Search in sources :

Example 1 with RecipientInfo

use of com.github.zhenwei.pkix.util.asn1.cms.RecipientInfo in project PdfBox-Android by TomRoush.

the class PublicKeySecurityHandler method createDERForRecipient.

private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
    String algorithm = PKCSObjectIdentifiers.RC2_CBC.getId();
    AlgorithmParameterGenerator apg;
    KeyGenerator keygen;
    Cipher cipher;
    try {
        apg = AlgorithmParameterGenerator.getInstance(algorithm, SecurityProvider.getProvider());
        keygen = KeyGenerator.getInstance(algorithm, SecurityProvider.getProvider());
        cipher = Cipher.getInstance(algorithm, SecurityProvider.getProvider());
    } catch (NoSuchAlgorithmException e) {
        // happens when using the command line app .jar file
        throw new IOException("Could not find a suitable javax.crypto provider for algorithm " + algorithm + "; possible reason: using an unsigned .jar file", e);
    } catch (NoSuchPaddingException e) {
        // should never happen, if this happens throw IOException instead
        throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
    }
    AlgorithmParameters parameters = apg.generateParameters();
    ASN1InputStream input = new ASN1InputStream(parameters.getEncoded("ASN.1"));
    ASN1Primitive object = input.readObject();
    input.close();
    keygen.init(128);
    SecretKey secretkey = keygen.generateKey();
    cipher.init(1, secretkey, parameters);
    byte[] bytes = cipher.doFinal(in);
    KeyTransRecipientInfo recipientInfo = computeRecipientInfo(cert, secretkey.getEncoded());
    DERSet set = new DERSet(new RecipientInfo(recipientInfo));
    AlgorithmIdentifier algorithmId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(algorithm), object);
    EncryptedContentInfo encryptedInfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmId, new DEROctetString(bytes));
    EnvelopedData enveloped = new EnvelopedData(null, set, encryptedInfo, (ASN1Set) null);
    ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, enveloped);
    return contentInfo.toASN1Primitive();
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo) AlgorithmParameterGenerator(java.security.AlgorithmParameterGenerator) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) DEROctetString(org.bouncycastle.asn1.DEROctetString) COSString(com.tom_roush.pdfbox.cos.COSString) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) DERSet(org.bouncycastle.asn1.DERSet) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) SecretKey(javax.crypto.SecretKey) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo) Cipher(javax.crypto.Cipher) KeyGenerator(javax.crypto.KeyGenerator) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo) RecipientInfo(org.bouncycastle.asn1.cms.RecipientInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) EnvelopedData(org.bouncycastle.asn1.cms.EnvelopedData) CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData) AlgorithmParameters(java.security.AlgorithmParameters) EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo)

Example 2 with RecipientInfo

use of com.github.zhenwei.pkix.util.asn1.cms.RecipientInfo in project pdfbox by apache.

the class PublicKeySecurityHandler method createDERForRecipient.

private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
    String algorithm = PKCSObjectIdentifiers.RC2_CBC.getId();
    AlgorithmParameterGenerator apg;
    KeyGenerator keygen;
    Cipher cipher;
    try {
        Provider provider = SecurityProvider.getProvider();
        apg = AlgorithmParameterGenerator.getInstance(algorithm, provider);
        keygen = KeyGenerator.getInstance(algorithm, provider);
        cipher = Cipher.getInstance(algorithm, provider);
    } catch (NoSuchAlgorithmException e) {
        // happens when using the command line app .jar file
        throw new IOException("Could not find a suitable javax.crypto provider for algorithm " + algorithm + "; possible reason: using an unsigned .jar file", e);
    } catch (NoSuchPaddingException e) {
        // should never happen, if this happens throw IOException instead
        throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
    }
    AlgorithmParameters parameters = apg.generateParameters();
    ASN1Primitive object;
    try (ASN1InputStream input = new ASN1InputStream(parameters.getEncoded("ASN.1"))) {
        object = input.readObject();
    }
    keygen.init(128);
    SecretKey secretkey = keygen.generateKey();
    cipher.init(1, secretkey, parameters);
    byte[] bytes = cipher.doFinal(in);
    KeyTransRecipientInfo recipientInfo = computeRecipientInfo(cert, secretkey.getEncoded());
    DERSet set = new DERSet(new RecipientInfo(recipientInfo));
    AlgorithmIdentifier algorithmId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(algorithm), object);
    EncryptedContentInfo encryptedInfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmId, new DEROctetString(bytes));
    EnvelopedData enveloped = new EnvelopedData(null, set, encryptedInfo, (ASN1Set) null);
    ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, enveloped);
    return contentInfo.toASN1Primitive();
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo) AlgorithmParameterGenerator(java.security.AlgorithmParameterGenerator) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) DEROctetString(org.bouncycastle.asn1.DEROctetString) COSString(org.apache.pdfbox.cos.COSString) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) DERSet(org.bouncycastle.asn1.DERSet) DEROctetString(org.bouncycastle.asn1.DEROctetString) Provider(java.security.Provider) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) SecretKey(javax.crypto.SecretKey) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo) Cipher(javax.crypto.Cipher) KeyGenerator(javax.crypto.KeyGenerator) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo) RecipientInfo(org.bouncycastle.asn1.cms.RecipientInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) EnvelopedData(org.bouncycastle.asn1.cms.EnvelopedData) CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData) AlgorithmParameters(java.security.AlgorithmParameters) EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo)

