예제 #1
0
  /**
   * Decrypts an entity with the provided certificates' private key.
   *
   * @param encryptedEntity The entity that will be decrypted.
   * @param decryptingCertificate The certificates whose private keys will be used to decrypt the
   *     message.
   * @return A MimeEntity containing the decrypted part.
   */
  public MimeEntity decrypt(
      MimeEntity encryptedEntity, Collection<X509CertificateEx> decryptingCertificates) {
    if (decryptingCertificates == null || decryptingCertificates.size() == 0) {
      throw new IllegalArgumentException();
    }

    MimeEntity retEntity = null;
    try {
      if (LOGGER.isDebugEnabled()) {
        byte[] encryptedContent = encryptedEntity.getContentAsBytes();
        writePreDecrypt(encryptedContent);
      }

      SMIMEEnveloped m = new SMIMEEnveloped(encryptedEntity);

      X509CertificateEx decryptCert = decryptingCertificates.iterator().next();

      RecipientId recId = generateRecipientSelector(decryptCert);

      RecipientInformationStore recipients = m.getRecipientInfos();
      RecipientInformation recipient = recipients.get(recId);

      byte[] decryptedPayload =
          recipient.getContent(decryptCert.getPrivateKey(), CryptoExtensions.getJCEProviderName());

      if (LOGGER.isDebugEnabled()) {
        writePostDecrypt(decryptedPayload);
      }

      ByteArrayInputStream inStream = new ByteArrayInputStream(decryptedPayload);

      retEntity = new MimeEntity(inStream);

    } catch (MessagingException e) {
      throw new MimeException(MimeError.InvalidMimeEntity, e);
    } catch (Exception e) {
      throw new MimeException(MimeError.Unexpected, e);
    }

    return retEntity;
  }
    protected SignerInformation createSignerInformation() throws Exception {
      X509CertificateEx internalCert = TestUtils.getInternalCert("user1");
      String testMessage = TestUtils.readResource("MultipartMimeMessage.txt");

      MimeMessage entity = EntitySerializer.Default.deserialize(testMessage);
      Message message = new Message(entity);

      MimeEntity entityToSig = message.extractEntityForSignature(true);

      byte[] messageBytes =
          EntitySerializer.Default.serializeToBytes(entityToSig); // Serialize message out as
      // ASCII encoded...

      MimeBodyPart partToSign = null;

      try {
        partToSign = new MimeBodyPart(new ByteArrayInputStream(messageBytes));
      } catch (Exception e) {
      }

      SMIMESignedGenerator gen = new SMIMESignedGenerator();

      ASN1EncodableVector signedAttrs = new ASN1EncodableVector();
      SMIMECapabilityVector caps = new SMIMECapabilityVector();

      caps.addCapability(SMIMECapability.dES_EDE3_CBC);
      caps.addCapability(SMIMECapability.rC2_CBC, 128);
      caps.addCapability(SMIMECapability.dES_CBC);
      caps.addCapability(new DERObjectIdentifier("1.2.840.113549.1.7.1"));
      caps.addCapability(PKCSObjectIdentifiers.x509Certificate);
      signedAttrs.add(new SMIMECapabilitiesAttribute(caps));

      List<X509Certificate> certList = new ArrayList<X509Certificate>();

      gen.addSigner(
          internalCert.getPrivateKey(),
          internalCert,
          SMIMESignedGenerator.DIGEST_SHA1,
          new AttributeTable(signedAttrs),
          null);
      certList.add(internalCert);

      theGetCertificates = certList;

      MimeMultipart retVal = null;

      CertStore certsAndcrls =
          CertStore.getInstance(
              "Collection",
              new CollectionCertStoreParameters(certList),
              CryptoExtensions.getJCEProviderName());
      gen.addCertificatesAndCRLs(certsAndcrls);

      retVal = gen.generate(partToSign, CryptoExtensions.getJCEProviderName());

      ByteArrayOutputStream oStream = new ByteArrayOutputStream();
      retVal.writeTo(oStream);
      oStream.flush();
      byte[] serialzedBytes = oStream.toByteArray();

      ByteArrayDataSource dataSource =
          new ByteArrayDataSource(serialzedBytes, retVal.getContentType());

      MimeMultipart verifyMM = new MimeMultipart(dataSource);

      CMSSignedData signeddata =
          new CMSSignedData(
              new CMSProcessableBodyPartInbound(partToSign),
              verifyMM.getBodyPart(1).getInputStream());
      SignerInformationStore signers = signeddata.getSignerInfos();
      Collection c = signers.getSigners();
      Iterator it = c.iterator();
      while (it.hasNext()) {
        SignerInformation signer = (SignerInformation) it.next();
        return signer;
      }
      return null;
    }