Example 1 with SignedEntity
use of org.nhindirect.stagent.cryptography.SignedEntity in project nhin-d by DirectProject.
the class CryptographerTest method testSignMimeEntity_MD5Digest_forceStrongDigest_assertRejectValidation.
public void testSignMimeEntity_MD5Digest_forceStrongDigest_assertRejectValidation() throws Exception {
X509CertificateEx certex = TestUtils.getInternalCert("user1");
SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
cryptographer.setDigestAlgorithm(DigestAlgorithm.MD5);
MimeEntity entity = new MimeEntity();
entity.setText("Hello world.");
entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
SignedEntity signedEnt = cryptographer.sign(entity, certex);
assertNotNull(signedEnt);
byte[] signedEntityBytes = EntitySerializer.Default.serializeToBytes(signedEnt.getContent());
byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
assertTrue(Arrays.equals(signedEntityBytes, entityBytes));
assertNotNull(signedEnt.getSignature());
X509Certificate cert = TestUtils.getExternalCert("user1");
boolean exceptionOccured = false;
try {
cryptographer.checkSignature(signedEnt, cert, new ArrayList<X509Certificate>());
} catch (SignatureValidationException e) {
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
Also used :
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)
MimeEntity(org.nhindirect.stagent.mail.MimeEntity)
SignatureValidationException(org.nhindirect.stagent.SignatureValidationException)
SignedEntity(org.nhindirect.stagent.cryptography.SignedEntity)
X509Certificate(java.security.cert.X509Certificate)
Example 2 with SignedEntity
use of org.nhindirect.stagent.cryptography.SignedEntity in project nhin-d by DirectProject.
the class CryptographerTest method testSignMimeEntity_MD5Digest_doNotforceStrongDigest_assertValidation.
public void testSignMimeEntity_MD5Digest_doNotforceStrongDigest_assertValidation() throws Exception {
X509CertificateEx certex = TestUtils.getInternalCert("user1");
SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
cryptographer.setDigestAlgorithm(DigestAlgorithm.MD5);
cryptographer.setStrongDigestEnforced(false);
MimeEntity entity = new MimeEntity();
entity.setText("Hello world.");
entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
SignedEntity signedEnt = cryptographer.sign(entity, certex);
assertNotNull(signedEnt);
byte[] signedEntityBytes = EntitySerializer.Default.serializeToBytes(signedEnt.getContent());
byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
assertTrue(Arrays.equals(signedEntityBytes, entityBytes));
assertNotNull(signedEnt.getSignature());
X509Certificate cert = TestUtils.getExternalCert("user1");
cryptographer.checkSignature(signedEnt, cert, new ArrayList<X509Certificate>());
}
Also used :
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)
MimeEntity(org.nhindirect.stagent.mail.MimeEntity)
SignedEntity(org.nhindirect.stagent.cryptography.SignedEntity)
X509Certificate(java.security.cert.X509Certificate)
Example 3 with SignedEntity
use of org.nhindirect.stagent.cryptography.SignedEntity in project nhin-d by DirectProject.
the class CryptographerTest method testSignMimeEntity.
private void testSignMimeEntity(DigestAlgorithm digAlg) throws Exception {
X509CertificateEx certex = TestUtils.getInternalCert("user1");
SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
cryptographer.setDigestAlgorithm(digAlg);
MimeEntity entity = new MimeEntity();
entity.setText("Hello world.");
entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
SignedEntity signedEnt = cryptographer.sign(entity, certex);
assertNotNull(signedEnt);
byte[] signedEntityBytes = EntitySerializer.Default.serializeToBytes(signedEnt.getContent());
byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
assertTrue(Arrays.equals(signedEntityBytes, entityBytes));
assertNotNull(signedEnt.getSignature());
X509Certificate cert = TestUtils.getExternalCert("user1");
cryptographer.checkSignature(signedEnt, cert, new ArrayList<X509Certificate>());
}
Also used :
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)
MimeEntity(org.nhindirect.stagent.mail.MimeEntity)
SignedEntity(org.nhindirect.stagent.cryptography.SignedEntity)
X509Certificate(java.security.cert.X509Certificate)
Example 4 with SignedEntity
use of org.nhindirect.stagent.cryptography.SignedEntity in project nhin-d by DirectProject.
the class DefaultNHINDAgent method signAndEncryptMessage.
//
// First sign, THEN encrypt the message
//
@SuppressWarnings("unchecked")
protected void signAndEncryptMessage(OutgoingMessage message) {
SignedEntity signedEntity = cryptographer.sign(message.getMessage(), message.getSender().getCertificates());
try {
if (encryptionEnabled) {
MimeEntity encryptedEntity = cryptographer.encrypt(signedEntity.getMimeMultipart(), message.getRecipients().getCertificates());
//
// Alter message content to contain encrypted data
//
InternetHeaders headers = new InternetHeaders();
Enumeration<Header> eHeaders = message.getMessage().getAllHeaders();
while (eHeaders.hasMoreElements()) {
Header hdr = eHeaders.nextElement();
headers.setHeader(hdr.getName(), hdr.getValue());
}
eHeaders = encryptedEntity.getAllHeaders();
while (eHeaders.hasMoreElements()) {
Header hdr = (Header) eHeaders.nextElement();
headers.setHeader(hdr.getName(), hdr.getValue());
}
Message msg = new Message(headers, encryptedEntity.getContentAsBytes());
message.setMessage(msg);
} else {
InternetHeaders headers = new InternetHeaders();
Enumeration<Header> eHeaders = message.getMessage().getAllHeaders();
while (eHeaders.hasMoreElements()) {
Header hdr = eHeaders.nextElement();
headers.setHeader(hdr.getName(), hdr.getValue());
}
headers.setHeader(MimeStandard.ContentTypeHeader, signedEntity.getMimeMultipart().getContentType());
Message msg = new Message(headers, signedEntity.getEntityBodyAsBytes());
message.setMessage(msg);
}
} catch (Exception e) {
throw new MimeException(MimeError.InvalidMimeEntity, e);
}
}
Also used :
InternetHeaders(javax.mail.internet.InternetHeaders)
Header(javax.mail.Header)
WrappedMessage(org.nhindirect.stagent.mail.WrappedMessage)
Message(org.nhindirect.stagent.mail.Message)
MimeMessage(javax.mail.internet.MimeMessage)
MimeEntity(org.nhindirect.stagent.mail.MimeEntity)
MimeException(org.nhindirect.stagent.mail.MimeException)
SignedEntity(org.nhindirect.stagent.cryptography.SignedEntity)
MessagingException(javax.mail.MessagingException)
TrustException(org.nhindirect.stagent.trust.TrustException)
MimeException(org.nhindirect.stagent.mail.MimeException)
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
IOException(java.io.IOException)
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
Example 5 with SignedEntity
use of org.nhindirect.stagent.cryptography.SignedEntity in project nhin-d by DirectProject.
