org.bouncycastle.mail.smime.SMIMEEnveloped Java Examples

The following examples show how to use org.bouncycastle.mail.smime.SMIMEEnveloped. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: GetMailMessageService.java    From cs-actions with Apache License 2.0 6 votes vote down vote up
private MimeBodyPart decryptPart(MimeBodyPart part) throws Exception {

        SMIMEEnveloped smimeEnveloped = new SMIMEEnveloped(part);
        RecipientInformationStore recipients = smimeEnveloped.getRecipientInfos();
        RecipientInformation recipient = recipients.get(recId);

        if (null == recipient) {
            StringBuilder errorMessage = new StringBuilder();
            errorMessage.append("This email wasn't encrypted with \"" + recId.toString() + "\".\n");
            errorMessage.append(SecurityConstants.ENCRYPT_RECID);

            for (Object rec : recipients.getRecipients()) {
                if (rec instanceof RecipientInformation) {
                    RecipientId recipientId = ((RecipientInformation) rec).getRID();
                    errorMessage.append("\"" + recipientId.toString() + "\"\n");
                }
            }
            throw new Exception(errorMessage.toString());
        }

        return toMimeBodyPart(recipient.getContent(
                ks.getKey(input.getDecryptionKeyAlias(), null),
                SecurityConstants.BOUNCY_CASTLE_PROVIDER));
    }
 
Example #2
Source File: BCCryptoHelper.java    From OpenAs2App with BSD 2-Clause "Simplified" License 4 votes vote down vote up
public MimeBodyPart decrypt(MimeBodyPart part, Certificate cert, Key key) throws GeneralSecurityException, MessagingException, CMSException, IOException, SMIMEException {
    // Make sure the data is encrypted
    if (!isEncrypted(part)) {
        throw new GeneralSecurityException("Content-Type indicates data isn't encrypted");
    }

    // Cast parameters to what BC needs
    X509Certificate x509Cert = castCertificate(cert);

    // Parse the MIME body into an SMIME envelope object
    SMIMEEnveloped envelope = new SMIMEEnveloped(part);

    // Get the recipient object for decryption
    if (logger.isDebugEnabled()) {
        logger.debug("Extracted X500 info::  PRINCIPAL : " + x509Cert.getIssuerX500Principal() + " ::  NAME : " + x509Cert.getIssuerX500Principal().getName());
    }

    X500Name x500Name = new X500Name(x509Cert.getIssuerX500Principal().getName());
    KeyTransRecipientId certRecId = new KeyTransRecipientId(x500Name, x509Cert.getSerialNumber());
    RecipientInformationStore recipientInfoStore = envelope.getRecipientInfos();

    Collection<RecipientInformation> recipients = recipientInfoStore.getRecipients();

    if (recipients == null) {
        throw new GeneralSecurityException("Certificate recipients could not be extracted");
    }
    //RecipientInformation recipientInfo  = recipientInfoStore.get(recId);
    //Object recipient = null;        

    boolean foundRecipient = false;
    for (Iterator<RecipientInformation> iterator = recipients.iterator(); iterator.hasNext(); ) {
        RecipientInformation recipientInfo = iterator.next();
        //recipient = iterator.next();
        if (recipientInfo instanceof KeyTransRecipientInformation) {
            // X509CertificateHolder x509CertHolder = new X509CertificateHolder(x509Cert.getEncoded());

            //RecipientId rid = recipientInfo.getRID();
            if (certRecId.match(recipientInfo) && !foundRecipient) {
                foundRecipient = true;
                // byte[] decryptedData = recipientInfo.getContent(new JceKeyTransEnvelopedRecipient((PrivateKey)key).setProvider("BC"));
                byte[] decryptedData = recipientInfo.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(key.getEncoded()))));

                return SMIMEUtil.toMimeBodyPart(decryptedData);
            } else {
                if (logger.isDebugEnabled()) {
                    logger.debug("Failed match on recipient ID's:\n     RID from msg:" + recipientInfo.getRID().toString() + "    \n     RID from priv cert: " + certRecId.toString());
                }
            }
        }
    }
    throw new GeneralSecurityException("Matching certificate recipient could not be found");
}