org.bouncycastle.asn1.smime.SMIMECapability Java Exaples

Source File: X509Ext.java From portecle with GNU General Public License v2.0

5 votes

/**
 * Get S/MIME capabilities (1.2.840.113549.1.9.15) extension value as a string.
 *
 * <pre>
 * SMIMECapability ::= SEQUENCE {
 *   capabilityID OBJECT IDENTIFIER,
 *   parameters ANY DEFINED BY capabilityID OPTIONAL }
 * SMIMECapabilities ::= SEQUENCE OF SMIMECapability
 * </pre>
 *
 * @see <a href="https://tools.ietf.org/html/rfc2633">RFC 2633</a>
 * @param bValue The octet string value
 * @return Extension value as a string
 * @throws IOException If an I/O problem occurs
 */
private String getSmimeCapabilitiesStringValue(byte[] bValue)
    throws IOException
{
	SMIMECapabilities caps = SMIMECapabilities.getInstance(ASN1Primitive.fromByteArray(bValue));

	String sParams = RB.getString("SmimeParameters");

	StringBuilder sb = new StringBuilder();

	for (Object o : caps.getCapabilities(null))
	{

		SMIMECapability cap = (SMIMECapability) o;

		String sCapId = cap.getCapabilityID().getId();
		String sCap = getRes(sCapId, "UnrecognisedSmimeCapability");

		if (sb.length() != 0)
		{
			sb.append("<br>");
		}
		sb.append("<ul><li>");
		sb.append(MessageFormat.format(sCap, sCapId));

		ASN1Encodable params;
		if ((params = cap.getParameters()) != null)
		{
			sb.append("<ul><li>");
			sb.append(sParams);
			sb.append(": ");
			sb.append(stringify(params));
			sb.append("</li></ul>");
		}

		sb.append("</li></ul>");
	}

	return sb.toString();
}

Source File: SMimePackageEncryptor.java From ats-framework with Apache License 2.0

4 votes

@PublicAtsApi
public Package sign( Package sourcePackage ) throws ActionException {

    try {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }

        KeyStore ks = getKeystore();
        // TODO wrap exception with possible causes and add some hint
        PrivateKey privateKey = (PrivateKey) ks.getKey(aliasOrCN, certPassword.toCharArray());

        // Get whole certificate chain
        Certificate[] certArr = ks.getCertificateChain(aliasOrCN);
        // Pre 4.0.6 behavior was not to attach full cert. chain X509Certificate cer = (X509Certificate) ks.getCertificate(aliasOrCN);
        if (certArr.length >= 1) {
            LOG.debug("Found certificate of alias: " + aliasOrCN + ". Lenght of cert chain: " + certArr.length
                      + ", child cert:" + certArr[0].toString());
        }

        X509Certificate childCert = (X509Certificate) certArr[0];

        /* Create the SMIMESignedGenerator */
        ASN1EncodableVector attributes = new ASN1EncodableVector();
        attributes.add(new SMIMEEncryptionKeyPreferenceAttribute(
                                                                 new IssuerAndSerialNumber(new X500Name(childCert.getIssuerDN()
                                                                                                                 .getName()),
                                                                                           childCert.getSerialNumber())));

        SMIMECapabilityVector capabilities = new SMIMECapabilityVector();
        capabilities.addCapability(SMIMECapability.aES128_CBC);
        capabilities.addCapability(SMIMECapability.dES_EDE3_CBC);
        capabilities.addCapability(SMIMECapability.rC2_CBC, 128);
        capabilities.addCapability(SMIMECapability.dES_CBC);

        attributes.add(new SMIMECapabilitiesAttribute(capabilities));

        if (signatureAlgorithm == null) { // not specified explicitly 
            // TODO check defaults to be used
            signatureAlgorithm = SignatureAlgorithm.DSA.equals(privateKey.getAlgorithm())
                                                                                          ? "SHA1withDSA"
                                                                                          : "MD5withRSA";
        }

        SMIMESignedGenerator signer = new SMIMESignedGenerator();
        JcaSimpleSignerInfoGeneratorBuilder signerGeneratorBuilder = new JcaSimpleSignerInfoGeneratorBuilder();
        signerGeneratorBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);
        signerGeneratorBuilder.setSignedAttributeGenerator(new AttributeTable(attributes));
        signer.addSignerInfoGenerator(signerGeneratorBuilder.build(signatureAlgorithm, privateKey,
                                                                   childCert));

        /* Add the list of certs to the generator */
        List<X509Certificate> certList = new ArrayList<X509Certificate>();
        for (int i = 0; i < certArr.length; i++) { // first add child cert, and CAs
            certList.add((X509Certificate) certArr[i]);
        }

        Store<?> certs = new JcaCertStore(certList);
        signer.addCertificates(certs);

        /* Sign the message */
        Session session = Session.getDefaultInstance(System.getProperties(), null);

        MimeMultipart mm = signer.generate(getMimeMessage(sourcePackage));
        MimeMessage signedMessage = new MimeMessage(session);

        /* Set all original MIME headers in the signed message */
        Enumeration<?> headers = getMimeMessage(sourcePackage).getAllHeaderLines();
        while (headers.hasMoreElements()) {
            signedMessage.addHeaderLine((String) headers.nextElement());
        }

        /* Set the content of the signed message */
        signedMessage.setContent(mm);
        signedMessage.saveChanges();

        return new MimePackage(signedMessage);
    } catch (Exception e) {
        throw new ActionException(EXCEPTION_WHILE_SIGNING, e);
    }
}

Source File: X509Ext.java From keystore-explorer with GNU General Public License v3.0

4 votes

private String getSMIMECapabilitiesStringValue(byte[] octets) throws IOException {

		// @formatter:off

		/*
			SMIMECapabilities ::= SEQUENCE OF SMIMECapability

			SMIMECapability ::= SEQUENCE
			{
				capabilityID OBJECT IDENTIFIER,
				parameters ANY DEFINED BY capabilityID OPTIONAL
			}
		 */

		// @formatter:on

		StringBuilder sb = new StringBuilder();

		int capabilityNr = 0;

		ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(octets);
		for (ASN1Encodable asn1Encodable : asn1Sequence.toArray()) {
			SMIMECapability capability = SMIMECapability.getInstance(asn1Encodable);
			ASN1ObjectIdentifier oid = capability.getCapabilityID();
			ASN1Encodable parameters = capability.getParameters();

			sb.append(MessageFormat.format(res.getString("SMIMECapability"), ++capabilityNr));
			sb.append(NEWLINE);

			sb.append(INDENT);
			sb.append(MessageFormat.format(res.getString("SMIMECapability.ObjectID"), ObjectIdUtil.toString(oid)));
			sb.append(NEWLINE);

			if (parameters != null) {
				sb.append(INDENT);
				sb.append(MessageFormat.format(res.getString("SMIMECapability.Parameter"),
						HexUtil.getHexString(parameters.toASN1Primitive().getEncoded())));
				sb.append(NEWLINE);
			}
		}

		return sb.toString();
	}

org.bouncycastle.asn1.smime.SMIMECapability Java Examples