use of com.helger.as2lib.crypto.ECryptoAlgorithmCrypt in project as2-lib by phax.
the class MainSendToMendelsonTestServer method main.
public static void main(final String[] args) throws Exception {
Proxy aHttpProxy = null;
if (false)
aHttpProxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("1.2.3.4", 8080));
IHTTPOutgoingDumperFactory aOutgoingDumperFactory = null;
if (false)
aOutgoingDumperFactory = x -> new HTTPOutgoingDumperStreamBased(System.out);
if (false)
HTTPHelper.setHTTPIncomingDumperFactory(() -> new HTTPIncomingDumperStreamBased(new NonClosingOutputStream(System.out)));
// Start client configuration
final AS2ClientSettings aSettings = new AS2ClientSettings();
aSettings.setKeyStore(EKeyStoreType.PKCS12, new File("src/test/resources/mendelson/key3.pfx"), "test");
// Fixed sender
aSettings.setSenderData("mycompanyAS2", "phax.as2-lib@github.com", "key3");
// Fixed receiver - key alias must be "mendelsontestAS2"
aSettings.setReceiverData("mendelsontestAS2", "mendelsontestAS2", true ? "https://testas2.mendelson-e-c.com:8444/as2/HttpReceiver" : "http://testas2.mendelson-e-c.com:8080/as2/HttpReceiver");
final X509Certificate aReceiverCertificate = AS2KeyStoreHelper.readX509Certificate("src/test/resources/mendelson/key4.cer");
aSettings.setReceiverCertificate(aReceiverCertificate);
// AS2 stuff
aSettings.setPartnershipName(aSettings.getSenderAS2ID() + "_" + aSettings.getReceiverAS2ID());
// When a signed message is used, the algorithm for MIC and message must be
// identical
final ECryptoAlgorithmSign eSignAlgo = ECryptoAlgorithmSign.DIGEST_SHA_512;
// CBC works, GCM is not supported
final ECryptoAlgorithmCrypt eCryptAlgo = ECryptoAlgorithmCrypt.CRYPT_AES128_CBC;
final ECompressionType eCompress = ECompressionType.ZLIB;
final boolean bCompressBeforeSigning = AS2ClientSettings.DEFAULT_COMPRESS_BEFORE_SIGNING;
aSettings.setMDNOptions(new DispositionOptions().setMICAlg(eSignAlgo).setMICAlgImportance(DispositionOptions.IMPORTANCE_REQUIRED).setProtocol(DispositionOptions.PROTOCOL_PKCS7_SIGNATURE).setProtocolImportance(DispositionOptions.IMPORTANCE_REQUIRED));
aSettings.setEncryptAndSign(eCryptAlgo, eSignAlgo);
aSettings.setCompress(eCompress, bCompressBeforeSigning);
aSettings.setMessageIDFormat("github-phax-as2-lib-$date.uuuuMMdd-HHmmssZ$-$rand.1234$@$msg.sender.as2_id$_$msg.receiver.as2_id$");
aSettings.setRetryCount(1);
aSettings.setConnectTimeoutMS(10_000);
aSettings.setReadTimeoutMS(10_000);
aSettings.setHttpOutgoingDumperFactory(aOutgoingDumperFactory);
// Build client request
final AS2ClientRequest aRequest = new AS2ClientRequest("AS2 test message from as2-lib");
aRequest.setData(new DataHandler(new FileDataSource(new File("src/test/resources/mendelson/testcontent.attachment"))));
aRequest.setContentType(CMimeType.TEXT_PLAIN.getAsString());
if (false)
aRequest.setContentTransferEncoding(EContentTransferEncoding.BASE64);
// Send message
final AS2ClientResponse aResponse = new AS2Client().setHttpProxy(aHttpProxy).sendSynchronous(aSettings, aRequest);
if (aResponse.hasException())
LOGGER.info(aResponse.getAsString());
LOGGER.info("Done");
}
use of com.helger.as2lib.crypto.ECryptoAlgorithmCrypt in project as2-lib by phax.
the class AS2SenderModule method secure.
