org.bouncycastle.cms.KeyTransRecipientId Java Examples
The following examples show how to use
org.bouncycastle.cms.KeyTransRecipientId.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: PublicKeySecurityHandler.java From sambox with Apache License 2.0 | 6 votes |
|
private void appendCertInfo(StringBuilder extraInfo, KeyTransRecipientId ktRid,
X509Certificate certificate, X509CertificateHolder materialCert)
{
BigInteger ridSerialNumber = ktRid.getSerialNumber();
if (ridSerialNumber != null)
{
String certSerial = "unknown";
BigInteger certSerialNumber = certificate.getSerialNumber();
if (certSerialNumber != null)
{
certSerial = certSerialNumber.toString(16);
}
extraInfo.append("serial-#: rid ");
extraInfo.append(ridSerialNumber.toString(16));
extraInfo.append(" vs. cert ");
extraInfo.append(certSerial);
extraInfo.append(" issuer: rid \'");
extraInfo.append(ktRid.getIssuer());
extraInfo.append("\' vs. cert \'");
extraInfo.append(materialCert == null ? "null" : materialCert.getIssuer());
extraInfo.append("\' ");
}
}
Example #2
| Source File: EnvelopedDataDecryptor.java From xipki with Apache License 2.0 | 5 votes |
|
public EnvelopedDataDecryptorInstance(X509Cert recipientCert, PrivateKey privKey) {
Args.notNull(recipientCert, "recipientCert");
Args.notNull(privKey, "privKey");
this.recipientId = new KeyTransRecipientId(
recipientCert.getIssuer(), recipientCert.getSerialNumber(),
recipientCert.getSubjectKeyId());
this.recipient = new JceKeyTransEnvelopedRecipient(privKey);
}
Example #3
| Source File: BCCryptoHelper.java From OpenAs2App with BSD 2-Clause "Simplified" License | 4 votes |
|
public MimeBodyPart decrypt(MimeBodyPart part, Certificate cert, Key key) throws GeneralSecurityException, MessagingException, CMSException, IOException, SMIMEException {
// Make sure the data is encrypted
if (!isEncrypted(part)) {
throw new GeneralSecurityException("Content-Type indicates data isn't encrypted");
}
// Cast parameters to what BC needs
X509Certificate x509Cert = castCertificate(cert);
// Parse the MIME body into an SMIME envelope object
SMIMEEnveloped envelope = new SMIMEEnveloped(part);
// Get the recipient object for decryption
if (logger.isDebugEnabled()) {
logger.debug("Extracted X500 info:: PRINCIPAL : " + x509Cert.getIssuerX500Principal() + " :: NAME : " + x509Cert.getIssuerX500Principal().getName());
}
X500Name x500Name = new X500Name(x509Cert.getIssuerX500Principal().getName());
KeyTransRecipientId certRecId = new KeyTransRecipientId(x500Name, x509Cert.getSerialNumber());
RecipientInformationStore recipientInfoStore = envelope.getRecipientInfos();
Collection<RecipientInformation> recipients = recipientInfoStore.getRecipients();
if (recipients == null) {
throw new GeneralSecurityException("Certificate recipients could not be extracted");
}
//RecipientInformation recipientInfo = recipientInfoStore.get(recId);
//Object recipient = null;
boolean foundRecipient = false;
for (Iterator<RecipientInformation> iterator = recipients.iterator(); iterator.hasNext(); ) {
RecipientInformation recipientInfo = iterator.next();
//recipient = iterator.next();
if (recipientInfo instanceof KeyTransRecipientInformation) {
// X509CertificateHolder x509CertHolder = new X509CertificateHolder(x509Cert.getEncoded());
//RecipientId rid = recipientInfo.getRID();
if (certRecId.match(recipientInfo) && !foundRecipient) {
foundRecipient = true;
// byte[] decryptedData = recipientInfo.getContent(new JceKeyTransEnvelopedRecipient((PrivateKey)key).setProvider("BC"));
byte[] decryptedData = recipientInfo.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(key.getEncoded()))));
return SMIMEUtil.toMimeBodyPart(decryptedData);
} else {
if (logger.isDebugEnabled()) {
logger.debug("Failed match on recipient ID's:\n RID from msg:" + recipientInfo.getRID().toString() + " \n RID from priv cert: " + certRecId.toString());
}
}
}
}
throw new GeneralSecurityException("Matching certificate recipient could not be found");
}
Example #4
| Source File: GetMailAttachmentService.java From cs-actions with Apache License 2.0 | 4 votes |
|
public Map<String, String> execute(GetMailAttachmentInput getMailAttachmentInput) throws Exception {
this.results = new HashMap<>();
this.input = getMailAttachmentInput;
try (Store store = SSLUtils.createMessageStore(input);
Folder folder = store.getFolder(input.getFolder())) {
if (!folder.exists()) {
throw new Exception(ExceptionMsgs.THE_SPECIFIED_FOLDER_DOES_NOT_EXIST_ON_THE_REMOTE_SERVER);
}
folder.open(Folder.READ_WRITE);
if (input.getMessageNumber() > folder.getMessageCount()) {
throw new IndexOutOfBoundsException("Message value was: " + input.getMessageNumber() + " there are only " +
folder.getMessageCount() + " messages in folder");
}
Message message = folder.getMessage(input.getMessageNumber());
if (input.isEncryptedMessage()) {
ks = KeyStore.getInstance(SecurityConstants.PKCS_KEYSTORE_TYPE, SecurityConstants.BOUNCY_CASTLE_PROVIDER);
recId = new KeyTransRecipientId(new byte[]{});
SecurityUtils.addDecryptionSettings(ks, recId, input);
}
try {
if (StringUtils.isEmpty(input.getDestination())) {
readAttachment(message, input.getAttachmentName(), input.getCharacterSet());
} else {
downloadAttachment(message, input.getAttachmentName(), input.getCharacterSet(),
input.getDestination(), input.isOverwrite());
}
if (input.isDeleteUponRetrieval()) {
message.setFlag(Flags.Flag.DELETED, true);
}
results.put(io.cloudslang.content.constants.OutputNames.RETURN_CODE, ReturnCodes.SUCCESS);
} catch (UnsupportedEncodingException except) {
throw new UnsupportedEncodingException("The given encoding (" + input.getCharacterSet() + ") is invalid or not supported.");
}
return results;
}
}
