Search in sources :

Example 1 with SplitDirectRecipientInformationFactory

use of org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory in project nhin-d by DirectProject.

the class SMIMECryptographerImpl_constructTest method testContructSMIMECryptographerImpl_setDecFactory.

public void testContructSMIMECryptographerImpl_setDecFactory() {
    SMIMECryptographerImpl impl = new SMIMECryptographerImpl(EncryptionAlgorithm.RSA_3DES, DigestAlgorithm.SHA384, new SplitProviderDirectSignedDataGeneratorFactory(), new SplitDirectRecipientInformationFactory());
    assertEquals(DigestAlgorithm.SHA384, impl.getDigestAlgorithm());
    assertEquals(EncryptionAlgorithm.RSA_3DES, impl.getEncryptionAlgorithm());
    assertTrue(impl.getSignedDataGeneratorFactory() instanceof SplitProviderDirectSignedDataGeneratorFactory);
    assertTrue(impl.getRecipientInformationFactory() instanceof SplitDirectRecipientInformationFactory);
}
Also used : SplitProviderDirectSignedDataGeneratorFactory(org.nhindirect.stagent.cryptography.activekeyops.SplitProviderDirectSignedDataGeneratorFactory) SplitDirectRecipientInformationFactory(org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory)

Example 2 with SplitDirectRecipientInformationFactory

use of org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory in project nhin-d by DirectProject.

the class MessagaeDecryptor method main.

public static void main(String[] args) {
    try {
        final KeyStore store = KeyStore.getInstance("pkcs12");
        store.load(FileUtils.openInputStream(new File("/users/gm2552/Desktop/ops.p12")), "".toCharArray());
        final String alias = store.aliases().nextElement();
        final PrivateKey entry = (PrivateKey) store.getKey(alias, "".toCharArray());
        final X509Certificate cert = (X509Certificate) store.getCertificate(alias);
        /*
			for (String arg :args)
			{
				if (arg )
			}
			*/
        //String encryptedStuff = FileUtils.readFileToString(new File("users/gm2552/Desktop/cry.eml"));
        InputStream inStream = FileUtils.openInputStream(new File("/users/gm2552/Desktop/cry2.eml"));
        MimeBodyPart part = new MimeBodyPart(inStream);
        final SMIMEEnveloped m = new SMIMEEnveloped(part);
        RecipientId recId = new RecipientId();
        recId.setIssuer(cert.getIssuerX500Principal().getEncoded());
        recId.setSerialNumber(cert.getSerialNumber());
        final RecipientInformationStore recipients = m.getRecipientInfos();
        final DirectRecipientInformation recipient = new SplitDirectRecipientInformationFactory().createInstance(recipients.get(recId), m);
        final byte[] decryptedPayload = recipient.getDecryptedContent(entry);
        System.out.println("Alg OID: " + m.getEncryptionAlgOID());
    } catch (Exception e) {
        e.printStackTrace();
    }
}
Also used : PrivateKey(java.security.PrivateKey) RecipientId(org.bouncycastle.cms.RecipientId) InputStream(java.io.InputStream) DirectRecipientInformation(org.nhindirect.stagent.cryptography.activekeyops.DirectRecipientInformation) KeyStore(java.security.KeyStore) SMIMEEnveloped(org.bouncycastle.mail.smime.SMIMEEnveloped) X509Certificate(java.security.cert.X509Certificate) SplitDirectRecipientInformationFactory(org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory) RecipientInformationStore(org.bouncycastle.cms.RecipientInformationStore) MimeBodyPart(javax.mail.internet.MimeBodyPart) File(java.io.File)

Example 3 with SplitDirectRecipientInformationFactory

use of org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory in project nhin-d by DirectProject.

the class CryptographerTest method testEncryptAndDecryptMimeEntity_hsmDecryption.

