Example 1 with JceKeyTransRecipient
use of org.bouncycastle.cms.jcajce.JceKeyTransRecipient in project ats-framework by Axway.
the class SMimePackageEncryptor method decrypt.
@PublicAtsApi
public Package decrypt(Package sourcePackage) throws ActionException {
// for connection management to IMAP store
boolean storeReconnected = false;
if (sourcePackage instanceof MimePackage) {
try {
storeReconnected = ((MimePackage) sourcePackage).reconnectStoreIfClosed();
} catch (MessagingException ex) {
throw new ActionException("Could not reopen IMAP connection", ex);
}
}
try {
KeyStore ks = getKeystore();
RecipientId recId = new JceKeyTransRecipientId((X509Certificate) ks.getCertificate(aliasOrCN));
MimeMessage msg = getMimeMessage(sourcePackage);
SMIMEEnveloped m = new SMIMEEnveloped(msg);
RecipientInformationStore recipients = m.getRecipientInfos();
RecipientInformation recipient = recipients.get(recId);
PrivateKey privateKey = (PrivateKey) ks.getKey(aliasOrCN, certPassword.toCharArray());
JceKeyTransRecipient jceKey = new JceKeyTransEnvelopedRecipient(privateKey).setProvider(BouncyCastleProvider.PROVIDER_NAME);
MimeBodyPart result = null;
try {
result = SMIMEUtil.toMimeBodyPart(recipient.getContent(jceKey));
if (LOG.isDebugEnabled()) {
LOG.debug("Successfully decrypted message with subject '" + msg.getSubject() + "' with private key alias: " + aliasOrCN);
}
} catch (SMIMEException e) {
if (LOG.isDebugEnabled()) {
LOG.debug("Could not decrypt message with subject '" + sourcePackage.getSubject() + "' with private key alias '" + aliasOrCN + "'", e);
}
}
SMIMESigned signedMessage = null;
MimeMessage decryptedMsg = new MimeMessage(Session.getInstance(new Properties()));
if (result != null) {
Object content = result.getContent();
Enumeration<?> hLineEnum = msg.getAllHeaderLines();
while (hLineEnum.hasMoreElements()) {
decryptedMsg.addHeaderLine((String) hLineEnum.nextElement());
}
decryptedMsg.setContent(content, result.getContentType());
// in order getPlainTextBody getHtmlTextBody to work as they do not work with attachments
decryptedMsg.removeHeader("Content-Disposition");
// check if the message is signed
try {
if (content instanceof MimeMultipart) {
MimeMultipart multipartContent = (MimeMultipart) content;
if (multipartContent.getContentType() != null && multipartContent.getContentType().toLowerCase().contains(CONTENT_TYPE_MULTIPART_SIGNED)) {
signedMessage = new SMIMESigned(multipartContent);
}
} else if (content instanceof SMIMESigned) {
signedMessage = (SMIMESigned) content;
} else if (content instanceof BASE64DecoderStream) {
// com.sun.mail.util.BASE64DecoderStream - JavaMail API dependency. Seems still available
// in JavaMail 2.0 so not an issue if using other non-Oracle/OpenJDK JVMs
// will throw exception if not signed
signedMessage = new SMIMESigned(decryptedMsg);
}
} catch (Exception e) {
// the message is not signed
// log.debug( "Could not construct signed message instance", e );
}
}
if (signedMessage != null) {
// remove signature from the message
decryptedMsg.setContent(signedMessage.getContent().getContent(), signedMessage.getContent().getContentType());
MimePackage mimePackage = new MimePackage(decryptedMsg);
// keep the SMIMESigned message for further signature verification
mimePackage.setSMIMESignedMessage(signedMessage);
return mimePackage;
}
return new MimePackage(decryptedMsg);
} catch (Exception e) {
throw new ActionException(DECRYPTION_EXCEPTION, e);
} finally {
if (storeReconnected) {
// and sourcePackage should be instanceof MimePackage
try {
((MimePackage) sourcePackage).closeStoreConnection(true);
} catch (MessagingException ex) {
// do not hide possible exception thrown in catch block
LOG.debug(ex);
}
}
}
}
Also used :
JceKeyTransRecipient(org.bouncycastle.cms.jcajce.JceKeyTransRecipient)