Example 3 with RecipientInfo

use of com.github.zhenwei.pkix.util.asn1.cms.RecipientInfo in project OpenPDF by LibrePDF.

the class PdfPublicKeySecurityHandler method createDERForRecipient.

private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
    String s = "1.2.840.113549.3.2";
    AlgorithmParameterGenerator algorithmparametergenerator = AlgorithmParameterGenerator.getInstance(s);
    AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters();
    ByteArrayInputStream bytearrayinputstream = new ByteArrayInputStream(algorithmparameters.getEncoded("ASN.1"));
    ASN1InputStream asn1inputstream = new ASN1InputStream(bytearrayinputstream);
    ASN1Primitive derobject = asn1inputstream.readObject();
    KeyGenerator keygenerator = KeyGenerator.getInstance(s);
    keygenerator.init(128);
    SecretKey secretkey = keygenerator.generateKey();
    Cipher cipher = Cipher.getInstance(s);
    cipher.init(1, secretkey, algorithmparameters);
    byte[] abyte1 = cipher.doFinal(in);
    DEROctetString deroctetstring = new DEROctetString(abyte1);
    KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
    DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
    AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier(s), derobject);
    EncryptedContentInfo encryptedcontentinfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring);
    ASN1Set set = null;
    EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, set);
    ContentInfo contentinfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, env);
    // return contentinfo.getDERObject();
    return contentinfo.toASN1Primitive();
// ******************************************************************************
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo) AlgorithmParameterGenerator(java.security.AlgorithmParameterGenerator) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERSet(org.bouncycastle.asn1.DERSet) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) SecretKey(javax.crypto.SecretKey) ASN1Set(org.bouncycastle.asn1.ASN1Set) ByteArrayInputStream(java.io.ByteArrayInputStream) EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) Cipher(javax.crypto.Cipher) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) KeyGenerator(javax.crypto.KeyGenerator) KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo) RecipientInfo(org.bouncycastle.asn1.cms.RecipientInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) EnvelopedData(org.bouncycastle.asn1.cms.EnvelopedData) AlgorithmParameters(java.security.AlgorithmParameters) EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo)

Example 4 with RecipientInfo

use of com.github.zhenwei.pkix.util.asn1.cms.RecipientInfo in project LinLong-Java by zhenwei1108.

the class KeyAgreeRecipientInfoGenerator method generate.

