private void verifyAlgorithm(String algorithmOid, MimeBodyPart msg) throws Exception {
SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator();
gen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
//
// generate a MimeBodyPart object which encapsulates the content
// we want encrypted.
//
MimeBodyPart mp =
gen.generate(
msg,
new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(algorithmOid))
.setProvider(BC)
.build());
SMIMEEnveloped m = new SMIMEEnveloped(mp);
RecipientId recId = getRecipientId(_reciCert);
RecipientInformationStore recipients = m.getRecipientInfos();
RecipientInformation recipient = recipients.get(recId);
MimeBodyPart res =
SMIMEUtil.toMimeBodyPart(
recipient.getContent(
new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC)));
verifyMessageBytes(msg, res);
}
public void testDotNetEncMailMatch() throws Exception {
MimeMessage message = loadMessage("dotnet_encrypted_mail.eml");
SMIMEEnveloped env = new SMIMEEnveloped(message);
RecipientInformationStore store = env.getRecipientInfos();
assertNotNull(store.get(new JceKeyTransRecipientId(loadCert("dotnet_enc_cert.pem"))));
}
public void testAES256() throws Exception {
MimeMessage message = loadMessage("test256.message");
SMIMEEnveloped env = new SMIMEEnveloped(message);
RecipientInformationStore store = env.getRecipientInfos();
RecipientInformation recipInfo = store.get(new JceKeyTransRecipientId(loadCert("cert.pem")));
assertNotNull(recipInfo);
byte[] content = recipInfo.getContent(new JceKeyTransEnvelopedRecipient(loadKey("key.pem")));
assertTrue(org.bouncycastle.util.Arrays.areEqual(testMessage, content));
}
public void testSubKeyId() throws Exception {
MimeBodyPart msg = SMIMETestUtil.makeMimeBodyPart("WallaWallaWashington");
SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator();
//
// create a subject key id - this has to be done the same way as
// it is done in the certificate associated with the private key
//
MessageDigest dig = MessageDigest.getInstance("SHA1", BC);
dig.update(
SubjectPublicKeyInfo.getInstance(_reciCert.getPublicKey().getEncoded())
.getPublicKeyData()
.getBytes());
gen.addRecipientInfoGenerator(
new JceKeyTransRecipientInfoGenerator(dig.digest(), _reciCert.getPublicKey())
.setProvider(BC));
//
// generate a MimeBodyPart object which encapsulates the content
// we want encrypted.
//
MimeBodyPart mp =
gen.generate(
msg,
new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
SMIMEEnveloped m = new SMIMEEnveloped(mp);
dig.update(
SubjectPublicKeyInfo.getInstance(_reciCert.getPublicKey().getEncoded())
.getPublicKeyData()
.getBytes());
RecipientId recId = new KeyTransRecipientId(dig.digest());
RecipientInformationStore recipients = m.getRecipientInfos();
RecipientInformation recipient = recipients.get(recId);
MimeBodyPart res =
SMIMEUtil.toMimeBodyPart(
recipient.getContent(
new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC)));
verifyMessageBytes(msg, res);
}
/**
* Decrypts an entity with the provided certificates' private key.
*
* @param encryptedEntity The entity that will be decrypted.
* @param decryptingCertificate The certificates whose private keys will be used to decrypt the
* message.
* @return A MimeEntity containing the decrypted part.
*/
public MimeEntity decrypt(
MimeEntity encryptedEntity, Collection<X509CertificateEx> decryptingCertificates) {
if (decryptingCertificates == null || decryptingCertificates.size() == 0) {
throw new IllegalArgumentException();
}
MimeEntity retEntity = null;
try {
if (LOGGER.isDebugEnabled()) {
byte[] encryptedContent = encryptedEntity.getContentAsBytes();
writePreDecrypt(encryptedContent);
}
SMIMEEnveloped m = new SMIMEEnveloped(encryptedEntity);
X509CertificateEx decryptCert = decryptingCertificates.iterator().next();
RecipientId recId = generateRecipientSelector(decryptCert);
RecipientInformationStore recipients = m.getRecipientInfos();
RecipientInformation recipient = recipients.get(recId);
byte[] decryptedPayload =
recipient.getContent(decryptCert.getPrivateKey(), CryptoExtensions.getJCEProviderName());
if (LOGGER.isDebugEnabled()) {
writePostDecrypt(decryptedPayload);
}
ByteArrayInputStream inStream = new ByteArrayInputStream(decryptedPayload);
retEntity = new MimeEntity(inStream);
} catch (MessagingException e) {
throw new MimeException(MimeError.InvalidMimeEntity, e);
} catch (Exception e) {
throw new MimeException(MimeError.Unexpected, e);
}
return retEntity;
}
