Search in sources :

Example 1 with JceKeyTransRecipientInfoGenerator

use of org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator in project serverless by bluenimble.

the class EncryptDocument method main.

public static void main(String[] args) throws IOException, CertificateException, UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException, CertStoreException, CMSException, NoSuchPaddingException, InvalidKeyException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
    File f = new File("ToBeEncrypted.txt");
    byte[] buffer = new byte[(int) f.length()];
    DataInputStream in = new DataInputStream(new FileInputStream(f));
    in.readFully(buffer);
    in.close();
    // Chiffrement du document
    // La variable cert correspond au certificat du destinataire
    // La cl� publique de ce certificat servira � chiffrer la cl� sym�trique
    X509Certificate cert = ReadX509.read(new FileInputStream("files/test.cer"));
    CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator();
    RecipientInfoGenerator recipientGenerator = new JceKeyTransRecipientInfoGenerator(cert).setProvider("BC");
    gen.addRecipientInfoGenerator(recipientGenerator);
    // Choix de l'algorithme � cl� sym�trique pour chiffrer le document.
    // AES est un standard. Vous pouvez donc l'utiliser sans crainte.
    // Il faut savoir qu'en france la taille maximum autoris�e est de 128 bits pour les cl�s sym�triques (ou cl�s secr�tes)
    OutputEncryptor outputEncryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build();
    CMSEnvelopedData envData = gen.generate(new CMSProcessableByteArray(buffer), outputEncryptor);
    byte[] pkcs7envelopedData = envData.getEncoded();
    // Ecriture du document chiffr�
    FileOutputStream envfos = new FileOutputStream("ToBeDecrypted.pk7");
    envfos.write(pkcs7envelopedData);
    envfos.close();
}
Also used : CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData) CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray) CMSEnvelopedDataGenerator(org.bouncycastle.cms.CMSEnvelopedDataGenerator) JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator) RecipientInfoGenerator(org.bouncycastle.cms.RecipientInfoGenerator) JceCMSContentEncryptorBuilder(org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder) DataInputStream(java.io.DataInputStream) FileInputStream(java.io.FileInputStream) X509Certificate(java.security.cert.X509Certificate) JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator) FileOutputStream(java.io.FileOutputStream) File(java.io.File) OutputEncryptor(org.bouncycastle.operator.OutputEncryptor)

Example 2 with JceKeyTransRecipientInfoGenerator

use of org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator in project xipki by xipki.

the class PkiMessage method encrypt.

// method encode
private CMSEnvelopedData encrypt(X509Certificate recipient, ASN1ObjectIdentifier encAlgId) throws MessageEncodingException {
    ScepUtil.requireNonNull("recipient", recipient);
    ScepUtil.requireNonNull("encAlgId", encAlgId);
    byte[] messageDataBytes;
    try {
        messageDataBytes = messageData.toASN1Primitive().getEncoded();
    } catch (IOException ex) {
        throw new MessageEncodingException(ex);
    }
    CMSEnvelopedDataGenerator edGenerator = new CMSEnvelopedDataGenerator();
    CMSTypedData envelopable = new CMSProcessableByteArray(messageDataBytes);
    RecipientInfoGenerator recipientGenerator;
    try {
        recipientGenerator = new JceKeyTransRecipientInfoGenerator(recipient);
    } catch (CertificateEncodingException ex) {
        throw new MessageEncodingException(ex);
    }
    edGenerator.addRecipientInfoGenerator(recipientGenerator);
    try {
        OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(encAlgId).build();
        CMSEnvelopedData pkcsPkiEnvelope = edGenerator.generate(envelopable, encryptor);
        return pkcsPkiEnvelope;
    } catch (CMSException ex) {
        throw new MessageEncodingException(ex);
    }
}
Also used : CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData) CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray) CMSEnvelopedDataGenerator(org.bouncycastle.cms.CMSEnvelopedDataGenerator) JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator) RecipientInfoGenerator(org.bouncycastle.cms.RecipientInfoGenerator) CMSTypedData(org.bouncycastle.cms.CMSTypedData) JceCMSContentEncryptorBuilder(org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder) CertificateEncodingException(java.security.cert.CertificateEncodingException) IOException(java.io.IOException) MessageEncodingException(org.xipki.scep.exception.MessageEncodingException) JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator) OutputEncryptor(org.bouncycastle.operator.OutputEncryptor) CMSException(org.bouncycastle.cms.CMSException)

Example 3 with JceKeyTransRecipientInfoGenerator

use of org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator in project tutorials by eugenp.

the class BouncyCastleCrypto method encryptData.

public static byte[] encryptData(final byte[] data, X509Certificate encryptionCertificate) throws CertificateEncodingException, CMSException, IOException {
    byte[] encryptedData = null;
    if (null != data && null != encryptionCertificate) {
        CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
        JceKeyTransRecipientInfoGenerator jceKey = new JceKeyTransRecipientInfoGenerator(encryptionCertificate);
        cmsEnvelopedDataGenerator.addRecipientInfoGenerator(jceKey);
        CMSTypedData msg = new CMSProcessableByteArray(data);
        OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC").build();
        CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(msg, encryptor);
        encryptedData = cmsEnvelopedData.getEncoded();
    }
    return encryptedData;
}
Also used : CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData) JceKeyTransRecipientInfoGenerator(org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator) CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray) CMSEnvelopedDataGenerator(org.bouncycastle.cms.CMSEnvelopedDataGenerator) CMSTypedData(org.bouncycastle.cms.CMSTypedData) JceCMSContentEncryptorBuilder(org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder) OutputEncryptor(org.bouncycastle.operator.OutputEncryptor)

Aggregations

CMSEnvelopedData (org.bouncycastle.cms.CMSEnvelopedData)3 CMSEnvelopedDataGenerator (org.bouncycastle.cms.CMSEnvelopedDataGenerator)3 CMSProcessableByteArray (org.bouncycastle.cms.CMSProcessableByteArray)3 JceCMSContentEncryptorBuilder (org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder)3 JceKeyTransRecipientInfoGenerator (org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator)3 OutputEncryptor (org.bouncycastle.operator.OutputEncryptor)3 CMSTypedData (org.bouncycastle.cms.CMSTypedData)2 RecipientInfoGenerator (org.bouncycastle.cms.RecipientInfoGenerator)2 DataInputStream (java.io.DataInputStream)1 File (java.io.File)1 FileInputStream (java.io.FileInputStream)1 FileOutputStream (java.io.FileOutputStream)1 IOException (java.io.IOException)1 CertificateEncodingException (java.security.cert.CertificateEncodingException)1 X509Certificate (java.security.cert.X509Certificate)1 CMSException (org.bouncycastle.cms.CMSException)1 MessageEncodingException (org.xipki.scep.exception.MessageEncodingException)1