private void verifyAlgorithm(String algorithmOid, MimeBodyPart msg) throws Exception {
    SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator();

    gen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));

    //
    // generate a MimeBodyPart object which encapsulates the content
    // we want encrypted.
    //

    MimeBodyPart mp =
        gen.generate(
            msg,
            new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(algorithmOid))
                .setProvider(BC)
                .build());
    SMIMEEnveloped m = new SMIMEEnveloped(mp);
    RecipientId recId = getRecipientId(_reciCert);

    RecipientInformationStore recipients = m.getRecipientInfos();
    RecipientInformation recipient = recipients.get(recId);

    MimeBodyPart res =
        SMIMEUtil.toMimeBodyPart(
            recipient.getContent(
                new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC)));

    verifyMessageBytes(msg, res);
  }
  public void testDotNetEncMailMatch() throws Exception {
    MimeMessage message = loadMessage("dotnet_encrypted_mail.eml");

    SMIMEEnveloped env = new SMIMEEnveloped(message);

    RecipientInformationStore store = env.getRecipientInfos();

    assertNotNull(store.get(new JceKeyTransRecipientId(loadCert("dotnet_enc_cert.pem"))));
  }
  public void testAES256() throws Exception {
    MimeMessage message = loadMessage("test256.message");

    SMIMEEnveloped env = new SMIMEEnveloped(message);

    RecipientInformationStore store = env.getRecipientInfos();

    RecipientInformation recipInfo = store.get(new JceKeyTransRecipientId(loadCert("cert.pem")));

    assertNotNull(recipInfo);

    byte[] content = recipInfo.getContent(new JceKeyTransEnvelopedRecipient(loadKey("key.pem")));

    assertTrue(org.bouncycastle.util.Arrays.areEqual(testMessage, content));
  }
  public void testSubKeyId() throws Exception {
    MimeBodyPart msg = SMIMETestUtil.makeMimeBodyPart("WallaWallaWashington");

    SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator();

    //
    // create a subject key id - this has to be done the same way as
    // it is done in the certificate associated with the private key
    //
    MessageDigest dig = MessageDigest.getInstance("SHA1", BC);
    dig.update(
        SubjectPublicKeyInfo.getInstance(_reciCert.getPublicKey().getEncoded())
            .getPublicKeyData()
            .getBytes());

    gen.addRecipientInfoGenerator(
        new JceKeyTransRecipientInfoGenerator(dig.digest(), _reciCert.getPublicKey())
            .setProvider(BC));

    //
    // generate a MimeBodyPart object which encapsulates the content
    // we want encrypted.
    //

    MimeBodyPart mp =
        gen.generate(
            msg,
            new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());

    SMIMEEnveloped m = new SMIMEEnveloped(mp);

    dig.update(
        SubjectPublicKeyInfo.getInstance(_reciCert.getPublicKey().getEncoded())
            .getPublicKeyData()
            .getBytes());

    RecipientId recId = new KeyTransRecipientId(dig.digest());

    RecipientInformationStore recipients = m.getRecipientInfos();
    RecipientInformation recipient = recipients.get(recId);

    MimeBodyPart res =
        SMIMEUtil.toMimeBodyPart(
            recipient.getContent(
                new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC)));

    verifyMessageBytes(msg, res);
  }
Пример #5
0
  /**
   * Decrypts an entity with the provided certificates' private key.
   *
   * @param encryptedEntity The entity that will be decrypted.
   * @param decryptingCertificate The certificates whose private keys will be used to decrypt the
   *     message.
   * @return A MimeEntity containing the decrypted part.
   */
  public MimeEntity decrypt(
      MimeEntity encryptedEntity, Collection<X509CertificateEx> decryptingCertificates) {
    if (decryptingCertificates == null || decryptingCertificates.size() == 0) {
      throw new IllegalArgumentException();
    }

    MimeEntity retEntity = null;
    try {
      if (LOGGER.isDebugEnabled()) {
        byte[] encryptedContent = encryptedEntity.getContentAsBytes();
        writePreDecrypt(encryptedContent);
      }

      SMIMEEnveloped m = new SMIMEEnveloped(encryptedEntity);

      X509CertificateEx decryptCert = decryptingCertificates.iterator().next();

      RecipientId recId = generateRecipientSelector(decryptCert);

      RecipientInformationStore recipients = m.getRecipientInfos();
      RecipientInformation recipient = recipients.get(recId);

      byte[] decryptedPayload =
          recipient.getContent(decryptCert.getPrivateKey(), CryptoExtensions.getJCEProviderName());

      if (LOGGER.isDebugEnabled()) {
        writePostDecrypt(decryptedPayload);
      }

      ByteArrayInputStream inStream = new ByteArrayInputStream(decryptedPayload);

      retEntity = new MimeEntity(inStream);

    } catch (MessagingException e) {
      throw new MimeException(MimeError.InvalidMimeEntity, e);
    } catch (Exception e) {
      throw new MimeException(MimeError.Unexpected, e);
    }

    return retEntity;
  }