private void checkData(byte[] data, SecretKey kek, CMSAuthenticatedData ad) throws CMSException {
RecipientInformationStore recipients = ad.getRecipientInfos();
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext()) {
RecipientInformation recipient = (RecipientInformation) it.next();
byte[] recData = recipient.getContent(new JceKEKAuthenticatedRecipient(kek).setProvider(BC));
assertTrue(Arrays.equals(data, recData));
assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
assertTrue(Arrays.equals(ad.getContentDigest(), recipient.getContentDigest()));
} else {
fail("no recipient found");
}
}
private void tryKekAlgorithmWithDigest(SecretKey kek, ASN1ObjectIdentifier algOid)
throws NoSuchAlgorithmException, NoSuchProviderException, CMSException,
OperatorCreationException {
byte[] data = "Eric H. Echidna".getBytes();
CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
DigestCalculatorProvider calcProvider =
new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
byte[] kekId = new byte[] {1, 2, 3, 4, 5};
adGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC));
CMSAuthenticatedData ad =
adGen.generate(
new CMSProcessableByteArray(data),
new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build(),
calcProvider.get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1)));
RecipientInformationStore recipients = ad.getRecipientInfos();
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
assertEquals(ad.getMacAlgOID(), CMSAuthenticatedDataGenerator.DES_EDE3_CBC);
if (it.hasNext()) {
RecipientInformation recipient = (RecipientInformation) it.next();
assertEquals(recipient.getKeyEncryptionAlgOID(), algOid.getId());
byte[] recData = recipient.getContent(new JceKEKAuthenticatedRecipient(kek).setProvider(BC));
assertTrue(Arrays.equals(data, recData));
assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
assertTrue(Arrays.equals(ad.getContentDigest(), recipient.getContentDigest()));
} else {
fail("no recipient found");
}
}
private void tryKeyTransWithDigest(ASN1ObjectIdentifier macAlg) throws Exception {
byte[] data = "Eric H. Echidna".getBytes();
CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
DigestCalculatorProvider calcProvider =
new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
adGen.addRecipientInfoGenerator(
new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
CMSAuthenticatedData ad =
adGen.generate(
new CMSProcessableByteArray(data),
new JceCMSMacCalculatorBuilder(macAlg).setProvider(BC).build(),
calcProvider.get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1)));
RecipientInformationStore recipients = ad.getRecipientInfos();
assertEquals(ad.getMacAlgOID(), macAlg.getId());
Collection c = recipients.getRecipients();
assertEquals(1, c.size());
Iterator it = c.iterator();
while (it.hasNext()) {
RecipientInformation recipient = (RecipientInformation) it.next();
assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
byte[] recData =
recipient.getContent(
new JceKeyTransAuthenticatedRecipient(_reciKP.getPrivate()).setProvider(BC));
assertTrue(Arrays.equals(data, recData));
assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
assertTrue(Arrays.equals(ad.getContentDigest(), recipient.getContentDigest()));
}
}