@Nonnull
protected MimeBodyPart secure(@Nonnull final IMessage aMsg, @Nonnull final EContentTransferEncoding eCTE) throws Exception {
final Partnership aPartnership = aMsg.partnership();
final ICertificateFactory aCertFactory = getSession().getCertificateFactory();
// Get compression parameters
// If compression is enabled, by default is is compressed before signing
ECompressionType eCompressionType = null;
boolean bCompressBeforeSign = true;
Consumer<MimeBodyPart> aCompressBeforeSignCallback = null;
{
final String sCompressionType = aPartnership.getCompressionType();
if (sCompressionType != null) {
eCompressionType = ECompressionType.getFromIDCaseInsensitiveOrNull(sCompressionType);
if (eCompressionType == null)
throw new AS2Exception("The compression type '" + sCompressionType + "' is not supported!");
bCompressBeforeSign = aPartnership.isCompressBeforeSign();
if (bCompressBeforeSign) {
// Replace the message data, because it is the basis for the MIC
aCompressBeforeSignCallback = aMsg::setData;
}
}
}
// Get signing parameters
ECryptoAlgorithmSign eSignAlgorithm = null;
X509Certificate aSenderCert = null;
PrivateKey aSenderKey = null;
boolean bIncludeCertificateInSignedContent = false;
boolean bUseRFC3851MICAlg = false;
boolean bRemoveCmsAlgorithmProtect = false;
{
final String sSignAlgorithm = aPartnership.getSigningAlgorithm();
if (sSignAlgorithm != null) {
aSenderCert = aCertFactory.getCertificate(aMsg, ECertificatePartnershipType.SENDER);
aSenderKey = aCertFactory.getPrivateKey(aSenderCert);
eSignAlgorithm = ECryptoAlgorithmSign.getFromIDOrNull(sSignAlgorithm);
if (eSignAlgorithm == null)
throw new AS2Exception("The signing algorithm '" + sSignAlgorithm + "' is not supported!");
// Include certificate in signed content?
final ETriState eIncludeCertificateInSignedContent = aMsg.partnership().getIncludeCertificateInSignedContent();
if (eIncludeCertificateInSignedContent.isDefined()) {
// Use per partnership
bIncludeCertificateInSignedContent = eIncludeCertificateInSignedContent.getAsBooleanValue();
} else {
// Use global value
bIncludeCertificateInSignedContent = getSession().isCryptoSignIncludeCertificateInBodyPart();
}
// Use old MIC algorithms?
bUseRFC3851MICAlg = aPartnership.isRFC3851MICAlgs();
// Remove CMS attributes?
bRemoveCmsAlgorithmProtect = aPartnership.isRemoveCmsAlgorithmProtect();
}
}
// Get encryption parameters
ECryptoAlgorithmCrypt eCryptAlgorithm = null;
X509Certificate aReceiverCert = null;
{
final String sCryptAlgorithm = aPartnership.getEncryptAlgorithm();
if (sCryptAlgorithm != null) {
aReceiverCert = aCertFactory.getCertificate(aMsg, ECertificatePartnershipType.RECEIVER);
eCryptAlgorithm = ECryptoAlgorithmCrypt.getFromIDOrNull(sCryptAlgorithm);
if (eCryptAlgorithm == null)
throw new AS2Exception("The crypting algorithm '" + sCryptAlgorithm + "' is not supported!");
}
}
// Set CTE once here - required for stream creation later on!
