Package org.bouncycastle.cms

Examples of org.bouncycastle.cms.CMSEnvelopedDataGenerator


        final CMSProcessable msg = new CMSProcessableByteArray(resp);
        final CMSSignedData s = gen1.generate(msg, true, "BC");
        resp = s.getEncoded();
      }
      if ((serviceReq.getMode() & CmsCAServiceRequest.MODE_ENCRYPT) != 0) {
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
        edGen.addKeyTransRecipient(getCMSCertificate());
        CMSEnvelopedData ed = edGen.generate(new CMSProcessableByteArray(resp),CMSEnvelopedDataGenerator.DES_EDE3_CBC,"BC");
        resp = ed.getEncoded();
      }
      if ((serviceReq.getMode() & CmsCAServiceRequest.MODE_DECRYPT) != 0) {
        CMSEnvelopedData ed = new CMSEnvelopedData(resp);
        RecipientInformationStore  recipients = ed.getRecipientInfos();
View Full Code Here


            CMSProcessable msg;
            // Create encrypted response if this is success and NOT a CRL response message
            if (status.equals(ResponseStatus.SUCCESS)) {

                CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
                // Add the issued certificate to the signed portion of the CMS (as signer, degenerate case)
                ArrayList certList = new ArrayList();
                if (crl != null) {
                    log.debug("Adding CRL to response message (inner signer)");
                    certList.add(crl);
                } else if (cert != null) {
                    log.debug("Adding certificates to response message");
                    certList.add(cert);
                    // Add the CA cert, it's optional but Cisco VPN client complains if it isn't there
                    if (includeCACert) {
                      if (caCert != null) {
                        // If we have an explicit CAcertificate
                        log.debug("Including explicitly set CA certificate in SCEP response.");
                        certList.add(caCert);
                      } else {
                        // If we don't have an explicit caCert, we think that the signCert is the CA cert
                        // If we have an explicit caCert, the signCert is probably the RA certificate, and we don't include that one
                        log.debug("Including message signer certificate in SCEP response.");
                        certList.add(signCert);
                      }
                    }
                }
                CertStore certs = CertStore.getInstance("Collection",
                        new CollectionCertStoreParameters(certList), "BC");

                // Create the signed CMS message to be contained inside the envelope
                // this message does not contain any message, and no signerInfo
                CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
                gen.addCertificatesAndCRLs(certs);
                CMSSignedData s = gen.generate(null, false, "BC");

                // Envelope the CMS message
                if (recipientKeyInfo != null) {
                    try {
                        X509Certificate rec = (X509Certificate)CertTools.getCertfromByteArray(recipientKeyInfo);
                        log.debug("Added recipient information - issuer: '" + CertTools.getIssuerDN(rec) + "', serno: '" + CertTools.getSerialNumberAsString(rec));
                        edGen.addKeyTransRecipient(rec);
                    } catch (CertificateException e) {
                        throw new IOException("Can not decode recipients self signed certificate!");
                    }
                } else {
                    edGen.addKeyTransRecipient((X509Certificate) cert);
                }
                CMSEnvelopedData ed = edGen.generate(new CMSProcessableByteArray(s.getEncoded()),
                        SMIMECapability.dES_CBC.getId(), "BC");

                log.debug("Enveloped data is " + ed.getEncoded().length + " bytes long");
                msg = new CMSProcessableByteArray(ed.getEncoded());
            } else {
View Full Code Here

   * @return encrypted byte[]
   * @throws IOException
   */
  public static byte[] encryptData(X509Certificate encCert, byte[] data) throws IOException{

        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();                             
      
      CMSEnvelopedData ed;
    try {
      edGen.addKeyTransRecipient(encCert);
      ed = edGen.generate(
          new CMSProcessableByteArray(data),encAlg,provider);
    } catch (Exception e) {
            log.error("Error Encryotin Keys:: ", e);
            throw new IOException(e.getMessage());       
    }
View Full Code Here

        byte[] msg = wrap(seq.getEncoded(), "20");
        return msg;       
    }
   
    private CMSEnvelopedData envelope(CMSProcessable envThis) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
        // Envelope the CMS message
        edGen.addKeyTransRecipient(cacert);
        CMSEnvelopedData ed = edGen.generate(envThis, SMIMECapability.dES_CBC.getId(), "BC");
        return ed;
    }
View Full Code Here

