Example usage for org.bouncycastle.cms KEKRecipientId KEKRecipientId

List of usage examples for org.bouncycastle.cms KEKRecipientId KEKRecipientId

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cms.*
  5. KEKRecipientId
  6. KEKRecipientId

Introduction

In this page you can find the example usage for org.bouncycastle.cms KEKRecipientId KEKRecipientId.

Prototype

public KEKRecipientId(byte[] keyIdentifier)

Source Link

Document

Construct a recipient ID with the key identifier of a KEK recipient.

Usage

From source file:chapter9.KEKEnvelopedDataExample.java

/**
 *
 * @param args/* www .j  a v  a  2s . co  m*/
 * @throws Exception
 */
public static void main(String[] args) throws Exception {
    KeyGenerator keyGen = KeyGenerator.getInstance(CryptoDefs.Algorithm.DESede.getName(),
            CryptoDefs.Provider.BC.getName());
    SecretKey key = keyGen.generateKey();

    //1.- Set up the generator
    CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();

    byte[] kekID = new byte[] { 1, 2, 3, 4, 5 };

    edGen.addKEKRecipient(key, kekID);

    //2.- Create the enveloped-data object
    CMSProcessable data = new CMSProcessableByteArray("Hello World!!".getBytes());
    CMSEnvelopedData enveloped = edGen.generate(data, CMSEnvelopedDataGenerator.AES128_CBC,
            CryptoDefs.Provider.BC.getName());

    //3.- Re-create
    enveloped = new CMSEnvelopedData(enveloped.getEncoded());

    //4.- Look for our recipient identifier
    RecipientId recId = new KEKRecipientId(kekID);

    RecipientInformationStore recipients = enveloped.getRecipientInfos();
    RecipientInformation recipient = recipients.get(recId);

    if (recipient != null) {
        //5.- Decrypt the data
        byte[] recData = recipient.getContent(key, CryptoDefs.Provider.BC.getName());

        //6.- Compare recovered data to the original data
        if (Arrays.equals((byte[]) data.getContent(), recData))
            System.out.println("\t data recovery succeeded!!");
        else
            System.out.println("\t data recovery failed!!");
    } else
        System.out.println("\t Could not find a matching recipient!!");
}

From source file:io.aos.crypto.spl09.EnvelopedMailExample.java

License:Apache License

public static void main(String args[]) throws Exception {
    KeyStore credentials = Utils.createCredentials();
    PrivateKey key = (PrivateKey) credentials.getKey(Utils.END_ENTITY_ALIAS, Utils.KEY_PASSWD);
    Certificate[] chain = credentials.getCertificateChain(Utils.END_ENTITY_ALIAS);
    X509Certificate cert = (X509Certificate) chain[0];

    // create the message we want encrypted
    MimeBodyPart dataPart = new MimeBodyPart();

    dataPart.setText("Hello world!");

    // set up the generator
    SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator();

    gen.addKeyTransRecipient(cert);//  w w w  . ja va2s  .  c  o m

    // generate the enveloped message
    MimeBodyPart envPart = gen.generate(dataPart, SMIMEEnvelopedGenerator.AES256_CBC, "BC");

    // create the mail message
    MimeMessage mail = Utils.createMimeMessage("example enveloped message", envPart.getContent(),
            envPart.getContentType());

    // create the enveloped object from the mail message
    SMIMEEnveloped enveloped = new SMIMEEnveloped(mail);

    // look for our recipient identifier
    RecipientId recId = new KEKRecipientId(null);

    recId.setSerialNumber(cert.getSerialNumber());
    recId.setIssuer(cert.getIssuerX500Principal().getEncoded());

    RecipientInformationStore recipients = enveloped.getRecipientInfos();
    RecipientInformation recipient = recipients.get(recId);

    if (recipient != null) {
        // decryption step
        MimeBodyPart recoveredPart = SMIMEUtil.toMimeBodyPart(recipient.getContent(key, "BC"));

        // content display step
        System.out.print("Content: ");
        System.out.println(recoveredPart.getContent());
    } else {
        System.out.println("could not find a matching recipient");
    }
}

From source file:io.aos.crypto.spl09.EnvelopedSignedMailExample.java

License:Apache License

public static void main(String[] args) throws Exception {
    KeyStore credentials = Utils.createCredentials();
    PrivateKey key = (PrivateKey) credentials.getKey(Utils.END_ENTITY_ALIAS, Utils.KEY_PASSWD);
    Certificate[] chain = credentials.getCertificateChain(Utils.END_ENTITY_ALIAS);
    CertStore certsAndCRLs = CertStore.getInstance("Collection",
            new CollectionCertStoreParameters(Arrays.asList(chain)), "BC");
    X509Certificate cert = (X509Certificate) chain[0];

    // create the message we want signed
    MimeBodyPart dataPart = new MimeBodyPart();

    dataPart.setText("Hello world!");

    // create the signed message
    MimeMultipart signedMultipart = SignedMailExample.createMultipartWithSignature(key, cert, certsAndCRLs,
            dataPart);/*from   w  w  w.jav  a2 s .c o m*/

