use of org.nhindirect.stagent.mail.MimeEntity in project nhin-d by DirectProject.
the class SMIMECryptographerImpl method decrypt.
/**
* Decrypts an entity with the provided certificates' private key.
* @param encryptedEntity The entity that will be decrypted.
* @param decryptingCertificate The certificates whose private keys will be used to decrypt the message.
* @return A MimeEntity containing the decrypted part.
*/
public MimeEntity decrypt(MimeEntity encryptedEntity, Collection<X509CertificateEx> decryptingCertificates) {
if (decryptingCertificates == null || decryptingCertificates.size() == 0) {
throw new IllegalArgumentException();
}
MimeEntity retEntity = null;
try {
if (LOGGER.isDebugEnabled()) {
final byte[] encryptedContent = encryptedEntity.getContentAsBytes();
writePreDecrypt(encryptedContent);
}
final SMIMEEnveloped m = new SMIMEEnveloped(encryptedEntity);
if (!this.isAllowedEncryptionAlgorithm(m.getEncryptionAlgOID()))
throw new NHINDException(MimeError.DisallowedEncryptionAlgorithm, "The encryption algorithm " + m.getEncryptionAlgOID() + " is not allowed");
for (X509CertificateEx decryptCert : decryptingCertificates) {
final RecipientId recId = generateRecipientSelector(decryptCert);
final RecipientInformationStore recipients = m.getRecipientInfos();
final DirectRecipientInformation recipient = decFactory.createInstance(recipients.get(recId), m);
if (recipient == null)
continue;
final byte[] decryptedPayload = recipient.getDecryptedContent(decryptCert.getPrivateKey());
if (LOGGER.isDebugEnabled()) {
writePostDecrypt(decryptedPayload);
}
final ByteArrayInputStream inStream = new ByteArrayInputStream(decryptedPayload);
retEntity = new MimeEntity(inStream);
break;
}
} catch (MessagingException e) {
throw new MimeException(MimeError.InvalidMimeEntity, e);
} catch (Exception e) {
throw new MimeException(MimeError.Unexpected, e);
}
if (retEntity == null) {
throw new NHINDException(MimeError.Unexpected, "None of the the provided decryption certs were found in message's RecipientsInfo set.");
}
return retEntity;
}
use of org.nhindirect.stagent.mail.MimeEntity in project nhin-d by DirectProject.
the class CryptographerTest method testEncryptAndDecryptMimeEntity.
private void testEncryptAndDecryptMimeEntity(EncryptionAlgorithm encAlg, boolean enforceStrongEncryption, boolean expectDecException) throws Exception {
X509Certificate cert = TestUtils.getExternalCert("user1");
SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
if (encAlg != null)
cryptographer.setEncryptionAlgorithm(encAlg);
cryptographer.setStrongEncryptionEnforced(enforceStrongEncryption);
MimeEntity entity = new MimeEntity();
entity.setText("Hello world.");
entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
MimeEntity encEntity = cryptographer.encrypt(entity, cert);
assertNotNull(encEntity);
/*
* explicit header checking for compliance with Applicability
* Statement v 1.2
*/
final ContentType type = new ContentType(encEntity.getContentType());
assertTrue(type.match(SMIMEStandard.CmsEnvelopeMediaType));
assertFalse(type.match(SMIMEStandard.CmsEnvelopeMediaTypeAlt));
X509CertificateEx certex = TestUtils.getInternalCert("user1");
if (expectDecException) {
boolean exceptionOccured = false;
try {
cryptographer.decrypt(encEntity, certex);
} catch (Exception e) {
exceptionOccured = true;
}
assertTrue(exceptionOccured);
} else {
MimeEntity decryEntity = cryptographer.decrypt(encEntity, certex);
assertNotNull(decryEntity);
byte[] decryEntityBytes = EntitySerializer.Default.serializeToBytes(decryEntity);
byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
assertTrue(Arrays.equals(decryEntityBytes, entityBytes));
}
}
use of org.nhindirect.stagent.mail.MimeEntity in project nhin-d by DirectProject.
the class CryptographerTest method testSignMimeEntity_MD5Digest_forceStrongDigest_assertRejectValidation.
public void testSignMimeEntity_MD5Digest_forceStrongDigest_assertRejectValidation() throws Exception {
X509CertificateEx certex = TestUtils.getInternalCert("user1");
SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
cryptographer.setDigestAlgorithm(DigestAlgorithm.MD5);
MimeEntity entity = new MimeEntity();
entity.setText("Hello world.");
entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
SignedEntity signedEnt = cryptographer.sign(entity, certex);
assertNotNull(signedEnt);
byte[] signedEntityBytes = EntitySerializer.Default.serializeToBytes(signedEnt.getContent());
byte[] entityBytes = EntitySerializer.Default.serializeToBytes(entity);
assertTrue(Arrays.equals(signedEntityBytes, entityBytes));
assertNotNull(signedEnt.getSignature());
X509Certificate cert = TestUtils.getExternalCert("user1");
boolean exceptionOccured = false;
try {
cryptographer.checkSignature(signedEnt, cert, new ArrayList<X509Certificate>());
} catch (SignatureValidationException e) {
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
use of org.nhindirect.stagent.mail.MimeEntity in project nhin-d by DirectProject.
the class CryptographerTest method testEncryptAndDecryptMultipartEntity.
private void testEncryptAndDecryptMultipartEntity(EncryptionAlgorithm encAlgo, boolean enforceStrongEncryption) throws Exception {
X509Certificate cert = TestUtils.getExternalCert("user1");
SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
cryptographer.setEncryptionAlgorithm(encAlgo);
cryptographer.setStrongEncryptionEnforced(enforceStrongEncryption);
MimeEntity entityText = new MimeEntity();
entityText.setText("Hello world.");
entityText.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
entityText.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
MimeEntity entityXML = new MimeEntity();
entityXML.setText("<Test></Test>");
entityXML.setHeader(MimeStandard.ContentTypeHeader, "text/xml");
MimeMultipart mpEntity = new MimeMultipart();
mpEntity.addBodyPart(entityText);
mpEntity.addBodyPart(entityXML);
MimeEntity encEntity = cryptographer.encrypt(mpEntity, cert);
assertNotNull(encEntity);
X509CertificateEx certex = TestUtils.getInternalCert("user1");
MimeEntity decryEntity = cryptographer.decrypt(encEntity, certex);
assertNotNull(decryEntity);
ByteArrayOutputStream oStream = new ByteArrayOutputStream();
mpEntity.writeTo(oStream);
InternetHeaders hdrs = new InternetHeaders();
hdrs.addHeader(MimeStandard.ContentTypeHeader, mpEntity.getContentType());
MimeEntity orgEntity = new MimeEntity(hdrs, oStream.toByteArray());
byte[] decryEntityBytes = EntitySerializer.Default.serializeToBytes(decryEntity);
byte[] entityBytes = EntitySerializer.Default.serializeToBytes(orgEntity);
System.out.println("Original:\r\n" + new String(entityBytes));
System.out.println("\r\n\r\n\r\nNew:\r\n" + new String(decryEntityBytes));
assertTrue(Arrays.equals(decryEntityBytes, entityBytes));
}
use of org.nhindirect.stagent.mail.MimeEntity in project nhin-d by DirectProject.
the class SMIMECryptographerImpl_createSignatureEntityTest method contentToMimeEntity.
protected MimeEntity contentToMimeEntity(BodyPart part) throws Exception {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
part.writeTo(bos);
bos.flush();
InputStream stream = new ByteArrayInputStream(bos.toByteArray());
return new MimeEntity(stream);
}
Aggregations