Search in sources :

Example 1 with RecipientIdentifier

use of org.bouncycastle.asn1.cms.RecipientIdentifier in project pdfbox by apache.

the class PublicKeySecurityHandler method computeRecipientInfo.

private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0) throws IOException, CertificateEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
    TBSCertificate certificate;
    try (ASN1InputStream input = new ASN1InputStream(x509certificate.getTBSCertificate())) {
        certificate = TBSCertificate.getInstance(input.readObject());
    }
    AlgorithmIdentifier algorithmId = certificate.getSubjectPublicKeyInfo().getAlgorithm();
    IssuerAndSerialNumber serial = new IssuerAndSerialNumber(certificate.getIssuer(), certificate.getSerialNumber().getValue());
    Cipher cipher;
    try {
        cipher = Cipher.getInstance(algorithmId.getAlgorithm().getId(), SecurityProvider.getProvider());
    } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
        // should never happen, if this happens throw IOException instead
        throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
    }
    cipher.init(1, x509certificate.getPublicKey());
    DEROctetString octets = new DEROctetString(cipher.doFinal(abyte0));
    RecipientIdentifier recipientId = new RecipientIdentifier(serial);
    return new KeyTransRecipientInfo(recipientId, algorithmId, octets);
}
Also used : IssuerAndSerialNumber(org.bouncycastle.asn1.cms.IssuerAndSerialNumber) ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) Cipher(javax.crypto.Cipher) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) RecipientIdentifier(org.bouncycastle.asn1.cms.RecipientIdentifier) TBSCertificate(org.bouncycastle.asn1.x509.TBSCertificate) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Aggregations

NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 Cipher (javax.crypto.Cipher)1 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)1 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)1 DEROctetString (org.bouncycastle.asn1.DEROctetString)1 IssuerAndSerialNumber (org.bouncycastle.asn1.cms.IssuerAndSerialNumber)1 KeyTransRecipientInfo (org.bouncycastle.asn1.cms.KeyTransRecipientInfo)1 RecipientIdentifier (org.bouncycastle.asn1.cms.RecipientIdentifier)1 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)1 TBSCertificate (org.bouncycastle.asn1.x509.TBSCertificate)1