private void testEncryptAndDecryptMimeEntity_hsmDecryption(EncryptionAlgorithm encAlg) throws Exception {
    OptionsManager.destroyInstance();
    CryptoExtensions.registerJCEProviders();
    try {
        final PKCS11Credential cred = new BootstrappedPKCS11Credential("1Kingpuff");
        final MutableKeyStoreProtectionManager mgr = new StaticPKCS11TokenKeyStoreProtectionManager(cred, "", "");
        final CacheableKeyStoreManagerCertificateStore store = new CacheableKeyStoreManagerCertificateStore(mgr);
        store.add(TestUtils.getInternalCert("user1"));
        X509Certificate cert = TestUtils.getExternalCert("user1");
        SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
        cryptographer.setRecipientInformationFactory(new SplitDirectRecipientInformationFactory(pkcs11ProviderName, ""));
        cryptographer.setEncryptionAlgorithm(encAlg);
        MimeEntity entity = new MimeEntity();
        entity.setText("Hello world.");
        entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
        entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
        MimeEntity encEntity = cryptographer.encrypt(entity, cert);
        assertNotNull(encEntity);
        // open up the pkcs11 store and find the private key
        KeyStore ks = KeyStore.getInstance("PKCS11");
        ks.load(null, "1Kingpuff".toCharArray());
        X509CertificateEx decryptCert = null;
        final Enumeration<String> aliases = ks.aliases();
        while (aliases.hasMoreElements()) {
            String alias = aliases.nextElement();
            Certificate pkcs11Cert = ks.getCertificate(alias);
            if (pkcs11Cert != null && pkcs11Cert instanceof X509Certificate) {
                // check if there is private key
                Key key = ks.getKey(alias, null);
                if (key != null && key instanceof PrivateKey && CryptoExtensions.certSubjectContainsName((X509Certificate) pkcs11Cert, "user1@cerner.com")) {
                    decryptCert = X509CertificateEx.fromX509Certificate((X509Certificate) pkcs11Cert, (PrivateKey) key);
                    break;
                }
            }
        }
        MimeEntity decryEntity = cryptographer.decrypt(encEntity, decryptCert);
        assertNotNull(decryEntity);
        byte[] decryEntityBytes = EntitySerializer.Default.serializeToBytes(decryEntity);
        byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
        assertTrue(Arrays.equals(decryEntityBytes, entityBytes));
    } finally {
        System.setProperty("org.nhindirect.stagent.cryptography.JCESensitiveProviderName", "");
        System.setProperty("org.nhindirect.stagent.cryptography.JCESensitiveProviderClassNames", "");
        OptionsManager.destroyInstance();
    }
}
Also used : PKCS11Credential(org.nhindirect.common.crypto.PKCS11Credential) BootstrappedPKCS11Credential(org.nhindirect.common.crypto.impl.BootstrappedPKCS11Credential) PrivateKey(java.security.PrivateKey) SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) SplitDirectRecipientInformationFactory(org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory) CacheableKeyStoreManagerCertificateStore(org.nhindirect.stagent.cert.impl.CacheableKeyStoreManagerCertificateStore) X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) MutableKeyStoreProtectionManager(org.nhindirect.common.crypto.MutableKeyStoreProtectionManager) StaticPKCS11TokenKeyStoreProtectionManager(org.nhindirect.common.crypto.impl.StaticPKCS11TokenKeyStoreProtectionManager) MimeEntity(org.nhindirect.stagent.mail.MimeEntity) BootstrappedPKCS11Credential(org.nhindirect.common.crypto.impl.BootstrappedPKCS11Credential) Key(java.security.Key) PrivateKey(java.security.PrivateKey) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 4 with SplitDirectRecipientInformationFactory

use of org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory in project nhin-d by DirectProject.

the class SMIMECryptographerImpl_constructTest method testContructSMIMECryptographerImpl_setSigningFactory.

public void testContructSMIMECryptographerImpl_setSigningFactory() {
    SMIMECryptographerImpl impl = new SMIMECryptographerImpl(EncryptionAlgorithm.RSA_3DES, DigestAlgorithm.SHA384, new SplitProviderDirectSignedDataGeneratorFactory(), null);
    assertEquals(DigestAlgorithm.SHA384, impl.getDigestAlgorithm());
    assertEquals(EncryptionAlgorithm.RSA_3DES, impl.getEncryptionAlgorithm());
    assertTrue(impl.getSignedDataGeneratorFactory() instanceof SplitProviderDirectSignedDataGeneratorFactory);
    assertTrue(impl.getRecipientInformationFactory() instanceof SplitDirectRecipientInformationFactory);
}
Also used : SplitProviderDirectSignedDataGeneratorFactory(org.nhindirect.stagent.cryptography.activekeyops.SplitProviderDirectSignedDataGeneratorFactory) SplitDirectRecipientInformationFactory(org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory)

Aggregations

SplitDirectRecipientInformationFactory (org.nhindirect.stagent.cryptography.activekeyops.SplitDirectRecipientInformationFactory)4 KeyStore (java.security.KeyStore)2 PrivateKey (java.security.PrivateKey)2 X509Certificate (java.security.cert.X509Certificate)2 SplitProviderDirectSignedDataGeneratorFactory (org.nhindirect.stagent.cryptography.activekeyops.SplitProviderDirectSignedDataGeneratorFactory)2 File (java.io.File)1 InputStream (java.io.InputStream)1 Key (java.security.Key)1 Certificate (java.security.cert.Certificate)1 MimeBodyPart (javax.mail.internet.MimeBodyPart)1 RecipientId (org.bouncycastle.cms.RecipientId)1 RecipientInformationStore (org.bouncycastle.cms.RecipientInformationStore)1 SMIMEEnveloped (org.bouncycastle.mail.smime.SMIMEEnveloped)1 MutableKeyStoreProtectionManager (org.nhindirect.common.crypto.MutableKeyStoreProtectionManager)1 PKCS11Credential (org.nhindirect.common.crypto.PKCS11Credential)1 BootstrappedPKCS11Credential (org.nhindirect.common.crypto.impl.BootstrappedPKCS11Credential)1 StaticPKCS11TokenKeyStoreProtectionManager (org.nhindirect.common.crypto.impl.StaticPKCS11TokenKeyStoreProtectionManager)1 X509CertificateEx (org.nhindirect.stagent.cert.X509CertificateEx)1 CacheableKeyStoreManagerCertificateStore (org.nhindirect.stagent.cert.impl.CacheableKeyStoreManagerCertificateStore)1 SMIMECryptographerImpl (org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)1