Search in sources :

Example 1 with SMIMEEnvelopedParser

use of org.bouncycastle.mail.smime.SMIMEEnvelopedParser in project as2-lib by phax.

the class BCCryptoHelper method decrypt.

@Nonnull
public MimeBodyPart decrypt(@Nonnull final MimeBodyPart aPart, @Nonnull final X509Certificate aX509Cert, @Nonnull final PrivateKey aPrivateKey, final boolean bForceDecrypt, @Nonnull final AS2ResourceHelper aResHelper) throws GeneralSecurityException, MessagingException, CMSException, SMIMEException, IOException {
    ValueEnforcer.notNull(aPart, "MimeBodyPart");
    ValueEnforcer.notNull(aX509Cert, "X509Cert");
    ValueEnforcer.notNull(aPrivateKey, "PrivateKey");
    ValueEnforcer.notNull(aResHelper, "ResHelper");
    if (LOGGER.isDebugEnabled())
        LOGGER.debug("BCCryptoHelper.decrypt; X509 subject=" + aX509Cert.getSubjectX500Principal().getName() + "; forceDecrypt=" + bForceDecrypt);
    // Make sure the data is encrypted
    if (!bForceDecrypt && !isEncrypted(aPart))
        throw new GeneralSecurityException("Content-Type '" + aPart.getContentType() + "' indicates data isn't encrypted");
    // Get the recipient object for decryption
    final RecipientId aRecipientID = new JceKeyTransRecipientId(aX509Cert);
    // Parse the MIME body into an SMIME envelope object
    RecipientInformation aRecipient = null;
    try {
        final SMIMEEnvelopedParser aEnvelope = new SMIMEEnvelopedParser(aPart);
        aRecipient = aEnvelope.getRecipientInfos().get(aRecipientID);
    } catch (final Exception ex) {
        LOGGER.error("Error retrieving RecipientInformation", ex);
    }
    if (aRecipient == null)
        throw new GeneralSecurityException("Certificate does not match part signature");
    // try to decrypt the data
    // Custom file: see #103
    final FileBackedMimeBodyPart aDecryptedDataBodyPart = SMIMEUtil.toMimeBodyPart(aRecipient.getContentStream(new JceKeyTransEnvelopedRecipient(aPrivateKey).setProvider(m_sSecurityProviderName)), aResHelper.createTempFile());
    if (DUMP_DECRYPTED_DIR_PATH != null) {
        // dump decrypted
        try (final NonBlockingByteArrayOutputStream aBAOS = new NonBlockingByteArrayOutputStream(aDecryptedDataBodyPart.getSize())) {
            aDecryptedDataBodyPart.writeTo(aBAOS);
            _dumpDecrypted(aBAOS.toByteArray());
        }
    }
    return aDecryptedDataBodyPart;
}
Also used : RecipientInformation(org.bouncycastle.cms.RecipientInformation) FileBackedMimeBodyPart(org.bouncycastle.mail.smime.util.FileBackedMimeBodyPart) JceKeyTransRecipientId(org.bouncycastle.cms.jcajce.JceKeyTransRecipientId) RecipientId(org.bouncycastle.cms.RecipientId) SMIMEEnvelopedParser(org.bouncycastle.mail.smime.SMIMEEnvelopedParser) GeneralSecurityException(java.security.GeneralSecurityException) JceKeyTransRecipientId(org.bouncycastle.cms.jcajce.JceKeyTransRecipientId) NonBlockingByteArrayOutputStream(com.helger.commons.io.stream.NonBlockingByteArrayOutputStream) JceKeyTransEnvelopedRecipient(org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) MessagingException(javax.mail.MessagingException) GeneralSecurityException(java.security.GeneralSecurityException) SignatureException(java.security.SignatureException) CMSException(org.bouncycastle.cms.CMSException) AS2Exception(com.helger.as2lib.exception.AS2Exception) IOException(java.io.IOException) SMIMEException(org.bouncycastle.mail.smime.SMIMEException) Nonnull(javax.annotation.Nonnull)

Aggregations

AS2Exception (com.helger.as2lib.exception.AS2Exception)1 NonBlockingByteArrayOutputStream (com.helger.commons.io.stream.NonBlockingByteArrayOutputStream)1 IOException (java.io.IOException)1 GeneralSecurityException (java.security.GeneralSecurityException)1 SignatureException (java.security.SignatureException)1 Nonnull (javax.annotation.Nonnull)1 MessagingException (javax.mail.MessagingException)1 CMSException (org.bouncycastle.cms.CMSException)1 RecipientId (org.bouncycastle.cms.RecipientId)1 RecipientInformation (org.bouncycastle.cms.RecipientInformation)1 JceKeyTransEnvelopedRecipient (org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient)1 JceKeyTransRecipientId (org.bouncycastle.cms.jcajce.JceKeyTransRecipientId)1 SMIMEEnvelopedParser (org.bouncycastle.mail.smime.SMIMEEnvelopedParser)1 SMIMEException (org.bouncycastle.mail.smime.SMIMEException)1 FileBackedMimeBodyPart (org.bouncycastle.mail.smime.util.FileBackedMimeBodyPart)1 OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)1