Example 1 with DirectRecipientInformation
use of org.nhindirect.stagent.cryptography.activekeyops.DirectRecipientInformation in project nhin-d by DirectProject.
the class SMIMECryptographerImpl method decrypt.
/**
* Decrypts an entity with the provided certificates' private key.
* @param encryptedEntity The entity that will be decrypted.
* @param decryptingCertificate The certificates whose private keys will be used to decrypt the message.
* @return A MimeEntity containing the decrypted part.
*/
public MimeEntity decrypt(MimeEntity encryptedEntity, Collection<X509CertificateEx> decryptingCertificates) {
if (decryptingCertificates == null || decryptingCertificates.size() == 0) {
throw new IllegalArgumentException();
}
MimeEntity retEntity = null;
try {
if (LOGGER.isDebugEnabled()) {
final byte[] encryptedContent = encryptedEntity.getContentAsBytes();
writePreDecrypt(encryptedContent);
}
final SMIMEEnveloped m = new SMIMEEnveloped(encryptedEntity);
if (!this.isAllowedEncryptionAlgorithm(m.getEncryptionAlgOID()))
throw new NHINDException(MimeError.DisallowedEncryptionAlgorithm, "The encryption algorithm " + m.getEncryptionAlgOID() + " is not allowed");
for (X509CertificateEx decryptCert : decryptingCertificates) {
final RecipientId recId = generateRecipientSelector(decryptCert);
final RecipientInformationStore recipients = m.getRecipientInfos();
final DirectRecipientInformation recipient = decFactory.createInstance(recipients.get(recId), m);
if (recipient == null)
continue;
final byte[] decryptedPayload = recipient.getDecryptedContent(decryptCert.getPrivateKey());
if (LOGGER.isDebugEnabled()) {
writePostDecrypt(decryptedPayload);
}
final ByteArrayInputStream inStream = new ByteArrayInputStream(decryptedPayload);
retEntity = new MimeEntity(inStream);
break;
}
} catch (MessagingException e) {
throw new MimeException(MimeError.InvalidMimeEntity, e);
} catch (Exception e) {
throw new MimeException(MimeError.Unexpected, e);
}
if (retEntity == null) {
throw new NHINDException(MimeError.Unexpected, "None of the the provided decryption certs were found in message's RecipientsInfo set.");
}
return retEntity;
}
Also used :
RecipientId(org.bouncycastle.cms.RecipientId)
MessagingException(javax.mail.MessagingException)
DirectRecipientInformation(org.nhindirect.stagent.cryptography.activekeyops.DirectRecipientInformation)
SMIMEEnveloped(org.bouncycastle.mail.smime.SMIMEEnveloped)
NHINDException(org.nhindirect.stagent.NHINDException)
MessagingException(javax.mail.MessagingException)
MimeException(org.nhindirect.stagent.mail.MimeException)
NHINDException(org.nhindirect.stagent.NHINDException)
ParseException(javax.mail.internet.ParseException)
IOException(java.io.IOException)
SignatureValidationException(org.nhindirect.stagent.SignatureValidationException)
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
ByteArrayInputStream(java.io.ByteArrayInputStream)
MimeEntity(org.nhindirect.stagent.mail.MimeEntity)
RecipientInformationStore(org.bouncycastle.cms.RecipientInformationStore)
MimeException(org.nhindirect.stagent.mail.MimeException)
Example 2 with DirectRecipientInformation
use of org.nhindirect.stagent.cryptography.activekeyops.DirectRecipientInformation in project nhin-d by DirectProject.
the class MessagaeDecryptor method main.
public static void main(String[] args) {
try {
final KeyStore store = KeyStore.getInstance("pkcs12");
store.load(FileUtils.openInputStream(new File("/users/gm2552/Desktop/ops.p12")), "".toCharArray());
final String alias = store.aliases().nextElement();
final PrivateKey entry = (PrivateKey) store.getKey(alias, "".toCharArray());
final X509Certificate cert = (X509Certificate) store.getCertificate(alias);
/*
for (String arg :args)
{
if (arg )
}
*/
//String encryptedStuff = FileUtils.readFileToString(new File("users/gm2552/Desktop/cry.eml"));
InputStream inStream = FileUtils.openInputStream(new File("/users/gm2552/Desktop/cry2.eml"));
MimeBodyPart part = new MimeBodyPart(inStream);
final SMIMEEnveloped m = new SMIMEEnveloped(part);
RecipientId recId = new RecipientId();
recId.setIssuer(cert.getIssuerX500Principal().getEncoded());
recId.setSerialNumber(cert.getSerialNumber());
final RecipientInformationStore recipients = m.getRecipientInfos();
final DirectRecipientInformation recipient = new SplitDirectRecipientInformationFactory().createInstance(recipients.get(recId), m);
final byte[] decryptedPayload = recipient.getDecryptedContent(entry);
System.out.println("Alg OID: " + m.getEncryptionAlgOID());
} catch (Exception e) {
e.printStackTrace();
}
}
Also used :
PrivateKey(java.security.PrivateKey)
RecipientId(org.bouncycastle.cms.RecipientId)
InputStream(java.io.InputStream)
DirectRecipientInformation(org.nhindirect.stagent.cryptography.activekeyops.DirectRecipientInformation)
KeyStore(java.security.KeyStore)
SMIMEEnveloped(org.bouncycastle.mail.smime.SMIMEEnveloped)
X509Certificate(java.security.cert.X509Certificate)
SplitDirectRecipientInformationFactory(org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory)
RecipientInformationStore(org.bouncycastle.cms.RecipientInformationStore)
MimeBodyPart(javax.mail.internet.MimeBodyPart)
File(java.io.File)
Aggregations
RecipientId (org.bouncycastle.cms.RecipientId)2
RecipientInformationStore (org.bouncycastle.cms.RecipientInformationStore)2
SMIMEEnveloped (org.bouncycastle.mail.smime.SMIMEEnveloped)2
DirectRecipientInformation (org.nhindirect.stagent.cryptography.activekeyops.DirectRecipientInformation)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
File (java.io.File)1
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
KeyStore (java.security.KeyStore)1
PrivateKey (java.security.PrivateKey)1
X509Certificate (java.security.cert.X509Certificate)1
MessagingException (javax.mail.MessagingException)1
MimeBodyPart (javax.mail.internet.MimeBodyPart)1
ParseException (javax.mail.internet.ParseException)1
NHINDException (org.nhindirect.stagent.NHINDException)1
SignatureValidationException (org.nhindirect.stagent.SignatureValidationException)1
X509CertificateEx (org.nhindirect.stagent.cert.X509CertificateEx)1
SplitDirectRecipientInformationFactory (org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory)1
MimeEntity (org.nhindirect.stagent.mail.MimeEntity)1
MimeException (org.nhindirect.stagent.mail.MimeException)1
