use of org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator in project serverless by bluenimble.
the class EncryptDocument method main.
public static void main(String[] args) throws IOException, CertificateException, UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException, CertStoreException, CMSException, NoSuchPaddingException, InvalidKeyException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
File f = new File("ToBeEncrypted.txt");
byte[] buffer = new byte[(int) f.length()];
DataInputStream in = new DataInputStream(new FileInputStream(f));
in.readFully(buffer);
in.close();
// Chiffrement du document
// La variable cert correspond au certificat du destinataire
// La cl� publique de ce certificat servira � chiffrer la cl� sym�trique
X509Certificate cert = ReadX509.read(new FileInputStream("files/test.cer"));
CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator();
RecipientInfoGenerator recipientGenerator = new JceKeyTransRecipientInfoGenerator(cert).setProvider("BC");
gen.addRecipientInfoGenerator(recipientGenerator);
// Choix de l'algorithme � cl� sym�trique pour chiffrer le document.
// AES est un standard. Vous pouvez donc l'utiliser sans crainte.
// Il faut savoir qu'en france la taille maximum autoris�e est de 128 bits pour les cl�s sym�triques (ou cl�s secr�tes)
OutputEncryptor outputEncryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build();
CMSEnvelopedData envData = gen.generate(new CMSProcessableByteArray(buffer), outputEncryptor);
byte[] pkcs7envelopedData = envData.getEncoded();
// Ecriture du document chiffr�
FileOutputStream envfos = new FileOutputStream("ToBeDecrypted.pk7");
envfos.write(pkcs7envelopedData);
envfos.close();
}
use of org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator in project xipki by xipki.
the class PkiMessage method encrypt.
// method encode
private CMSEnvelopedData encrypt(X509Certificate recipient, ASN1ObjectIdentifier encAlgId) throws MessageEncodingException {
ScepUtil.requireNonNull("recipient", recipient);
ScepUtil.requireNonNull("encAlgId", encAlgId);
byte[] messageDataBytes;
try {
messageDataBytes = messageData.toASN1Primitive().getEncoded();
} catch (IOException ex) {
throw new MessageEncodingException(ex);
}
CMSEnvelopedDataGenerator edGenerator = new CMSEnvelopedDataGenerator();
CMSTypedData envelopable = new CMSProcessableByteArray(messageDataBytes);
RecipientInfoGenerator recipientGenerator;
try {
recipientGenerator = new JceKeyTransRecipientInfoGenerator(recipient);
} catch (CertificateEncodingException ex) {
throw new MessageEncodingException(ex);
}
edGenerator.addRecipientInfoGenerator(recipientGenerator);
try {
OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(encAlgId).build();
CMSEnvelopedData pkcsPkiEnvelope = edGenerator.generate(envelopable, encryptor);
return pkcsPkiEnvelope;
} catch (CMSException ex) {
throw new MessageEncodingException(ex);
}
}
use of org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator in project tutorials by eugenp.
the class BouncyCastleCrypto method encryptData.
public static byte[] encryptData(final byte[] data, X509Certificate encryptionCertificate) throws CertificateEncodingException, CMSException, IOException {
byte[] encryptedData = null;
if (null != data && null != encryptionCertificate) {
CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
JceKeyTransRecipientInfoGenerator jceKey = new JceKeyTransRecipientInfoGenerator(encryptionCertificate);
cmsEnvelopedDataGenerator.addRecipientInfoGenerator(jceKey);
CMSTypedData msg = new CMSProcessableByteArray(data);
OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC").build();
CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(msg, encryptor);
encryptedData = cmsEnvelopedData.getEncoded();
}
return encryptedData;
}
Aggregations