Examples with X509CertificateEx org.nhindirect.stagent.cert.X509CertificateEx used on opensource projects

Search in sources :

Example 46 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class LdapCertificateStoreTest method testLdapSearch_X509Certificate.

public void testLdapSearch_X509Certificate() throws Exception {
    addCertificatesToLdap(new String[] { "certs/bob.der" });
    int port = configuration.getLdapPort();
    String url = "ldap://localhost:" + port + "/" + "cn=lookupTest";
    LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(new String[] { url }, "", "email", "privKeyStore", "X509");
    LdapCertificateStoreProvider provider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, null);
    LDAPCertificateStore certificateResolver = (LDAPCertificateStore) provider.get();
    Collection<X509Certificate> certs = certificateResolver.getCertificates("gm2552@cerner.com");
    assertEquals(1, certs.size());
    X509Certificate cert = certs.iterator().next();
    assertFalse(cert instanceof X509CertificateEx);
    assertTrue(cert.getSubjectX500Principal().toString().contains("bob@nhind.hsgincubator.com"));
}
Also used : X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider) LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider) X509Certificate(java.security.cert.X509Certificate)

Example 47 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class LdapCertificateStoreTest method testLdapSearch_LdapProviderSupportsMultipleURLs.

public void testLdapSearch_LdapProviderSupportsMultipleURLs() throws Exception {
    addCertificatesToLdap(new String[] { "certs/bob.der" });
    int port = configuration.getLdapPort();
    String url = "ldap://localhost:" + port + "/" + "cn=lookupTest";
    port = port + 10;
    String fakeUrl = "ldap://localhost:" + port + "/" + "cn=lookupTest";
    LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(new String[] { fakeUrl, url }, "", "email", "privKeyStore", "X509");
    LdapCertificateStoreProvider provider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, null);
    LDAPCertificateStore certificateResolver = (LDAPCertificateStore) provider.get();
    Collection<X509Certificate> certs = certificateResolver.getCertificates("gm2552@cerner.com");
    assertEquals(1, certs.size());
    X509Certificate cert = certs.iterator().next();
    assertFalse(cert instanceof X509CertificateEx);
    assertTrue(cert.getSubjectX500Principal().toString().contains("bob@nhind.hsgincubator.com"));
}
Also used : X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider) LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider) X509Certificate(java.security.cert.X509Certificate)

Example 48 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class CryptographerTest method testEncryptAndDecryptMimeEntity_hsmDecryption.

private void testEncryptAndDecryptMimeEntity_hsmDecryption(EncryptionAlgorithm encAlg) throws Exception {
    OptionsManager.destroyInstance();
    CryptoExtensions.registerJCEProviders();
    try {
        final PKCS11Credential cred = new BootstrappedPKCS11Credential("1Kingpuff");
        final MutableKeyStoreProtectionManager mgr = new StaticPKCS11TokenKeyStoreProtectionManager(cred, "", "");
        final CacheableKeyStoreManagerCertificateStore store = new CacheableKeyStoreManagerCertificateStore(mgr);
        store.add(TestUtils.getInternalCert("user1"));
        X509Certificate cert = TestUtils.getExternalCert("user1");
        SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
        cryptographer.setRecipientInformationFactory(new SplitDirectRecipientInformationFactory(pkcs11ProviderName, ""));
        cryptographer.setEncryptionAlgorithm(encAlg);
        MimeEntity entity = new MimeEntity();
        entity.setText("Hello world.");
        entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
        entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
        MimeEntity encEntity = cryptographer.encrypt(entity, cert);
        assertNotNull(encEntity);
        // open up the pkcs11 store and find the private key
        KeyStore ks = KeyStore.getInstance("PKCS11");
        ks.load(null, "1Kingpuff".toCharArray());
        X509CertificateEx decryptCert = null;
        final Enumeration<String> aliases = ks.aliases();
        while (aliases.hasMoreElements()) {
            String alias = aliases.nextElement();
            Certificate pkcs11Cert = ks.getCertificate(alias);
            if (pkcs11Cert != null && pkcs11Cert instanceof X509Certificate) {
                // check if there is private key
                Key key = ks.getKey(alias, null);
                if (key != null && key instanceof PrivateKey && CryptoExtensions.certSubjectContainsName((X509Certificate) pkcs11Cert, "user1@cerner.com")) {
                    decryptCert = X509CertificateEx.fromX509Certificate((X509Certificate) pkcs11Cert, (PrivateKey) key);
                    break;
                }
            }
        }
        MimeEntity decryEntity = cryptographer.decrypt(encEntity, decryptCert);
        assertNotNull(decryEntity);
        byte[] decryEntityBytes = EntitySerializer.Default.serializeToBytes(decryEntity);
        byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
        assertTrue(Arrays.equals(decryEntityBytes, entityBytes));
    } finally {
        System.setProperty("org.nhindirect.stagent.cryptography.JCESensitiveProviderName", "");
        System.setProperty("org.nhindirect.stagent.cryptography.JCESensitiveProviderClassNames", "");
        OptionsManager.destroyInstance();
    }
}
Also used : PKCS11Credential(org.nhindirect.common.crypto.PKCS11Credential) BootstrappedPKCS11Credential(org.nhindirect.common.crypto.impl.BootstrappedPKCS11Credential) PrivateKey(java.security.PrivateKey) SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) SplitDirectRecipientInformationFactory(org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory) CacheableKeyStoreManagerCertificateStore(org.nhindirect.stagent.cert.impl.CacheableKeyStoreManagerCertificateStore) X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) MutableKeyStoreProtectionManager(org.nhindirect.common.crypto.MutableKeyStoreProtectionManager) StaticPKCS11TokenKeyStoreProtectionManager(org.nhindirect.common.crypto.impl.StaticPKCS11TokenKeyStoreProtectionManager) MimeEntity(org.nhindirect.stagent.mail.MimeEntity) BootstrappedPKCS11Credential(org.nhindirect.common.crypto.impl.BootstrappedPKCS11Credential) Key(java.security.Key) PrivateKey(java.security.PrivateKey) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 49 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class CryptographerTest method testSignMimeEntity_SHA256Digest_forceStrongDigest_assertValidation.