aMsg.headers().setHeader(CHttpHeader.CONTENT_TRANSFER_ENCODING, eCTE.getID());
if (eCompressionType != null || eCryptAlgorithm != null) {
// Header is needed when compression or encryption is enabled
if (aMsg.getData().getHeader(CHttpHeader.CONTENT_TRANSFER_ENCODING) == null)
aMsg.getData().setHeader(CHttpHeader.CONTENT_TRANSFER_ENCODING, eCTE.getID());
}
if (eCompressionType != null && eSignAlgorithm == null && eCryptAlgorithm == null) {
// Compression only - set the respective content type
aMsg.headers().setHeader(CHttpHeader.CONTENT_TYPE, CMimeType.APPLICATION_OCTET_STREAM.getAsStringWithoutParameters());
}
return secureMimeBodyPart(aMsg.getData(), eCTE, eCompressionType, bCompressBeforeSign, aCompressBeforeSignCallback, eSignAlgorithm, aSenderCert, aSenderKey, bIncludeCertificateInSignedContent, bUseRFC3851MICAlg, bRemoveCmsAlgorithmProtect, eCryptAlgorithm, aReceiverCert, aMsg.getLoggingText());
}
use of com.helger.as2lib.crypto.ECryptoAlgorithmCrypt in project as2-lib by phax.
the class MainIssue45 method main.
public static void main(final String[] args) throws Exception {
// Enable or disable debug mode
if (false)
GlobalDebug.setDebugModeDirect(false);
Proxy aHttpProxy = null;
if (true)
aHttpProxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("172.30.9.6", 8080));
// Start client configuration
final AS2ClientSettings aSettings = new AS2ClientSettings();
aSettings.setKeyStore(EKeyStoreType.PKCS12, new File("src/test/resources/mendelson/key3.pfx"), "test");
// Fixed sender
aSettings.setSenderData("mycompanyAS2", "phax.as2-lib@github.com", "key3");
// Fixed receiver - key alias must be "mendelsontestAS2"
aSettings.setReceiverData("mendelsontestAS2", "mendelsontestAS2", "http://testas2.mendelson-e-c.com:8080/as2/HttpReceiver");
final X509Certificate aReceiverCertificate = AS2KeyStoreHelper.readX509Certificate("src/test/resources/mendelson/key4.cer");
aSettings.setReceiverCertificate(aReceiverCertificate);
// AS2 stuff
aSettings.setPartnershipName(aSettings.getSenderAS2ID() + "_" + aSettings.getReceiverAS2ID());
// When a signed message is used, the algorithm for MIC and message must be
// identical
final ECryptoAlgorithmSign eSignAlgo = null;
final ECryptoAlgorithmCrypt eCryptAlgo = null;
final boolean bCompress = false;
aSettings.setEncryptAndSign(eCryptAlgo, eSignAlgo);
aSettings.setCompress(ECompressionType.ZLIB, bCompress);
aSettings.setMessageIDFormat("github-phax-as2-lib-$date.ddMMuuuuHHmmssZ$-$rand.1234$@$msg.sender.as2_id$_$msg.receiver.as2_id$");
aSettings.setRetryCount(1);
aSettings.setConnectTimeoutMS(10_000);
aSettings.setReadTimeoutMS(10_000);
// Build client request
final AS2ClientRequest aRequest = new AS2ClientRequest("AS2 test message from as2-lib");
aRequest.setData(new File("src/test/resources/mendelson/testcontent.attachment"), Charset.defaultCharset());
aRequest.setContentType(CMimeType.TEXT_PLAIN.getAsString());
// Send message
final AS2ClientResponse aResponse = new AS2Client().setHttpProxy(aHttpProxy).sendSynchronous(aSettings, aRequest);
if (aResponse.hasException())
LOGGER.info(aResponse.getAsString());
LOGGER.info("Done");
}
use of com.helger.as2lib.crypto.ECryptoAlgorithmCrypt in project as2-lib by phax.
the class MainSendToLocalhost8080 method main.