public RecipientInfo generate(GenericKey contentEncryptionKey) throws CMSException {
    OriginatorIdentifierOrKey originator = new OriginatorIdentifierOrKey(createOriginatorPublicKey(originatorKeyInfo));
    AlgorithmIdentifier keyEncAlg;
    if (CMSUtils.isDES(keyEncryptionOID.getId()) || keyEncryptionOID.equals(PKCSObjectIdentifiers.id_alg_CMSRC2wrap)) {
        keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID, DERNull.INSTANCE);
    } else if (CMSUtils.isGOST(keyAgreementOID)) {
        keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID, new Gost2814789KeyWrapParameters(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet));
    } else {
        keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID);
    }
    AlgorithmIdentifier keyAgreeAlg = new AlgorithmIdentifier(keyAgreementOID, keyEncAlg);
    ASN1Sequence recipients = generateRecipientEncryptedKeys(keyAgreeAlg, keyEncAlg, contentEncryptionKey);
    byte[] userKeyingMaterial = getUserKeyingMaterial(keyAgreeAlg);
    if (userKeyingMaterial != null) {
        return new RecipientInfo(new KeyAgreeRecipientInfo(originator, new DEROctetString(userKeyingMaterial), keyAgreeAlg, recipients));
    } else {
        return new RecipientInfo(new KeyAgreeRecipientInfo(originator, null, keyAgreeAlg, recipients));
    }
}
Also used : ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence) OriginatorIdentifierOrKey(com.github.zhenwei.pkix.util.asn1.cms.OriginatorIdentifierOrKey) Gost2814789KeyWrapParameters(com.github.zhenwei.core.asn1.cryptopro.Gost2814789KeyWrapParameters) RecipientInfo(com.github.zhenwei.pkix.util.asn1.cms.RecipientInfo) KeyAgreeRecipientInfo(com.github.zhenwei.pkix.util.asn1.cms.KeyAgreeRecipientInfo) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) KeyAgreeRecipientInfo(com.github.zhenwei.pkix.util.asn1.cms.KeyAgreeRecipientInfo)

Example 5 with RecipientInfo

use of com.github.zhenwei.pkix.util.asn1.cms.RecipientInfo in project LinLong-Java by zhenwei1108.

the class KeyTransRecipientInfoGenerator method generate.

public final RecipientInfo generate(GenericKey contentEncryptionKey) throws CMSException {
    byte[] encryptedKeyBytes;
    try {
        encryptedKeyBytes = wrapper.generateWrappedKey(contentEncryptionKey);
    } catch (OperatorException e) {
        throw new CMSException("exception wrapping content key: " + e.getMessage(), e);
    }
    RecipientIdentifier recipId;
    if (issuerAndSerial != null) {
        recipId = new RecipientIdentifier(issuerAndSerial);
    } else {
        recipId = new RecipientIdentifier(new DEROctetString(subjectKeyIdentifier));
    }
    return new RecipientInfo(new KeyTransRecipientInfo(recipId, wrapper.getAlgorithmIdentifier(), new DEROctetString(encryptedKeyBytes)));
}
Also used : KeyTransRecipientInfo(com.github.zhenwei.pkix.util.asn1.cms.KeyTransRecipientInfo) RecipientIdentifier(com.github.zhenwei.pkix.util.asn1.cms.RecipientIdentifier) KeyTransRecipientInfo(com.github.zhenwei.pkix.util.asn1.cms.KeyTransRecipientInfo) RecipientInfo(com.github.zhenwei.pkix.util.asn1.cms.RecipientInfo) OperatorException(com.github.zhenwei.pkix.operator.OperatorException) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)

Aggregations

RecipientInfo (com.github.zhenwei.pkix.util.asn1.cms.RecipientInfo)4 AlgorithmParameterGenerator (java.security.AlgorithmParameterGenerator)4 AlgorithmParameters (java.security.AlgorithmParameters)4 Cipher (javax.crypto.Cipher)4 KeyGenerator (javax.crypto.KeyGenerator)4 SecretKey (javax.crypto.SecretKey)4 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)4 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)4 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)4 DEROctetString (org.bouncycastle.asn1.DEROctetString)4 DERSet (org.bouncycastle.asn1.DERSet)4 ContentInfo (org.bouncycastle.asn1.cms.ContentInfo)4 EncryptedContentInfo (org.bouncycastle.asn1.cms.EncryptedContentInfo)4 EnvelopedData (org.bouncycastle.asn1.cms.EnvelopedData)4 KeyTransRecipientInfo (org.bouncycastle.asn1.cms.KeyTransRecipientInfo)4 RecipientInfo (org.bouncycastle.asn1.cms.RecipientInfo)4 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)4 DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)3 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)2 KeyAgreeRecipientInfo (com.github.zhenwei.pkix.util.asn1.cms.KeyAgreeRecipientInfo)2