the class DefaultNHINDAgent method decryptSignedContent.
/*
* Decrypts the signed message
*/
@SuppressWarnings("unchecked")
protected void decryptSignedContent(IncomingMessage message) {
MimeEntity decryptedEntity = this.decryptMessage(message);
CMSSignedData signatures;
MimeEntity payload;
try {
if (SMIMEStandard.isContentEnvelopedSignature(new ContentType(decryptedEntity.getContentType()))) {
signatures = cryptographer.deserializeEnvelopedSignature(decryptedEntity);
payload = new MimeEntity(new ByteArrayInputStream(signatures.getContentInfo().getEncoded()));
} else if (SMIMEStandard.isContentMultipartSignature(new ContentType(decryptedEntity.getContentType()))) {
//
// Extract the signature envelope. That contains both the signature and the actual message content
//
ByteArrayDataSource dataSource = new ByteArrayDataSource(decryptedEntity.getRawInputStream(), decryptedEntity.getContentType());
MimeMultipart verifyMM = new MimeMultipart(dataSource);
SignedEntity signedEntity = SignedEntity.load(verifyMM);
signatures = cryptographer.deserializeSignatureEnvelope(signedEntity);
payload = signedEntity.getContent();
} else {
throw new AgentException(AgentError.UnsignedMessage);
}
message.setSignature(signatures);
//
// Alter body to contain actual content. Also clean up mime headers on the message that were there to support
// signatures etc
//
InternetHeaders headers = new InternetHeaders();
// remove all mime headers
Enumeration<Header> eHeaders = message.getMessage().getAllHeaders();
while (eHeaders.hasMoreElements()) {
Header hdr = (Header) eHeaders.nextElement();
if (!MimeStandard.startsWith(hdr.getName(), MimeStandard.HeaderPrefix))
headers.setHeader(hdr.getName(), hdr.getValue());
}
// add back in headers from original message
eHeaders = payload.getAllHeaders();
while (eHeaders.hasMoreElements()) {
Header hdr = (Header) eHeaders.nextElement();
headers.setHeader(hdr.getName(), hdr.getValue());
}
Message msg = new Message(headers, payload.getContentAsBytes());
message.setMessage(msg);
} catch (MessagingException e) {
throw new MimeException(MimeError.InvalidBody, e);
} catch (IOException e) {
throw new MimeException(MimeError.InvalidBody, e);
}
}
Also used :
ContentType(javax.mail.internet.ContentType)
InternetHeaders(javax.mail.internet.InternetHeaders)
WrappedMessage(org.nhindirect.stagent.mail.WrappedMessage)
Message(org.nhindirect.stagent.mail.Message)
MimeMessage(javax.mail.internet.MimeMessage)
MessagingException(javax.mail.MessagingException)
IOException(java.io.IOException)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
Header(javax.mail.Header)
ByteArrayInputStream(java.io.ByteArrayInputStream)
MimeMultipart(javax.mail.internet.MimeMultipart)
MimeEntity(org.nhindirect.stagent.mail.MimeEntity)
MimeException(org.nhindirect.stagent.mail.MimeException)
ByteArrayDataSource(javax.mail.util.ByteArrayDataSource)
SignedEntity(org.nhindirect.stagent.cryptography.SignedEntity)
Aggregations
SignedEntity (org.nhindirect.stagent.cryptography.SignedEntity)7
MimeEntity (org.nhindirect.stagent.mail.MimeEntity)7
X509Certificate (java.security.cert.X509Certificate)5
X509CertificateEx (org.nhindirect.stagent.cert.X509CertificateEx)5
SMIMECryptographerImpl (org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)5
IOException (java.io.IOException)2
Header (javax.mail.Header)2
MessagingException (javax.mail.MessagingException)2
InternetHeaders (javax.mail.internet.InternetHeaders)2
MimeMessage (javax.mail.internet.MimeMessage)2
Message (org.nhindirect.stagent.mail.Message)2
MimeException (org.nhindirect.stagent.mail.MimeException)2
WrappedMessage (org.nhindirect.stagent.mail.WrappedMessage)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
ContentType (javax.mail.internet.ContentType)1
MimeMultipart (javax.mail.internet.MimeMultipart)1
ByteArrayDataSource (javax.mail.util.ByteArrayDataSource)1
CMSSignedData (org.bouncycastle.cms.CMSSignedData)1
PolicyParseException (org.nhindirect.policy.PolicyParseException)1
PolicyProcessException (org.nhindirect.policy.PolicyProcessException)1