public static void main(final String[] args) throws Exception {
Proxy aHttpProxy = null;
if (false)
aHttpProxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("1.2.3.4", 8080));
IHTTPOutgoingDumperFactory aOutgoingDumperFactory = null;
if (false)
aOutgoingDumperFactory = x -> new HTTPOutgoingDumperStreamBased(System.out);
if (false)
HTTPHelper.setHTTPIncomingDumperFactory(() -> new HTTPIncomingDumperStreamBased(new NonClosingOutputStream(System.out)));
// Start client configuration
final AS2ClientSettings aSettings = new AS2ClientSettings();
aSettings.setKeyStore(EKeyStoreType.PKCS12, new File("src/test/resources/localhost/certs.p12"), "test");
// Fixed sender
aSettings.setSenderData("mycompanyAS2", "phax.as2-lib@github.com", "openas2a_alias");
// Fixed receiver - key alias must be "openas2b_alias"
aSettings.setReceiverData("openas2b_alias", "openas2b_alias", "http://localhost:8080/as2");
final X509Certificate aReceiverCertificate = AS2KeyStoreHelper.readX509Certificate("src/test/resources/mendelson/key4.cer");
aSettings.setReceiverCertificate(aReceiverCertificate);
// AS2 stuff
aSettings.setPartnershipName(aSettings.getSenderAS2ID() + "_" + aSettings.getReceiverAS2ID());
// When a signed message is used, the algorithm for MIC and message must be
// identical
final ECryptoAlgorithmSign eSignAlgo = ECryptoAlgorithmSign.DIGEST_SHA_256;
final ECryptoAlgorithmCrypt eCryptAlgo = ECryptoAlgorithmCrypt.CRYPT_AES128_GCM;
final ECompressionType eCompress = ECompressionType.ZLIB;
final boolean bCompressBeforeSigning = AS2ClientSettings.DEFAULT_COMPRESS_BEFORE_SIGNING;
aSettings.setMDNOptions(new DispositionOptions().setMICAlg(eSignAlgo).setMICAlgImportance(DispositionOptions.IMPORTANCE_REQUIRED).setProtocol(DispositionOptions.PROTOCOL_PKCS7_SIGNATURE).setProtocolImportance(DispositionOptions.IMPORTANCE_REQUIRED));
aSettings.setEncryptAndSign(eCryptAlgo, eSignAlgo);
aSettings.setCompress(eCompress, bCompressBeforeSigning);
aSettings.setMessageIDFormat("github-phax-as2-lib-$date.uuuuMMdd-HHmmssZ$-$rand.1234$@$msg.sender.as2_id$_$msg.receiver.as2_id$");
aSettings.setRetryCount(1);
aSettings.setConnectTimeoutMS(10_000);
aSettings.setReadTimeoutMS(10_000);
aSettings.setHttpOutgoingDumperFactory(aOutgoingDumperFactory);
// Build client request
final AS2ClientRequest aRequest = new AS2ClientRequest("AS2 test message from as2-lib");
aRequest.setData(new DataHandler(new FileDataSource(new File("src/test/resources/mendelson/testcontent.attachment"))));
aRequest.setContentType(CMimeType.TEXT_PLAIN.getAsString());
if (false)
aRequest.setContentTransferEncoding(EContentTransferEncoding.BASE64);
// Send message
final AS2ClientResponse aResponse = new AS2Client().setHttpProxy(aHttpProxy).sendSynchronous(aSettings, aRequest);
if (aResponse.hasException())
LOGGER.info(aResponse.getAsString());
LOGGER.info("Done");
}
use of com.helger.as2lib.crypto.ECryptoAlgorithmCrypt in project as2-lib by phax.
the class MainSendToMendelsonTestServerPlayground method main.
