Example 6 with SMIMEEnveloped
use of org.bouncycastle.mail.smime.SMIMEEnveloped in project nhin-d by DirectProject.
the class SplitDirectRecipientInformation_getDecryptedContentTest method createSMIMEEnv.
protected SMIMEEnveloped createSMIMEEnv(X509Certificate cert) throws Exception {
// get the cert
if (cert == null)
encCert = TestUtils.getInternalCert("user1");
else
encCert = cert;
// create an encrypted message
final MimeEntity entity = new MimeEntity();
entity.setText("Hello world.");
entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
final SMIMECryptographerImpl encryptor = new SMIMECryptographerImpl();
return new SMIMEEnveloped(encryptor.encrypt(entity, Arrays.asList(encCert)));
}
Also used :
SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)
MimeEntity(org.nhindirect.stagent.mail.MimeEntity)
SMIMEEnveloped(org.bouncycastle.mail.smime.SMIMEEnveloped)
Example 7 with SMIMEEnveloped
use of org.bouncycastle.mail.smime.SMIMEEnveloped in project nhin-d by DirectProject.
the class SplitDirectRecipientInformation_getDecryptedContentTest method testGetDecryptedContent_sameDefaultEncAndKeyEncProvider_assertDecrypted.
public void testGetDecryptedContent_sameDefaultEncAndKeyEncProvider_assertDecrypted() throws Exception {
final SMIMEEnveloped env = createSMIMEEnv();
final RecipientInformation recipient = (RecipientInformation) env.getRecipientInfos().getRecipients().iterator().next();
final SplitDirectRecipientInformationFactory factory = new SplitDirectRecipientInformationFactory();
final SplitDirectRecipientInformation recInfo = (SplitDirectRecipientInformation) factory.createInstance(recipient, env);
// this will be non-null if it works correctly
assertNotNull(recInfo.getDecryptedContent(((X509CertificateEx) encCert).getPrivateKey()));
}
Also used :
RecipientInformation(org.bouncycastle.cms.RecipientInformation)
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
SMIMEEnveloped(org.bouncycastle.mail.smime.SMIMEEnveloped)
Example 8 with SMIMEEnveloped
use of org.bouncycastle.mail.smime.SMIMEEnveloped in project nhin-d by DirectProject.
the class SplitDirectRecipientInformation_getDecryptedContentTest method testGetDecryptedContent_safeNetHSMKeyEncProvider_differntEncCert_assertNotDecrypted.
public void testGetDecryptedContent_safeNetHSMKeyEncProvider_differntEncCert_assertNotDecrypted() throws Exception {
/**
* This test is only run if a specific SafeNet eToken Pro HSM is connected to the testing
* system. This can be modified for another specific machine and/or token.
*/
pkcs11ProvName = TestUtils.setupSafeNetToken();
if (!StringUtils.isEmpty(pkcs11ProvName)) {
// get a certificate from the key store
final KeyStore ks = KeyStore.getInstance("PKCS11");
ks.load(null, "1Kingpuff".toCharArray());
// get the decryption cert
X509CertificateEx decryptCert = null;
final Enumeration<String> aliases = ks.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
Certificate pkcs11Cert = ks.getCertificate(alias);
if (pkcs11Cert != null && pkcs11Cert instanceof X509Certificate) {
// check if there is private key
Key key = ks.getKey(alias, null);
if (key != null && key instanceof PrivateKey && CryptoExtensions.certSubjectContainsName((X509Certificate) pkcs11Cert, "user1@cerner.com")) {
decryptCert = X509CertificateEx.fromX509Certificate((X509Certificate) pkcs11Cert, (PrivateKey) key);
break;
}
}
}
encCert = TestUtils.getInternalCert("gm2552");
final SMIMEEnveloped env = createSMIMEEnv(encCert);
final RecipientInformation recipient = (RecipientInformation) env.getRecipientInfos().getRecipients().iterator().next();
final SplitDirectRecipientInformationFactory factory = new SplitDirectRecipientInformationFactory(pkcs11ProvName, "BC");
final SplitDirectRecipientInformation recInfo = (SplitDirectRecipientInformation) factory.createInstance(recipient, env);
boolean exceptionOccured = false;
try {
recInfo.getDecryptedContent(decryptCert.getPrivateKey());
} catch (Exception e) {
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
}
Also used :
PrivateKey(java.security.PrivateKey)
KeyStore(java.security.KeyStore)
SMIMEEnveloped(org.bouncycastle.mail.smime.SMIMEEnveloped)
X509Certificate(java.security.cert.X509Certificate)
RecipientInformation(org.bouncycastle.cms.RecipientInformation)
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 9 with SMIMEEnveloped
use of org.bouncycastle.mail.smime.SMIMEEnveloped in project nhin-d by DirectProject.
the class SplitDirectRecipientInformation_getDecryptedContentTest method testGetDecryptedContent_differentEncAndKeyEncProvider_assertDecrypted.