SMIMESigned(org.bouncycastle.mail.smime.SMIMESigned)
JceKeyTransRecipientId(org.bouncycastle.cms.jcajce.JceKeyTransRecipientId)
RecipientId(org.bouncycastle.cms.RecipientId)
PrivateKey(java.security.PrivateKey)
MessagingException(javax.mail.MessagingException)
BASE64DecoderStream(com.sun.mail.util.BASE64DecoderStream)
JceKeyTransRecipientId(org.bouncycastle.cms.jcajce.JceKeyTransRecipientId)
ActionException(com.axway.ats.action.model.ActionException)
JceKeyTransEnvelopedRecipient(org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient)
Properties(java.util.Properties)
KeyStore(java.security.KeyStore)
SMIMEEnveloped(org.bouncycastle.mail.smime.SMIMEEnveloped)
MessagingException(javax.mail.MessagingException)
ActionException(com.axway.ats.action.model.ActionException)
SMIMEException(org.bouncycastle.mail.smime.SMIMEException)
MimePackage(com.axway.ats.action.objects.MimePackage)
RecipientInformation(org.bouncycastle.cms.RecipientInformation)
MimeMessage(javax.mail.internet.MimeMessage)
MimeMultipart(javax.mail.internet.MimeMultipart)
RecipientInformationStore(org.bouncycastle.cms.RecipientInformationStore)
SMIMEException(org.bouncycastle.mail.smime.SMIMEException)
MimeBodyPart(javax.mail.internet.MimeBodyPart)
PublicAtsApi(com.axway.ats.common.PublicAtsApi)
Example 2 with JceKeyTransRecipient
use of org.bouncycastle.cms.jcajce.JceKeyTransRecipient in project tutorials by eugenp.
the class BouncyCastleCrypto method decryptData.
public static byte[] decryptData(final byte[] encryptedData, final PrivateKey decryptionKey) throws CMSException {
byte[] decryptedData = null;
if (null != encryptedData && null != decryptionKey) {
CMSEnvelopedData envelopedData = new CMSEnvelopedData(encryptedData);
Collection<RecipientInformation> recip = envelopedData.getRecipientInfos().getRecipients();
KeyTransRecipientInformation recipientInfo = (KeyTransRecipientInformation) recip.iterator().next();
JceKeyTransRecipient recipient = new JceKeyTransEnvelopedRecipient(decryptionKey);
decryptedData = recipientInfo.getContent(recipient);
}
return decryptedData;
}
Also used :
JceKeyTransRecipient(org.bouncycastle.cms.jcajce.JceKeyTransRecipient)
CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData)
KeyTransRecipientInformation(org.bouncycastle.cms.KeyTransRecipientInformation)
RecipientInformation(org.bouncycastle.cms.RecipientInformation)
KeyTransRecipientInformation(org.bouncycastle.cms.KeyTransRecipientInformation)
JceKeyTransEnvelopedRecipient(org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient)
Aggregations
RecipientInformation (org.bouncycastle.cms.RecipientInformation)2
JceKeyTransEnvelopedRecipient (org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient)2
JceKeyTransRecipient (org.bouncycastle.cms.jcajce.JceKeyTransRecipient)2
ActionException (com.axway.ats.action.model.ActionException)1
MimePackage (com.axway.ats.action.objects.MimePackage)1
PublicAtsApi (com.axway.ats.common.PublicAtsApi)1
BASE64DecoderStream (com.sun.mail.util.BASE64DecoderStream)1
KeyStore (java.security.KeyStore)1
PrivateKey (java.security.PrivateKey)1
Properties (java.util.Properties)1
MessagingException (javax.mail.MessagingException)1
MimeBodyPart (javax.mail.internet.MimeBodyPart)1
MimeMessage (javax.mail.internet.MimeMessage)1
MimeMultipart (javax.mail.internet.MimeMultipart)1
CMSEnvelopedData (org.bouncycastle.cms.CMSEnvelopedData)1
KeyTransRecipientInformation (org.bouncycastle.cms.KeyTransRecipientInformation)1
RecipientId (org.bouncycastle.cms.RecipientId)1
RecipientInformationStore (org.bouncycastle.cms.RecipientInformationStore)1
JceKeyTransRecipientId (org.bouncycastle.cms.jcajce.JceKeyTransRecipientId)1
SMIMEEnveloped (org.bouncycastle.mail.smime.SMIMEEnveloped)1
