Example 1 with JceKeyTransRecipientInfoGenerator
use of org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator in project serverless by bluenimble.
the class EncryptDocument method main.
public static void main(String[] args) throws IOException, CertificateException, UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException, CertStoreException, CMSException, NoSuchPaddingException, InvalidKeyException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
File f = new File("ToBeEncrypted.txt");
byte[] buffer = new byte[(int) f.length()];
DataInputStream in = new DataInputStream(new FileInputStream(f));
in.readFully(buffer);
in.close();
// Chiffrement du document
// La variable cert correspond au certificat du destinataire
// La cl� publique de ce certificat servira � chiffrer la cl� sym�trique
X509Certificate cert = ReadX509.read(new FileInputStream("files/test.cer"));
CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator();
RecipientInfoGenerator recipientGenerator = new JceKeyTransRecipientInfoGenerator(cert).setProvider("BC");
gen.addRecipientInfoGenerator(recipientGenerator);
// Choix de l'algorithme � cl� sym�trique pour chiffrer le document.
// AES est un standard. Vous pouvez donc l'utiliser sans crainte.
// Il faut savoir qu'en france la taille maximum autoris�e est de 128 bits pour les cl�s sym�triques (ou cl�s secr�tes)
OutputEncryptor outputEncryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build();
CMSEnvelopedData envData = gen.generate(new CMSProcessableByteArray(buffer), outputEncryptor);
byte[] pkcs7envelopedData = envData.getEncoded();
// Ecriture du document chiffr�
FileOutputStream envfos = new FileOutputStream("ToBeDecrypted.pk7");
envfos.write(pkcs7envelopedData);
envfos.close();
}
Also used :
CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData)
CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray)
CMSEnvelopedDataGenerator(org.bouncycastle.cms.CMSEnvelopedDataGenerator)
JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator)
RecipientInfoGenerator(org.bouncycastle.cms.RecipientInfoGenerator)
JceCMSContentEncryptorBuilder(org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder)
DataInputStream(java.io.DataInputStream)
FileInputStream(java.io.FileInputStream)
X509Certificate(java.security.cert.X509Certificate)
JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator)
FileOutputStream(java.io.FileOutputStream)
File(java.io.File)
OutputEncryptor(org.bouncycastle.operator.OutputEncryptor)
Example 2 with JceKeyTransRecipientInfoGenerator
use of org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator in project xipki by xipki.
the class PkiMessage method encrypt.
// method encode
private CMSEnvelopedData encrypt(X509Certificate recipient, ASN1ObjectIdentifier encAlgId) throws MessageEncodingException {
ScepUtil.requireNonNull("recipient", recipient);
ScepUtil.requireNonNull("encAlgId", encAlgId);
byte[] messageDataBytes;
try {
messageDataBytes = messageData.toASN1Primitive().getEncoded();
} catch (IOException ex) {
throw new MessageEncodingException(ex);
}
CMSEnvelopedDataGenerator edGenerator = new CMSEnvelopedDataGenerator();
CMSTypedData envelopable = new CMSProcessableByteArray(messageDataBytes);
RecipientInfoGenerator recipientGenerator;
try {
recipientGenerator = new JceKeyTransRecipientInfoGenerator(recipient);
} catch (CertificateEncodingException ex) {
throw new MessageEncodingException(ex);
}
edGenerator.addRecipientInfoGenerator(recipientGenerator);
try {
OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(encAlgId).build();
CMSEnvelopedData pkcsPkiEnvelope = edGenerator.generate(envelopable, encryptor);
return pkcsPkiEnvelope;
} catch (CMSException ex) {
throw new MessageEncodingException(ex);
}
}
Also used :
CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData)
CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray)
CMSEnvelopedDataGenerator(org.bouncycastle.cms.CMSEnvelopedDataGenerator)
JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator)
RecipientInfoGenerator(org.bouncycastle.cms.RecipientInfoGenerator)
CMSTypedData(org.bouncycastle.cms.CMSTypedData)
JceCMSContentEncryptorBuilder(org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
IOException(java.io.IOException)
MessageEncodingException(org.xipki.scep.exception.MessageEncodingException)
JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator)
OutputEncryptor(org.bouncycastle.operator.OutputEncryptor)
CMSException(org.bouncycastle.cms.CMSException)
Example 3 with JceKeyTransRecipientInfoGenerator
use of org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator in project tutorials by eugenp.
the class BouncyCastleCrypto method encryptData.
public static byte[] encryptData(final byte[] data, X509Certificate encryptionCertificate) throws CertificateEncodingException, CMSException, IOException {
byte[] encryptedData = null;
if (null != data && null != encryptionCertificate) {
CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
JceKeyTransRecipientInfoGenerator jceKey = new JceKeyTransRecipientInfoGenerator(encryptionCertificate);
cmsEnvelopedDataGenerator.addRecipientInfoGenerator(jceKey);
CMSTypedData msg = new CMSProcessableByteArray(data);
OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC").build();
CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(msg, encryptor);
encryptedData = cmsEnvelopedData.getEncoded();
}
return encryptedData;
}
Also used :
CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData)
JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator)
CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray)
CMSEnvelopedDataGenerator(org.bouncycastle.cms.CMSEnvelopedDataGenerator)
CMSTypedData(org.bouncycastle.cms.CMSTypedData)
JceCMSContentEncryptorBuilder(org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder)
OutputEncryptor(org.bouncycastle.operator.OutputEncryptor)
Aggregations
CMSEnvelopedData (org.bouncycastle.cms.CMSEnvelopedData)3
CMSEnvelopedDataGenerator (org.bouncycastle.cms.CMSEnvelopedDataGenerator)3
CMSProcessableByteArray (org.bouncycastle.cms.CMSProcessableByteArray)3
JceCMSContentEncryptorBuilder (org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder)3
JceKeyTransRecipientInfoGenerator (org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator)3
OutputEncryptor (org.bouncycastle.operator.OutputEncryptor)3
CMSTypedData (org.bouncycastle.cms.CMSTypedData)2
RecipientInfoGenerator (org.bouncycastle.cms.RecipientInfoGenerator)2
DataInputStream (java.io.DataInputStream)1
File (java.io.File)1
FileInputStream (java.io.FileInputStream)1
FileOutputStream (java.io.FileOutputStream)1
IOException (java.io.IOException)1
CertificateEncodingException (java.security.cert.CertificateEncodingException)1
X509Certificate (java.security.cert.X509Certificate)1
CMSException (org.bouncycastle.cms.CMSException)1
MessageEncodingException (org.xipki.scep.exception.MessageEncodingException)1