      ObjectOutputStream os = new ObjectOutputStream(baos);
      os.writeObject(keypair);         
     
      CryptoProviderTools.installBCProviderIfNotAvailable();
       
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();                             
      
      CMSEnvelopedData ed;
    try {
      edGen.addKeyTransRecipient( this.getCAToken().getPublicKey(SecConst.CAKEYPURPOSE_KEYENCRYPT), this.keyId);
      ed = edGen.generate(
          new CMSProcessableByteArray(baos.toByteArray()), CMSEnvelopedDataGenerator.AES256_CBC,"BC");
    } catch (Exception e) {
            log.error("-encryptKeys: ", e);
            throw new IOException(e.getMessage());       
    }
View Full Code Here

      return recdata; 
  }

  public byte[] encryptData(byte[] data, int keyPurpose) throws Exception {
      CryptoProviderTools.installBCProviderIfNotAvailable();
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();                                    
      CMSEnvelopedData ed;
    try {
      edGen.addKeyTransRecipient( this.getCAToken().getPublicKey(keyPurpose), this.keyId);
      ed = edGen.generate(
          new CMSProcessableByteArray(data), CMSEnvelopedDataGenerator.AES256_CBC,"BC");
    } catch (Exception e) {
            log.error("-encryptKeys: ", e);
            throw new IOException(e.getMessage());       
    }       
View Full Code Here

        byte[] msg = wrap(seq.getEncoded(), "20", transactionId);
        return msg;       
    }
   
    private CMSEnvelopedData envelope(CMSProcessable envThis) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
        // Envelope the CMS message
        edGen.addKeyTransRecipient(cacert);
        CMSEnvelopedData ed = edGen.generate(envThis, SMIMECapability.dES_CBC.getId(), "BC");
        return ed;
    }
View Full Code Here

   *             if there are any problems encoding the message.
   */
  public CMSEnvelopedData encode(byte[] messageData)
      throws MessageEncodingException {
    LOGGER.debug("Encoding pkcsPkiEnvelope");
    CMSEnvelopedDataGenerator edGenerator = new CMSEnvelopedDataGenerator();
    CMSTypedData envelopable = new CMSProcessableByteArray(messageData);
    RecipientInfoGenerator recipientGenerator;
    try {
      recipientGenerator = new JceKeyTransRecipientInfoGenerator(
          recipient);
    } catch (CertificateEncodingException e) {
      throw new MessageEncodingException(e);
    }
    edGenerator.addRecipientInfoGenerator(recipientGenerator);
    LOGGER.debug(
        "Encrypting pkcsPkiEnvelope using key belonging to [issuer={}; serial={}]",
        recipient.getIssuerDN(), recipient.getSerialNumber());

    OutputEncryptor encryptor;
    try {
      encryptor = getEncryptor();
    } catch (CMSException e) {
      throw new MessageEncodingException(e);
    }
    try {
      CMSEnvelopedData pkcsPkiEnvelope = edGenerator.generate(
          envelopable, encryptor);

      LOGGER.debug("Finished encoding pkcsPkiEnvelope");
      return pkcsPkiEnvelope;
    } catch (CMSException e) {
View Full Code Here

    private void testKeyTrans(String algorithm)
        throws Exception
    {
        byte[]          data     = "WallaWallaWashington".getBytes();

        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();

        edGen.addKeyTransRecipient(keyCert);

        CMSEnvelopedData ed = edGen.generate(
                                new CMSProcessableByteArray(data),
                                algorithm, "SunJCE");

        RecipientInformationStore recipients = ed.getRecipientInfos();
View Full Code Here

    public void testKeyTrans()
        throws Exception
    {
        byte[]          data     = "WallaWallaWashington".getBytes();

        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();

        edGen.addKeyTransRecipient(_reciCert);

        CMSEnvelopedData ed = edGen.generate(
                                new CMSProcessableByteArray(data),
                                CMSEnvelopedDataGenerator.DES_EDE3_CBC, "BC");

        RecipientInformationStore  recipients = ed.getRecipientInfos();
View Full Code Here

TOP

Related Classes of org.bouncycastle.cms.CMSEnvelopedDataGenerator

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.