public void testSignMimeEntity_SHA256Digest_forceStrongDigest_assertValidation() throws Exception {
    X509CertificateEx certex = TestUtils.getInternalCert("user1");
    SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
    cryptographer.setDigestAlgorithm(DigestAlgorithm.SHA256);
    MimeEntity entity = new MimeEntity();
    entity.setText("Hello world.");
    entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
    entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
    SignedEntity signedEnt = cryptographer.sign(entity, certex);
    assertNotNull(signedEnt);
    byte[] signedEntityBytes = EntitySerializer.Default.serializeToBytes(signedEnt.getContent());
    byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
    assertTrue(Arrays.equals(signedEntityBytes, entityBytes));
    assertNotNull(signedEnt.getSignature());
    X509Certificate cert = TestUtils.getExternalCert("user1");
    cryptographer.checkSignature(signedEnt, cert, new ArrayList<X509Certificate>());
}
Also used : X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl) MimeEntity(org.nhindirect.stagent.mail.MimeEntity) SignedEntity(org.nhindirect.stagent.cryptography.SignedEntity) X509Certificate(java.security.cert.X509Certificate)

Example 50 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class CryptographerTest method testEncryptAndSignMimeEntity.

public void testEncryptAndSignMimeEntity() throws Exception {
    X509Certificate cert = TestUtils.getInternalCACert("user1");
    SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
    MimeEntity entity = new MimeEntity();
    entity.setText("Hello world.");
    entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
    entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
    MimeEntity encEntity = cryptographer.encrypt(entity, cert);
    assertNotNull(encEntity);
    X509CertificateEx certex = TestUtils.getInternalCert("user1");
    SignedEntity signedEnt = cryptographer.sign(entity, certex);
    assertNotNull(signedEnt);
    cryptographer.checkSignature(signedEnt, cert, new ArrayList<X509Certificate>());
}
Also used : SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl) X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) MimeEntity(org.nhindirect.stagent.mail.MimeEntity) SignedEntity(org.nhindirect.stagent.cryptography.SignedEntity) X509Certificate(java.security.cert.X509Certificate)

Aggregations

X509CertificateEx (org.nhindirect.stagent.cert.X509CertificateEx)51 X509Certificate (java.security.cert.X509Certificate)39 MimeEntity (org.nhindirect.stagent.mail.MimeEntity)18 SMIMECryptographerImpl (org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)13 IOException (java.io.IOException)11 KeyStore (java.security.KeyStore)11 NHINDException (org.nhindirect.stagent.NHINDException)9 ByteArrayInputStream (java.io.ByteArrayInputStream)6 ByteArrayOutputStream (java.io.ByteArrayOutputStream)6 Key (java.security.Key)6 PrivateKey (java.security.PrivateKey)6 File (java.io.File)5 Certificate (java.security.cert.Certificate)5 MimeMultipart (javax.mail.internet.MimeMultipart)5 SMIMEEnveloped (org.bouncycastle.mail.smime.SMIMEEnveloped)5 LdapCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)5 SignedEntity (org.nhindirect.stagent.cryptography.SignedEntity)5 ArrayList (java.util.ArrayList)4 MessagingException (javax.mail.MessagingException)4 RecipientInformation (org.bouncycastle.cms.RecipientInformation)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial