Examples with X509CertificateEx org.nhindirect.stagent.cert.X509CertificateEx used on opensource projects

Search in sources :

Example 36 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class CryptographerTest method testEncryptAndDecryptMimeEntity_sensitiveDataInPKCS11.

private void testEncryptAndDecryptMimeEntity_sensitiveDataInPKCS11(EncryptionAlgorithm encAlg) throws Exception {
    OptionsManager.destroyInstance();
    System.setProperty("org.nhindirect.stagent.cryptography.JCESensitiveProviderName", "SunPKCS11-SafeNeteTokenPro");
    System.setProperty("org.nhindirect.stagent.cryptography.JCESensitiveProviderClassNames", "sun.security.pkcs11.SunPKCS11;./src/test/resources/pkcs11Config/pkcs11.cfg");
    CryptoExtensions.registerJCEProviders();
    try {
        X509Certificate cert = TestUtils.getExternalCert("user1");
        SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
        cryptographer.setEncryptionAlgorithm(encAlg);
        MimeEntity entity = new MimeEntity();
        entity.setText("Hello world.");
        entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
        entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
        MimeEntity encEntity = cryptographer.encrypt(entity, cert);
        assertNotNull(encEntity);
        X509CertificateEx certex = TestUtils.getInternalCert("user1");
        // open up the pkcs11 store and find the private key
        KeyStore ks = KeyStore.getInstance("PKCS11");
        ks.load(null, "1Kingpuff".toCharArray());
        X509CertificateEx decryptCert = null;
        final Enumeration<String> aliases = ks.aliases();
        while (aliases.hasMoreElements()) {
            String alias = aliases.nextElement();
            Certificate pkcs11Cert = ks.getCertificate(alias);
            if (pkcs11Cert != null && pkcs11Cert instanceof X509Certificate) {
                // check if there is private key
                Key key = ks.getKey(alias, null);
                if (key != null && key instanceof PrivateKey && CryptoExtensions.certSubjectContainsName((X509Certificate) pkcs11Cert, "user1@cerner.com")) {
                    decryptCert = X509CertificateEx.fromX509Certificate((X509Certificate) pkcs11Cert, (PrivateKey) key);
                    break;
                }
            }
        }
        MimeEntity decryEntity = cryptographer.decrypt(encEntity, decryptCert);
        assertNotNull(decryEntity);
        byte[] decryEntityBytes = EntitySerializer.Default.serializeToBytes(decryEntity);
        byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
        assertTrue(Arrays.equals(decryEntityBytes, entityBytes));
    } finally {
        System.setProperty("org.nhindirect.stagent.cryptography.JCESensitiveProviderName", "Hello");
        System.setProperty("org.nhindirect.stagent.cryptography.JCESensitiveProviderClassNames", "sun.security.pkcs11.SunPKCS11");
        OptionsManager.destroyInstance();
    }
}
Also used : PrivateKey(java.security.PrivateKey) SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl) X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) MimeEntity(org.nhindirect.stagent.mail.MimeEntity) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) Key(java.security.Key) PrivateKey(java.security.PrivateKey) SecretKey(javax.crypto.SecretKey) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 37 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class CryptographerTest method testEncryptAndDecryptMimeEntity.

private void testEncryptAndDecryptMimeEntity(EncryptionAlgorithm encAlg) throws Exception {
    X509Certificate cert = TestUtils.getExternalCert("user1");
    SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
    cryptographer.setEncryptionAlgorithm(encAlg);
    MimeEntity entity = new MimeEntity();
    entity.setText("Hello world.");
    entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
    entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
    MimeEntity encEntity = cryptographer.encrypt(entity, cert);
    assertNotNull(encEntity);
    X509CertificateEx certex = TestUtils.getInternalCert("user1");
    MimeEntity decryEntity = cryptographer.decrypt(encEntity, certex);
    assertNotNull(decryEntity);
    byte[] decryEntityBytes = EntitySerializer.Default.serializeToBytes(decryEntity);
    byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
    assertTrue(Arrays.equals(decryEntityBytes, entityBytes));
}
Also used : SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl) X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) MimeEntity(org.nhindirect.stagent.mail.MimeEntity) X509Certificate(java.security.cert.X509Certificate)

Example 38 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class CryptographerTest method testEncryptAndDecryptMultipartEntity.

private void testEncryptAndDecryptMultipartEntity(EncryptionAlgorithm encAlgo) throws Exception {
    X509Certificate cert = TestUtils.getExternalCert("user1");
    SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
    cryptographer.setEncryptionAlgorithm(encAlgo);
    MimeEntity entityText = new MimeEntity();
    entityText.setText("Hello world.");
    entityText.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
    entityText.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
    MimeEntity entityXML = new MimeEntity();
    entityXML.setText("<Test></Test>");
    entityXML.setHeader(MimeStandard.ContentTypeHeader, "text/xml");
    MimeMultipart mpEntity = new MimeMultipart();
    mpEntity.addBodyPart(entityText);
    mpEntity.addBodyPart(entityXML);
    MimeEntity encEntity = cryptographer.encrypt(mpEntity, cert);
    assertNotNull(encEntity);
    X509CertificateEx certex = TestUtils.getInternalCert("user1");
    MimeEntity decryEntity = cryptographer.decrypt(encEntity, certex);
    assertNotNull(decryEntity);
    ByteArrayOutputStream oStream = new ByteArrayOutputStream();
    mpEntity.writeTo(oStream);
    InternetHeaders hdrs = new InternetHeaders();
    hdrs.addHeader(MimeStandard.ContentTypeHeader, mpEntity.getContentType());
    MimeEntity orgEntity = new MimeEntity(hdrs, oStream.toByteArray());
    byte[] decryEntityBytes = EntitySerializer.Default.serializeToBytes(decryEntity);
    byte[] entityBytes = EntitySerializer.Default.serializeToBytes(orgEntity);
    System.out.println("Original:\r\n" + new String(entityBytes));
    System.out.println("\r\n\r\n\r\nNew:\r\n" + new String(decryEntityBytes));
    assertTrue(Arrays.equals(decryEntityBytes, entityBytes));
}
Also used : InternetHeaders(javax.mail.internet.InternetHeaders) SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl) MimeMultipart(javax.mail.internet.MimeMultipart) X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) MimeEntity(org.nhindirect.stagent.mail.MimeEntity) ByteArrayOutputStream(java.io.ByteArrayOutputStream) X509Certificate(java.security.cert.X509Certificate)

Example 39 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class KeyStoreCertificateStore method add.

/**
     * Adds a certificate into the keystore with a given alias name.
     * @param cert The certificate to add to the keystore.
     * @param alias The alias of the certificate.
     */
public void add(X509Certificate cert, String alias) {
    if (certs.contains(cert)) {
        LOGGER.warn("Certificate already exists in store.  Use update() instead.");
        return;
    }
    try {
        certs.add(cert);
        if (cert instanceof X509CertificateEx)
            ks.setKeyEntry(alias, ((X509CertificateEx) cert).getPrivateKey(), privateKeyPassword == null ? null : privateKeyPassword.toCharArray(), new Certificate[] { cert });
        else
            ks.setCertificateEntry(alias, cert);
        // persist
        FileOutputStream outStream = new FileOutputStream(keyStoreFile);
        ks.store(outStream, keyStorePassword == null ? null : keyStorePassword.toCharArray());
        IOUtils.closeQuietly(outStream);
    } catch (Throwable e) {
        LOGGER.warn("Error adding certificate to store: " + e.getMessage());
    }
}
Also used : X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) FileOutputStream(java.io.FileOutputStream) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 40 with X509CertificateEx

use of org.nhindirect.stagent.cert.X509CertificateEx in project nhin-d by DirectProject.

the class DefaultNHINDAgent method decryptMessage.

/*
     * Decrypts the message content.
     */
protected MimeEntity decryptMessage(IncomingMessage message) {
    MimeEntity decryptedEntity = null;
    if (this.encryptionEnabled) {
        //
        for (X509Certificate cert : message.getDomainRecipients().getCertificates()) {
            try {
                if (cert instanceof X509CertificateEx) {
                    X509CertificateEx privCert = (X509CertificateEx) cert;
                    decryptedEntity = this.cryptographer.decrypt(message.getMessage(), privCert);
                    break;
                }
            } catch (Exception e) {
                LOGGER.info("Could not decrypt with message private cert subject " + cert.getSubjectDN().getName(), e);
            }
        }
    } else {
        try {
            decryptedEntity = new MimeEntity(message.getMessage().getRawInputStream());
        } catch (MessagingException ex) {
            throw new AgentException(AgentError.MissingMessage);
        }
    }
    if (decryptedEntity == null) {
        throw new AgentException(AgentError.UntrustedMessage);
    }
    return decryptedEntity;
}
Also used : X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) MessagingException(javax.mail.MessagingException) MimeEntity(org.nhindirect.stagent.mail.MimeEntity) X509Certificate(java.security.cert.X509Certificate) MessagingException(javax.mail.MessagingException) TrustException(org.nhindirect.stagent.trust.TrustException) MimeException(org.nhindirect.stagent.mail.MimeException) PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException) PolicyParseException(org.nhindirect.policy.PolicyParseException) IOException(java.io.IOException) PolicyProcessException(org.nhindirect.policy.PolicyProcessException)

Aggregations

X509CertificateEx (org.nhindirect.stagent.cert.X509CertificateEx)51 X509Certificate (java.security.cert.X509Certificate)39 MimeEntity (org.nhindirect.stagent.mail.MimeEntity)18 SMIMECryptographerImpl (org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)13 IOException (java.io.IOException)11 KeyStore (java.security.KeyStore)11 NHINDException (org.nhindirect.stagent.NHINDException)9 ByteArrayInputStream (java.io.ByteArrayInputStream)6 ByteArrayOutputStream (java.io.ByteArrayOutputStream)6 Key (java.security.Key)6 PrivateKey (java.security.PrivateKey)6 File (java.io.File)5 Certificate (java.security.cert.Certificate)5 MimeMultipart (javax.mail.internet.MimeMultipart)5 SMIMEEnveloped (org.bouncycastle.mail.smime.SMIMEEnveloped)5 LdapCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)5 SignedEntity (org.nhindirect.stagent.cryptography.SignedEntity)5 ArrayList (java.util.ArrayList)4 MessagingException (javax.mail.MessagingException)4 RecipientInformation (org.bouncycastle.cms.RecipientInformation)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial