org.bouncycastle.mail.smime.SMIMESignedGenerator Java Examples
The following examples show how to use
org.bouncycastle.mail.smime.SMIMESignedGenerator.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SMIMEKeyHolder.java From james-project with Apache License 2.0 | 6 votes |
|
/**
* Creates an <CODE>SMIMESignedGenerator</CODE>. Includes a signer private key and certificate,
* and a pool of certs and cerls (if any) to go with the signature.
* @return The generated SMIMESignedGenerator.
*/
public SMIMESignedGenerator createGenerator() throws CertStoreException, SMIMEException, OperatorCreationException,
CertificateEncodingException {
// create the generator for creating an smime/signed message
SMIMESignedGenerator generator = new SMIMESignedGenerator();
// add a signer to the generator - this specifies we are using SHA1
// the encryption algorithm used is taken from the key
SignerInfoGenerator signerInfoGenerator = new JcaSimpleSignerInfoGeneratorBuilder()
.setProvider("BC")
.build("SHA1withRSA", privateKey, certificate);
generator.addSignerInfoGenerator(signerInfoGenerator);
// add our pool of certs and cerls (if any) to go with the signature
generator.addCertificates(jcaCertStore);
return generator;
}
Example #2
| Source File: SMIMEKeyHolder.java From james-project with Apache License 2.0 | 5 votes |
|
/**
* Generates a signed MimeMultipart from a MimeMessage.
* @param message The message to sign.
* @return The signed <CODE>MimeMultipart</CODE>.
*/
@Override
public MimeMultipart generate(MimeMessage message) throws CertStoreException, NoSuchAlgorithmException, NoSuchProviderException,
SMIMEException, OperatorCreationException, CertificateEncodingException {
// create the generator for creating an smime/signed MimeMultipart
SMIMESignedGenerator generator = createGenerator();
// do it
return generator.generate(message);
}
Example #3
| Source File: SMIMEKeyHolder.java From james-project with Apache License 2.0 | 5 votes |
|
/**
* Generates a signed MimeMultipart from a MimeBodyPart.
* @param content The content to sign.
* @return The signed <CODE>MimeMultipart</CODE>.
*/
@Override
public MimeMultipart generate(MimeBodyPart content) throws CertStoreException, NoSuchAlgorithmException, NoSuchProviderException,
SMIMEException, OperatorCreationException, CertificateEncodingException {
// create the generator for creating an smime/signed MimeMultipart
SMIMESignedGenerator generator = createGenerator();
// do it
return generator.generate(content);
}
Example #4
| Source File: SMimePackageEncryptor.java From ats-framework with Apache License 2.0 | 4 votes |
|
@PublicAtsApi
public Package sign( Package sourcePackage ) throws ActionException {
try {
if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
Security.addProvider(new BouncyCastleProvider());
}
KeyStore ks = getKeystore();
// TODO wrap exception with possible causes and add some hint
PrivateKey privateKey = (PrivateKey) ks.getKey(aliasOrCN, certPassword.toCharArray());
// Get whole certificate chain
Certificate[] certArr = ks.getCertificateChain(aliasOrCN);
// Pre 4.0.6 behavior was not to attach full cert. chain X509Certificate cer = (X509Certificate) ks.getCertificate(aliasOrCN);
if (certArr.length >= 1) {
LOG.debug("Found certificate of alias: " + aliasOrCN + ". Lenght of cert chain: " + certArr.length
+ ", child cert:" + certArr[0].toString());
}
X509Certificate childCert = (X509Certificate) certArr[0];
/* Create the SMIMESignedGenerator */
ASN1EncodableVector attributes = new ASN1EncodableVector();
attributes.add(new SMIMEEncryptionKeyPreferenceAttribute(
new IssuerAndSerialNumber(new X500Name(childCert.getIssuerDN()
.getName()),
childCert.getSerialNumber())));
SMIMECapabilityVector capabilities = new SMIMECapabilityVector();
capabilities.addCapability(SMIMECapability.aES128_CBC);
capabilities.addCapability(SMIMECapability.dES_EDE3_CBC);
capabilities.addCapability(SMIMECapability.rC2_CBC, 128);
capabilities.addCapability(SMIMECapability.dES_CBC);
attributes.add(new SMIMECapabilitiesAttribute(capabilities));
if (signatureAlgorithm == null) { // not specified explicitly
// TODO check defaults to be used
signatureAlgorithm = SignatureAlgorithm.DSA.equals(privateKey.getAlgorithm())
? "SHA1withDSA"
: "MD5withRSA";
}
SMIMESignedGenerator signer = new SMIMESignedGenerator();
JcaSimpleSignerInfoGeneratorBuilder signerGeneratorBuilder = new JcaSimpleSignerInfoGeneratorBuilder();
signerGeneratorBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);
signerGeneratorBuilder.setSignedAttributeGenerator(new AttributeTable(attributes));
signer.addSignerInfoGenerator(signerGeneratorBuilder.build(signatureAlgorithm, privateKey,
childCert));
/* Add the list of certs to the generator */
List<X509Certificate> certList = new ArrayList<X509Certificate>();
for (int i = 0; i < certArr.length; i++) { // first add child cert, and CAs
certList.add((X509Certificate) certArr[i]);
}
Store<?> certs = new JcaCertStore(certList);
signer.addCertificates(certs);
/* Sign the message */
Session session = Session.getDefaultInstance(System.getProperties(), null);
MimeMultipart mm = signer.generate(getMimeMessage(sourcePackage));
MimeMessage signedMessage = new MimeMessage(session);
/* Set all original MIME headers in the signed message */
Enumeration<?> headers = getMimeMessage(sourcePackage).getAllHeaderLines();
while (headers.hasMoreElements()) {
signedMessage.addHeaderLine((String) headers.nextElement());
}
/* Set the content of the signed message */
signedMessage.setContent(mm);
signedMessage.saveChanges();
return new MimePackage(signedMessage);
} catch (Exception e) {
throw new ActionException(EXCEPTION_WHILE_SIGNING, e);
}
}
Example #5
| Source File: BCCryptoHelper.java From OpenAs2App with BSD 2-Clause "Simplified" License | 4 votes |
|
protected String convertAlgorithm(String algorithm, boolean toBC) throws NoSuchAlgorithmException {
if (algorithm == null) {
throw new NoSuchAlgorithmException("Algorithm is null");
}
if (toBC) {
if (algorithm.toUpperCase().startsWith("SHA-")) {
algorithm = algorithm.replaceAll("-", "");
}
if (algorithm.equalsIgnoreCase(DIGEST_MD5)) {
return SMIMESignedGenerator.DIGEST_MD5;
} else if (algorithm.equalsIgnoreCase(DIGEST_SHA1)) {
return SMIMESignedGenerator.DIGEST_SHA1;
} else if (algorithm.equalsIgnoreCase(DIGEST_SHA224)) {
return SMIMESignedGenerator.DIGEST_SHA224;
} else if (algorithm.equalsIgnoreCase(DIGEST_SHA256)) {
return SMIMESignedGenerator.DIGEST_SHA256;
} else if (algorithm.equalsIgnoreCase(DIGEST_SHA384)) {
return SMIMESignedGenerator.DIGEST_SHA384;
} else if (algorithm.equalsIgnoreCase(DIGEST_SHA512)) {
return SMIMESignedGenerator.DIGEST_SHA512;
} else if (algorithm.equalsIgnoreCase(CRYPT_3DES)) {
return SMIMEEnvelopedGenerator.DES_EDE3_CBC;
} else if (algorithm.equalsIgnoreCase(CRYPT_CAST5)) {
return SMIMEEnvelopedGenerator.CAST5_CBC;
} else if (algorithm.equalsIgnoreCase(CRYPT_IDEA)) {
return SMIMEEnvelopedGenerator.IDEA_CBC;
} else if (algorithm.equalsIgnoreCase(CRYPT_RC2)) {
return SMIMEEnvelopedGenerator.RC2_CBC;
} else if (algorithm.equalsIgnoreCase(CRYPT_RC2_CBC)) {
return SMIMEEnvelopedGenerator.RC2_CBC;
} else if (algorithm.equalsIgnoreCase(AES256_CBC)) {
return SMIMEEnvelopedGenerator.AES256_CBC;
} else if (algorithm.equalsIgnoreCase(AES192_CBC)) {
return SMIMEEnvelopedGenerator.AES192_CBC;
} else if (algorithm.equalsIgnoreCase(AES128_CBC)) {
return SMIMEEnvelopedGenerator.AES128_CBC;
} else if (algorithm.equalsIgnoreCase(AES256_WRAP)) {
return SMIMEEnvelopedGenerator.AES256_WRAP;
} else {
throw new NoSuchAlgorithmException("Unsupported or invalid algorithm: " + algorithm);
}
}
if (algorithm.equalsIgnoreCase(SMIMESignedGenerator.DIGEST_MD5)) {
return DIGEST_MD5;
} else if (algorithm.equalsIgnoreCase(SMIMESignedGenerator.DIGEST_SHA1)) {
return DIGEST_SHA1;
} else if (algorithm.equalsIgnoreCase(SMIMESignedGenerator.DIGEST_SHA224)) {
return DIGEST_SHA224;
} else if (algorithm.equalsIgnoreCase(SMIMESignedGenerator.DIGEST_SHA256)) {
return DIGEST_SHA256;
} else if (algorithm.equalsIgnoreCase(SMIMESignedGenerator.DIGEST_SHA384)) {
return DIGEST_SHA384;
} else if (algorithm.equalsIgnoreCase(SMIMESignedGenerator.DIGEST_SHA512)) {
return DIGEST_SHA512;
} else if (algorithm.equalsIgnoreCase(SMIMEEnvelopedGenerator.CAST5_CBC)) {
return CRYPT_CAST5;
} else if (algorithm.equalsIgnoreCase(SMIMEEnvelopedGenerator.AES128_CBC)) {
return AES128_CBC;
} else if (algorithm.equalsIgnoreCase(SMIMEEnvelopedGenerator.AES192_CBC)) {
return AES192_CBC;
} else if (algorithm.equalsIgnoreCase(SMIMEEnvelopedGenerator.AES256_CBC)) {
return AES256_CBC;
} else if (algorithm.equalsIgnoreCase(SMIMEEnvelopedGenerator.AES256_WRAP)) {
return AES256_WRAP;
} else if (algorithm.equalsIgnoreCase(SMIMEEnvelopedGenerator.DES_EDE3_CBC)) {
return CRYPT_3DES;
} else if (algorithm.equalsIgnoreCase(SMIMEEnvelopedGenerator.IDEA_CBC)) {
return CRYPT_IDEA;
} else if (algorithm.equalsIgnoreCase(SMIMEEnvelopedGenerator.RC2_CBC)) {
return CRYPT_RC2;
} else {
throw new NoSuchAlgorithmException("Unknown algorithm: " + algorithm);
}
}
