getOID()).setProvider(prov).build()); } catch (OperatorCreationException e) { throw new GeneralSecurityException(e); } catch (CMSException e) { throw new GeneralSecurityException(e); } catch (SMIMEException e) { throw new GeneralSecurityException(e); } }
From source file:com.zotoh.crypto.CryptoUte.java
License:Open Source License
/** * @param cert/*from ww w . java 2 s . c o m*/ * @param algo * @param msg * @return * @throws Exception */ public static MimeBodyPart smimeEncrypt(Certificate cert, EncryptionAlgo algo, MimeMessage msg) throws Exception { tstObjArg("mime-message", msg); tstObjArg("cert", cert); tstObjArg("algo", algo); SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator(); Provider prov = Crypto.getInstance().getProvider(); RecipientInfoGenerator g = new JceKeyTransRecipientInfoGenerator((X509Certificate) cert).setProvider(prov); gen.addRecipientInfoGenerator(g); return gen.generate(msg, new JceCMSContentEncryptorBuilder(algo.getOID()).setProvider(prov).build()); }
From source file:com.zotoh.crypto.CryptoUte.java
License:Open Source License
/** * @param cert/*from w w w. j a v a2s . c o m*/ * @param algo * @param mp * @return * @throws MessagingException * @throws NoSuchAlgorithmException * @throws NoSuchProviderException * @throws GeneralSecurityException * @throws CertificateEncodingException */ public static MimeBodyPart smimeEncrypt(Certificate cert, EncryptionAlgo algo, Multipart mp) throws MessagingException, NoSuchAlgorithmException, NoSuchProviderException, GeneralSecurityException, CertificateEncodingException { tstObjArg("multi-part", mp); tstObjArg("cert", cert); tstObjArg("algo", algo); try { SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator(); Provider prov = Crypto.getInstance().getProvider(); RecipientInfoGenerator g = new JceKeyTransRecipientInfoGenerator((X509Certificate) cert) .setProvider(prov); gen.addRecipientInfoGenerator(g); MimeMessage mm = newMimeMsg(); mm.setContent(mp); return gen.generate(mm, new JceCMSContentEncryptorBuilder(algo.getOID()).setProvider(prov).build()); } catch (OperatorCreationException e) { throw new GeneralSecurityException(e); } catch (SMIMEException e) { throw new GeneralSecurityException(e); } catch (CMSException e) { throw new GeneralSecurityException(e); } }
From source file:de.mendelson.comm.as2.message.AS2MessageCreation.java
/** * Encrypts a byte array and returns it/*w w w. j ava2 s .c o m*/ */ private void encryptDataToMessage(AS2Message message, String receiverCryptAlias, int encryptionType, Partner receiver) throws Exception { AS2MessageInfo info = (AS2MessageInfo) message.getAS2Info(); BCCryptoHelper cryptoHelper = new BCCryptoHelper(); X509Certificate certificate = this.encryptionCertManager.getX509Certificate(receiverCryptAlias); CMSEnvelopedDataStreamGenerator dataGenerator = new CMSEnvelopedDataStreamGenerator(); dataGenerator .addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(certificate).setProvider("BC")); DeferredFileOutputStream encryptedOutput = null; OutputStream out = null; try { //if the data is less then 3MB perform the operaion in memory else stream to disk encryptedOutput = new DeferredFileOutputStream(3 * 1024 * 1024, "as2encryptdata_", ".mem", null); if (encryptionType == AS2Message.ENCRYPTION_3DES) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_DES) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_WRAP, 56).setProvider("BC") .build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_40) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 40).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_64) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 64).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_128) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 128).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC2_196) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 196).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_AES_128) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_AES_192) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES192_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_AES_256) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES256_CBC).setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC4_40) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier( cryptoHelper.convertAlgorithmNameToOID(BCCryptoHelper.ALGORITHM_RC4)), 40) .setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC4_56) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier( cryptoHelper.convertAlgorithmNameToOID(BCCryptoHelper.ALGORITHM_RC4)), 56) .setProvider("BC").build()); } else if (encryptionType == AS2Message.ENCRYPTION_RC4_128) { out = dataGenerator.open(encryptedOutput, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier( cryptoHelper.convertAlgorithmNameToOID(BCCryptoHelper.ALGORITHM_RC4)), 128) .setProvider("BC").build()); } if (out == null) { throw new Exception("Internal failure: unsupported encryption type " + encryptionType); } InputStream in = null; try { in = message.getDecryptedRawDataInputStream(); this.copyStreams(in, out); } finally { if (in != null) { in.close(); } } } finally { if (out != null) { out.close(); } if (encryptedOutput != null) { encryptedOutput.close(); } } //size of the data was < than the threshold if (encryptedOutput.isInMemory()) { message.setRawData(encryptedOutput.getData()); } else { //data has been written to a temp file: reread and return ByteArrayOutputStream memOut = new ByteArrayOutputStream(); encryptedOutput.writeTo(memOut); memOut.flush(); memOut.close(); //finally delete the temp file boolean deleted = encryptedOutput.getFile().delete(); message.setRawData(memOut.toByteArray()); } if (this.logger != null) { String cryptAlias = this.encryptionCertManager .getAliasByFingerprint(receiver.getCryptFingerprintSHA1()); this.logger.log(Level.INFO, this.rb.getResourceString("message.encrypted", new Object[] { info.getMessageId(), cryptAlias, this.rbMessage.getResourceString("encryption." + receiver.getEncryptionType()) }), info); } }
From source file:de.mendelson.util.security.BCCryptoHelper.java
/** * @param algorith a algorith alias name, e.g. "3des", wil be translated * into the right IOD number internal/* w ww. j a va2s. c o m*/ */ public MimeBodyPart encrypt(MimeMessage part, Certificate cert, String algorithm) throws Exception { X509Certificate x509Cert = castCertificate(cert); String encAlgOID = this.convertAlgorithmNameToOID(algorithm); SMIMEEnvelopedGenerator generator = new SMIMEEnvelopedGenerator(); generator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(x509Cert).setProvider("BC")); if (part == null) { throw new GeneralSecurityException("encrypt: Part is absent"); } MimeBodyPart encData = generator.generate(part, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(encAlgOID)).setProvider("BC").build()); return encData; }
From source file:de.mendelson.util.security.BCCryptoHelper.java
/** * @param algorith a algorith alias name, e.g. "3des", will be translated * into the right IOD number internal/* w w w .java2s .c o m*/ */ public MimeBodyPart encrypt(MimeBodyPart part, Certificate cert, String algorithm) throws Exception { X509Certificate x509Cert = castCertificate(cert); String encAlgOID = this.convertAlgorithmNameToOID(algorithm); SMIMEEnvelopedGenerator generator = new SMIMEEnvelopedGenerator(); generator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(x509Cert).setProvider("BC")); if (part == null) { throw new GeneralSecurityException("encrypt: Part is absent"); } MimeBodyPart encData = generator.generate(part, new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(encAlgOID)).setProvider("BC").build()); return encData; }