public static void main(final String[] args) throws Exception {
// Enable or disable debug mode
if (false)
GlobalDebug.setDebugModeDirect(false);
Proxy aHttpProxy = null;
if (false)
aHttpProxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("172.30.9.6", 8080));
IHTTPOutgoingDumperFactory aOutgoingDumperFactory = null;
if (false)
aOutgoingDumperFactory = x -> new HTTPOutgoingDumperStreamBased(System.out);
if (false)
HTTPHelper.setHTTPIncomingDumperFactory(() -> new HTTPIncomingDumperStreamBased(new NonClosingOutputStream(System.out)));
// Start client configuration
final AS2ClientSettings aSettings = new AS2ClientSettings();
aSettings.setKeyStore(EKeyStoreType.PKCS12, new File("src/test/resources/mendelson/key3.pfx"), "test");
// Fixed sender
aSettings.setSenderData("mycompanyAS2", "phax.as2-lib@github.com", "key3");
// Fixed receiver - key alias must be "mendelsontestAS2"
aSettings.setReceiverData("mendelsontestAS2", "mendelsontestAS2", "http://testas2.mendelson-e-c.com:8080/as2/HttpReceiver");
final X509Certificate aReceiverCertificate = AS2KeyStoreHelper.readX509Certificate("src/test/resources/mendelson/key4.cer");
aSettings.setReceiverCertificate(aReceiverCertificate);
// AS2 stuff
aSettings.setPartnershipName(aSettings.getSenderAS2ID() + "_" + aSettings.getReceiverAS2ID());
// When a signed message is used, the algorithm for MIC and message must be
// identical
final ECryptoAlgorithmSign eSignAlgo = ECryptoAlgorithmSign.DIGEST_SHA1;
// Encryption is required for Mendelson
// CRYPT_AES256_GCM is not supported
// CRYPT_AES256_CBC is supported
// CRYPT_AES192_GCM is not supported
// CRYPT_AES192_CBC is supported
// CRYPT_AES128_GCM is not supported
// CRYPT_AES128_CBC is supported
// CRYPT_3DES is supported
final ECryptoAlgorithmCrypt eCryptAlgo = ECryptoAlgorithmCrypt.CRYPT_3DES;
final ECompressionType eCompress = ECompressionType.ZLIB;
final boolean bCompressBeforeSigning = true;
if (eSignAlgo != null)
aSettings.setMDNOptions(new DispositionOptions().setMICAlg(eSignAlgo).setMICAlgImportance(DispositionOptions.IMPORTANCE_REQUIRED).setProtocol(DispositionOptions.PROTOCOL_PKCS7_SIGNATURE).setProtocolImportance(DispositionOptions.IMPORTANCE_REQUIRED));
if (false)
aSettings.setMDNOptions("");
aSettings.setEncryptAndSign(eCryptAlgo, eSignAlgo);
aSettings.setCompress(eCompress, bCompressBeforeSigning);
aSettings.setMessageIDFormat("github-phax-as2-lib-$date.uuuuMMdd-HHmmssZ$-$rand.1234$@$msg.sender.as2_id$_$msg.receiver.as2_id$");
aSettings.setRetryCount(1);
aSettings.setConnectTimeoutMS(10_000);
aSettings.setReadTimeoutMS(10_000);
aSettings.setHttpOutgoingDumperFactory(aOutgoingDumperFactory);
// Build client request
final AS2ClientRequest aRequest = new AS2ClientRequest("AS2 test message from as2-lib");
if (false)
aRequest.setData(new File("src/test/resources/mendelson/testcontent.attachment"), StandardCharsets.ISO_8859_1);
else
aRequest.setData(new DataHandler(new FileDataSource(new File("src/test/resources/mendelson/testcontent.attachment"))));
aRequest.setContentType(CMimeType.TEXT_PLAIN.getAsString());
// "CTE" and "compress before sign" have impact on MIC matching
// EContentTransferEncoding._7BIT MIC is matched
// EContentTransferEncoding._8BIT MIC is matched
// EContentTransferEncoding.BINARY MIC is matched
// EContentTransferEncoding.QUOTED_PRINTABLE - not supported by Mendelson
// EContentTransferEncoding.BASE64 MIC is matched
aRequest.setContentTransferEncoding(EContentTransferEncoding.BASE64);
// Send message
final AS2ClientResponse aResponse = new AS2Client().setHttpProxy(aHttpProxy).sendSynchronous(aSettings, aRequest);
if (aResponse.hasException())
LOGGER.info(aResponse.getAsString());
LOGGER.info("Done");
}
Aggregations