use of com.github.zhenwei.pkix.util.asn1.cms.KeyTransRecipientInfo in project PdfBox-Android by TomRoush.
the class PublicKeySecurityHandler method createDERForRecipient.
private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
String algorithm = PKCSObjectIdentifiers.RC2_CBC.getId();
AlgorithmParameterGenerator apg;
KeyGenerator keygen;
Cipher cipher;
try {
apg = AlgorithmParameterGenerator.getInstance(algorithm, SecurityProvider.getProvider());
keygen = KeyGenerator.getInstance(algorithm, SecurityProvider.getProvider());
cipher = Cipher.getInstance(algorithm, SecurityProvider.getProvider());
} catch (NoSuchAlgorithmException e) {
// happens when using the command line app .jar file
throw new IOException("Could not find a suitable javax.crypto provider for algorithm " + algorithm + "; possible reason: using an unsigned .jar file", e);
} catch (NoSuchPaddingException e) {
// should never happen, if this happens throw IOException instead
throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
}
AlgorithmParameters parameters = apg.generateParameters();
ASN1InputStream input = new ASN1InputStream(parameters.getEncoded("ASN.1"));
ASN1Primitive object = input.readObject();
input.close();
keygen.init(128);
SecretKey secretkey = keygen.generateKey();
cipher.init(1, secretkey, parameters);
byte[] bytes = cipher.doFinal(in);
KeyTransRecipientInfo recipientInfo = computeRecipientInfo(cert, secretkey.getEncoded());
DERSet set = new DERSet(new RecipientInfo(recipientInfo));
AlgorithmIdentifier algorithmId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(algorithm), object);
EncryptedContentInfo encryptedInfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmId, new DEROctetString(bytes));
EnvelopedData enveloped = new EnvelopedData(null, set, encryptedInfo, (ASN1Set) null);
ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, enveloped);
return contentInfo.toASN1Primitive();
}
use of com.github.zhenwei.pkix.util.asn1.cms.KeyTransRecipientInfo in project PdfBox-Android by TomRoush.
the class PublicKeySecurityHandler method computeRecipientInfo.
private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0) throws IOException, CertificateEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
ASN1InputStream input = new ASN1InputStream(x509certificate.getTBSCertificate());
TBSCertificate certificate = TBSCertificate.getInstance(input.readObject());
input.close();
AlgorithmIdentifier algorithmId = certificate.getSubjectPublicKeyInfo().getAlgorithm();
IssuerAndSerialNumber serial = new IssuerAndSerialNumber(certificate.getIssuer(), certificate.getSerialNumber().getValue());
Cipher cipher;
try {
cipher = Cipher.getInstance(algorithmId.getAlgorithm().getId(), SecurityProvider.getProvider());
} catch (NoSuchAlgorithmException e) {
// should never happen, if this happens throw IOException instead
throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
} catch (NoSuchPaddingException e) {
// should never happen, if this happens throw IOException instead
throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
}
cipher.init(1, x509certificate.getPublicKey());
DEROctetString octets = new DEROctetString(cipher.doFinal(abyte0));
RecipientIdentifier recipientId = new RecipientIdentifier(serial);
return new KeyTransRecipientInfo(recipientId, algorithmId, octets);
}
use of com.github.zhenwei.pkix.util.asn1.cms.KeyTransRecipientInfo in project nhin-d by DirectProject.
the class SplitDirectRecipientInformationFactory method createInstance.
/**
* {@inheritDoc}
*/
@Override
public DirectRecipientInformation createInstance(RecipientInformation recipient, SMIMEEnveloped env) {
try {
if (recipient == null)
return null;
final Field infoField = recipient.getClass().getDeclaredField("_info");
infoField.setAccessible(true);
final Object info = infoField.get(recipient);
if (!(info instanceof KeyTransRecipientInfo)) {
// fall back to the default if we don't know how to handle this info type
return new DefaultDirectRecipientInformation(recipient, "");
}
final Field encAlgField = CMSEnvelopedData.class.getDeclaredField("encAlg");
encAlgField.setAccessible(true);
final Object encAlg = encAlgField.get(env);
final Field dataField = RecipientInformation.class.getDeclaredField("_data");
dataField.setAccessible(true);
final Object data = dataField.get(recipient);
return new SplitDirectRecipientInformation((KeyTransRecipientInfo) info, (AlgorithmIdentifier) encAlg, (InputStream) data, encProvider, keyEncProvider);
} catch (Exception e) {
throw new IllegalStateException("RecipientInformation configuration is not recognized: " + e.getMessage(), e);
}
}
use of com.github.zhenwei.pkix.util.asn1.cms.KeyTransRecipientInfo in project pdfbox by apache.
the class PublicKeySecurityHandler method computeRecipientInfo.
private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0) throws IOException, CertificateEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
TBSCertificate certificate;
try (ASN1InputStream input = new ASN1InputStream(x509certificate.getTBSCertificate())) {
certificate = TBSCertificate.getInstance(input.readObject());
}
AlgorithmIdentifier algorithmId = certificate.getSubjectPublicKeyInfo().getAlgorithm();
IssuerAndSerialNumber serial = new IssuerAndSerialNumber(certificate.getIssuer(), certificate.getSerialNumber().getValue());
Cipher cipher;
try {
cipher = Cipher.getInstance(algorithmId.getAlgorithm().getId(), SecurityProvider.getProvider());
} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
// should never happen, if this happens throw IOException instead
throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
}
cipher.init(1, x509certificate.getPublicKey());
DEROctetString octets = new DEROctetString(cipher.doFinal(abyte0));
RecipientIdentifier recipientId = new RecipientIdentifier(serial);
return new KeyTransRecipientInfo(recipientId, algorithmId, octets);
}
use of com.github.zhenwei.pkix.util.asn1.cms.KeyTransRecipientInfo in project pdfbox by apache.
the class PublicKeySecurityHandler method createDERForRecipient.
private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
String algorithm = PKCSObjectIdentifiers.RC2_CBC.getId();
AlgorithmParameterGenerator apg;
KeyGenerator keygen;
Cipher cipher;
try {
Provider provider = SecurityProvider.getProvider();
apg = AlgorithmParameterGenerator.getInstance(algorithm, provider);
keygen = KeyGenerator.getInstance(algorithm, provider);
cipher = Cipher.getInstance(algorithm, provider);
} catch (NoSuchAlgorithmException e) {
// happens when using the command line app .jar file
throw new IOException("Could not find a suitable javax.crypto provider for algorithm " + algorithm + "; possible reason: using an unsigned .jar file", e);
} catch (NoSuchPaddingException e) {
// should never happen, if this happens throw IOException instead
throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
}
AlgorithmParameters parameters = apg.generateParameters();
ASN1Primitive object;
try (ASN1InputStream input = new ASN1InputStream(parameters.getEncoded("ASN.1"))) {
object = input.readObject();
}
keygen.init(128);
SecretKey secretkey = keygen.generateKey();
cipher.init(1, secretkey, parameters);
byte[] bytes = cipher.doFinal(in);
KeyTransRecipientInfo recipientInfo = computeRecipientInfo(cert, secretkey.getEncoded());
DERSet set = new DERSet(new RecipientInfo(recipientInfo));
AlgorithmIdentifier algorithmId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(algorithm), object);
EncryptedContentInfo encryptedInfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmId, new DEROctetString(bytes));
EnvelopedData enveloped = new EnvelopedData(null, set, encryptedInfo, (ASN1Set) null);
ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, enveloped);
return contentInfo.toASN1Primitive();
}
Aggregations