/**
* Decrypts an entity with the provided certificates' private key.
*
* @param encryptedEntity The entity that will be decrypted.
* @param decryptingCertificate The certificates whose private keys will be used to decrypt the
* message.
* @return A MimeEntity containing the decrypted part.
*/
public MimeEntity decrypt(
MimeEntity encryptedEntity, Collection<X509CertificateEx> decryptingCertificates) {
if (decryptingCertificates == null || decryptingCertificates.size() == 0) {
throw new IllegalArgumentException();
}
MimeEntity retEntity = null;
try {
if (LOGGER.isDebugEnabled()) {
byte[] encryptedContent = encryptedEntity.getContentAsBytes();
writePreDecrypt(encryptedContent);
}
SMIMEEnveloped m = new SMIMEEnveloped(encryptedEntity);
X509CertificateEx decryptCert = decryptingCertificates.iterator().next();
RecipientId recId = generateRecipientSelector(decryptCert);
RecipientInformationStore recipients = m.getRecipientInfos();
RecipientInformation recipient = recipients.get(recId);
byte[] decryptedPayload =
recipient.getContent(decryptCert.getPrivateKey(), CryptoExtensions.getJCEProviderName());
if (LOGGER.isDebugEnabled()) {
writePostDecrypt(decryptedPayload);
}
ByteArrayInputStream inStream = new ByteArrayInputStream(decryptedPayload);
retEntity = new MimeEntity(inStream);
} catch (MessagingException e) {
throw new MimeException(MimeError.InvalidMimeEntity, e);
} catch (Exception e) {
throw new MimeException(MimeError.Unexpected, e);
}
return retEntity;
}
protected SignerInformation createSignerInformation() throws Exception {
X509CertificateEx internalCert = TestUtils.getInternalCert("user1");
String testMessage = TestUtils.readResource("MultipartMimeMessage.txt");
MimeMessage entity = EntitySerializer.Default.deserialize(testMessage);
Message message = new Message(entity);
MimeEntity entityToSig = message.extractEntityForSignature(true);
byte[] messageBytes =
EntitySerializer.Default.serializeToBytes(entityToSig); // Serialize message out as
// ASCII encoded...
MimeBodyPart partToSign = null;
try {
partToSign = new MimeBodyPart(new ByteArrayInputStream(messageBytes));
} catch (Exception e) {
}
SMIMESignedGenerator gen = new SMIMESignedGenerator();
ASN1EncodableVector signedAttrs = new ASN1EncodableVector();
SMIMECapabilityVector caps = new SMIMECapabilityVector();
caps.addCapability(SMIMECapability.dES_EDE3_CBC);
caps.addCapability(SMIMECapability.rC2_CBC, 128);
caps.addCapability(SMIMECapability.dES_CBC);
caps.addCapability(new DERObjectIdentifier("1.2.840.113549.1.7.1"));
caps.addCapability(PKCSObjectIdentifiers.x509Certificate);
signedAttrs.add(new SMIMECapabilitiesAttribute(caps));
List<X509Certificate> certList = new ArrayList<X509Certificate>();
gen.addSigner(
internalCert.getPrivateKey(),
internalCert,
SMIMESignedGenerator.DIGEST_SHA1,
new AttributeTable(signedAttrs),
null);
certList.add(internalCert);
theGetCertificates = certList;
MimeMultipart retVal = null;
CertStore certsAndcrls =
CertStore.getInstance(
"Collection",
new CollectionCertStoreParameters(certList),
CryptoExtensions.getJCEProviderName());
gen.addCertificatesAndCRLs(certsAndcrls);
retVal = gen.generate(partToSign, CryptoExtensions.getJCEProviderName());
ByteArrayOutputStream oStream = new ByteArrayOutputStream();
retVal.writeTo(oStream);
oStream.flush();
byte[] serialzedBytes = oStream.toByteArray();
ByteArrayDataSource dataSource =
new ByteArrayDataSource(serialzedBytes, retVal.getContentType());
MimeMultipart verifyMM = new MimeMultipart(dataSource);
CMSSignedData signeddata =
new CMSSignedData(
new CMSProcessableBodyPartInbound(partToSign),
verifyMM.getBodyPart(1).getInputStream());
SignerInformationStore signers = signeddata.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext()) {
SignerInformation signer = (SignerInformation) it.next();
return signer;
}
return null;
}