    // create the body part containing the signed message
    MimeBodyPart signedPart = new MimeBodyPart();

    signedPart.setContent(signedMultipart);

    // set up the enveloped message generator
    SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator();

    gen.addKeyTransRecipient(cert);

    // generate the enveloped message
    MimeBodyPart envPart = gen.generate(signedPart, SMIMEEnvelopedGenerator.AES256_CBC, "BC");

    // create the mail message
    MimeMessage mail = Utils.createMimeMessage("example signed and enveloped message", envPart.getContent(),
            envPart.getContentType());

    // create the enveloped object from the mail message
    SMIMEEnveloped enveloped = new SMIMEEnveloped(mail);

    // look for our recipient identifier
    RecipientId recId = new KEKRecipientId(null);

    recId.setSerialNumber(cert.getSerialNumber());
    recId.setIssuer(cert.getIssuerX500Principal().getEncoded());

    RecipientInformationStore recipients = enveloped.getRecipientInfos();
    RecipientInformation recipient = recipients.get(recId);

    // decryption step
    MimeBodyPart res = SMIMEUtil.toMimeBodyPart(recipient.getContent(key, "BC"));

    // extract the multi-part from the body part.
    if (res.getContent() instanceof MimeMultipart) {
        SMIMESigned signed = new SMIMESigned((MimeMultipart) res.getContent());

        // verification step
        X509Certificate rootCert = (X509Certificate) credentials.getCertificate(Utils.ROOT_ALIAS);

        if (isValid(signed, rootCert)) {
            System.out.println("verification succeeded");
        } else {
            System.out.println("verification failed");
        }

        // content display step
        MimeBodyPart content = signed.getContent();

        System.out.print("Content: ");
        System.out.println(content.getContent());
    } else {
        System.out.println("wrong content found");
    }
}

From source file:io.aos.crypto.spl09.KEKEnvelopedDataExample.java

License:Apache License

public static void main(String... args) throws Exception {
    KeyGenerator keyGen = KeyGenerator.getInstance("DESEDE", "BC");
    SecretKey key = keyGen.generateKey();

    // set up the generator
    CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();

    byte[] kekID = new byte[] { 1, 2, 3, 4, 5 };

    edGen.addKEKRecipient(key, kekID);// ww w  .  j av a2s  .co  m

    // create the enveloped-data object
    CMSProcessable data = new CMSProcessableByteArray("Hello World!".getBytes());

    CMSEnvelopedData enveloped = edGen.generate(data, CMSEnvelopedDataGenerator.AES128_CBC, "BC");
    // recreate
    enveloped = new CMSEnvelopedData(enveloped.getEncoded());

    // look for our recipient
    RecipientId recId = new KEKRecipientId(kekID);

    RecipientInformationStore recipients = enveloped.getRecipientInfos();
    RecipientInformation recipient = recipients.get(recId);

    if (recipient != null) {
        // decrypt the data
        byte[] recData = recipient.getContent(key, "BC");

        // compare recovered data to the original data
        if (Arrays.equals((byte[]) data.getContent(), recData)) {
            System.out.println("data recovery succeeded");
        } else {
            System.out.println("data recovery failed");
        }
    } else {
        System.out.println("could not find a matching recipient");
    }
}

From source file:io.aos.crypto.spl09.KeyTransEnvelopedDataExample.java

License:Apache License

public static void main(String... args) throws Exception {
    KeyStore credentials = Utils.createCredentials();
    PrivateKey key = (PrivateKey) credentials.getKey(Utils.END_ENTITY_ALIAS, Utils.KEY_PASSWD);
    Certificate[] chain = credentials.getCertificateChain(Utils.END_ENTITY_ALIAS);
    X509Certificate cert = (X509Certificate) chain[0];

    // set up the generator
    CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator();

    gen.addKeyTransRecipient(cert);//from w w  w . j a  va2 s.  c  o  m

    // create the enveloped-data object
    CMSProcessable data = new CMSProcessableByteArray("Hello World!".getBytes());

    CMSEnvelopedData enveloped = gen.generate(data, CMSEnvelopedDataGenerator.AES128_CBC, "BC");

    // recreate
    enveloped = new CMSEnvelopedData(enveloped.getEncoded());

    // look for our recipient identifier
    RecipientId recId = new KEKRecipientId(null);

    recId.setSerialNumber(cert.getSerialNumber());
    recId.setIssuer(cert.getIssuerX500Principal().getEncoded());

    RecipientInformationStore recipients = enveloped.getRecipientInfos();
    RecipientInformation recipient = recipients.get(recId);

    if (recipient != null) {
        // decrypt the data
        byte[] recData = recipient.getContent(key, "BC");

        // compare recovered data to the original data
        if (Arrays.equals((byte[]) data.getContent(), recData)) {
            System.out.println("data recovery succeeded");
        } else {
            System.out.println("data recovery failed");
        }
    } else {
        System.out.println("could not find a matching recipient");
    }
}