public void testGetDecryptedContent_differentEncAndKeyEncProvider_assertDecrypted() throws Exception {
final SMIMEEnveloped env = createSMIMEEnv();
final RecipientInformation recipient = (RecipientInformation) env.getRecipientInfos().getRecipients().iterator().next();
final SplitDirectRecipientInformationFactory factory = new SplitDirectRecipientInformationFactory("SunJCE", "BC");
final SplitDirectRecipientInformation recInfo = (SplitDirectRecipientInformation) factory.createInstance(recipient, env);
// this will be non-null if it works correctly
assertNotNull(recInfo.getDecryptedContent(((X509CertificateEx) encCert).getPrivateKey()));
}
Also used :
RecipientInformation(org.bouncycastle.cms.RecipientInformation)
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
SMIMEEnveloped(org.bouncycastle.mail.smime.SMIMEEnveloped)
Example 10 with SMIMEEnveloped
use of org.bouncycastle.mail.smime.SMIMEEnveloped in project nhin-d by DirectProject.
the class SplitDirectRecipientInformation_getDecryptedContentTest method testGetDecryptedContent_safeNetHSMKeyEncProvider_assertDecrypted.
public void testGetDecryptedContent_safeNetHSMKeyEncProvider_assertDecrypted() throws Exception {
/**
* This test is only run if a specific SafeNet eToken Pro HSM is connected to the testing
* system. This can be modified for another specific machine and/or token.
*/
pkcs11ProvName = TestUtils.setupSafeNetToken();
if (!StringUtils.isEmpty(pkcs11ProvName)) {
final PKCS11Credential cred = new BootstrappedPKCS11Credential("1Kingpuff");
final MutableKeyStoreProtectionManager mgr = new StaticPKCS11TokenKeyStoreProtectionManager(cred, "", "");
final CacheableKeyStoreManagerCertificateStore store = new CacheableKeyStoreManagerCertificateStore(mgr);
store.add(TestUtils.getInternalCert("user1"));
// get a certificate from the key store
final KeyStore ks = KeyStore.getInstance("PKCS11");
ks.load(null, "1Kingpuff".toCharArray());
// get the decryption cert
X509CertificateEx decryptCert = null;
final Enumeration<String> aliases = ks.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
Certificate pkcs11Cert = ks.getCertificate(alias);
if (pkcs11Cert != null && pkcs11Cert instanceof X509Certificate) {
// check if there is private key
Key key = ks.getKey(alias, null);
if (key != null && key instanceof PrivateKey && CryptoExtensions.certSubjectContainsName((X509Certificate) pkcs11Cert, "user1@cerner.com")) {
decryptCert = X509CertificateEx.fromX509Certificate((X509Certificate) pkcs11Cert, (PrivateKey) key);
break;
}
}
}
final SMIMEEnveloped env = createSMIMEEnv();
final RecipientInformation recipient = (RecipientInformation) env.getRecipientInfos().getRecipients().iterator().next();
final SplitDirectRecipientInformationFactory factory = new SplitDirectRecipientInformationFactory(pkcs11ProvName, "BC");
final SplitDirectRecipientInformation recInfo = (SplitDirectRecipientInformation) factory.createInstance(recipient, env);
// this will be non-null if it works correctly
assertNotNull(recInfo.getDecryptedContent(decryptCert.getPrivateKey()));
}
}
Also used :
PKCS11Credential(org.nhindirect.common.crypto.PKCS11Credential)
BootstrappedPKCS11Credential(org.nhindirect.common.crypto.impl.BootstrappedPKCS11Credential)
PrivateKey(java.security.PrivateKey)
KeyStore(java.security.KeyStore)
SMIMEEnveloped(org.bouncycastle.mail.smime.SMIMEEnveloped)
X509Certificate(java.security.cert.X509Certificate)
CacheableKeyStoreManagerCertificateStore(org.nhindirect.stagent.cert.impl.CacheableKeyStoreManagerCertificateStore)
RecipientInformation(org.bouncycastle.cms.RecipientInformation)
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
MutableKeyStoreProtectionManager(org.nhindirect.common.crypto.MutableKeyStoreProtectionManager)
StaticPKCS11TokenKeyStoreProtectionManager(org.nhindirect.common.crypto.impl.StaticPKCS11TokenKeyStoreProtectionManager)
BootstrappedPKCS11Credential(org.nhindirect.common.crypto.impl.BootstrappedPKCS11Credential)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Aggregations
SMIMEEnveloped (org.bouncycastle.mail.smime.SMIMEEnveloped)16
RecipientInformation (org.bouncycastle.cms.RecipientInformation)9
X509Certificate (java.security.cert.X509Certificate)5
X509CertificateEx (org.nhindirect.stagent.cert.X509CertificateEx)5
MimeEntity (org.nhindirect.stagent.mail.MimeEntity)5
SMIMECryptographerImpl (org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)4
KeyStore (java.security.KeyStore)3
PrivateKey (java.security.PrivateKey)3
File (java.io.File)2
InputStream (java.io.InputStream)2
Key (java.security.Key)2
Certificate (java.security.cert.Certificate)2
RecipientId (org.bouncycastle.cms.RecipientId)2
RecipientInformationStore (org.bouncycastle.cms.RecipientInformationStore)2
DirectRecipientInformation (org.nhindirect.stagent.cryptography.activekeyops.DirectRecipientInformation)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
IOException (java.io.IOException)1
MessagingException (javax.mail.MessagingException)1
MimeBodyPart (javax.mail.internet.MimeBodyPart)1
MimeMessage (javax.mail.internet.MimeMessage)1
