rename packages
This commit is contained in:
parent
f60f53a70f
commit
a1245cf4ae
5 changed files with 158 additions and 122 deletions
15
pom.xml
15
pom.xml
|
|
@ -44,11 +44,16 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcmail-jdk16</artifactId>
|
||||
<version>1.46</version>
|
||||
<artifactId>bcmail-jdk15on</artifactId>
|
||||
<version>1.50</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.mail</groupId>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcprov-jdk15on</artifactId>
|
||||
<version>1.50</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.mail</groupId>
|
||||
<artifactId>mail</artifactId>
|
||||
<version>1.4.4</version>
|
||||
<scope>compile</scope>
|
||||
|
|
@ -62,8 +67,8 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|||
<artifactId>maven-compiler-plugin</artifactId>
|
||||
<version>2.3.2</version>
|
||||
<configuration>
|
||||
<source>1.6</source>
|
||||
<target>1.6</target>
|
||||
<source>1.7</source>
|
||||
<target>1.7</target>
|
||||
<showDeprecation>false</showDeprecation>
|
||||
|
||||
<!--<encoding>UTF-8</encoding>-->
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2011 Jan Dittberner
|
||||
* Copyright (c) 2011-2014 Jan Dittberner
|
||||
*
|
||||
* Permission is hereby granted, free of charge, to any person obtaining
|
||||
* a copy of this software and associated documentation files (the
|
||||
|
|
@ -20,17 +20,7 @@
|
|||
* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
||||
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
*/
|
||||
package de.communardo.jdi.bcsmime_demo;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.security.KeyStore;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Enumeration;
|
||||
|
||||
import javax.mail.MessagingException;
|
||||
import javax.mail.Session;
|
||||
import javax.mail.internet.MimeMessage;
|
||||
package info.dittberner.bcsmime_demo;
|
||||
|
||||
import org.bouncycastle.cms.RecipientInformation;
|
||||
import org.bouncycastle.cms.RecipientInformationStore;
|
||||
|
|
@ -38,6 +28,14 @@ import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
|
|||
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId;
|
||||
import org.bouncycastle.mail.smime.SMIMEEnveloped;
|
||||
|
||||
import javax.mail.Session;
|
||||
import javax.mail.internet.MimeMessage;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.security.KeyStore;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Enumeration;
|
||||
|
||||
/**
|
||||
* S/MIME encryption using the new BouncyCastle 1.46 APIs.
|
||||
*
|
||||
|
|
@ -66,7 +64,7 @@ public class SMIMEDecrypt {
|
|||
* if an error occurs
|
||||
*/
|
||||
public MimeMessage decryptMessage(MimeMessage encrypted)
|
||||
throws MessagingException, Exception {
|
||||
throws Exception {
|
||||
SMIMEEnveloped message = new SMIMEEnveloped(encrypted);
|
||||
|
||||
RecipientInformationStore recinfos = message.getRecipientInfos();
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2011 Jan Dittberner
|
||||
* Copyright (c) 2011-2014 Jan Dittberner
|
||||
*
|
||||
* Permission is hereby granted, free of charge, to any person obtaining
|
||||
* a copy of this software and associated documentation files (the
|
||||
|
|
@ -20,32 +20,28 @@
|
|||
* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
||||
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
*/
|
||||
package de.communardo.jdi.bcsmime_demo;
|
||||
package info.dittberner.bcsmime_demo;
|
||||
|
||||
import java.security.KeyStore;
|
||||
import java.security.cert.CertStore;
|
||||
import java.security.cert.CertStoreParameters;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.CollectionCertStoreParameters;
|
||||
import java.security.cert.X509CertSelector;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Enumeration;
|
||||
import java.util.List;
|
||||
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
|
||||
import org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
|
||||
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
|
||||
import org.bouncycastle.asn1.x509.GeneralName;
|
||||
import org.bouncycastle.cms.CMSAlgorithm;
|
||||
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
|
||||
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
|
||||
import org.bouncycastle.mail.smime.SMIMEEnvelopedGenerator;
|
||||
import org.bouncycastle.operator.OutputEncryptor;
|
||||
|
||||
import javax.mail.Address;
|
||||
import javax.mail.internet.InternetAddress;
|
||||
import javax.mail.internet.MimeBodyPart;
|
||||
import javax.mail.internet.MimeMessage;
|
||||
|
||||
import org.bouncycastle.asn1.x509.GeneralName;
|
||||
import org.bouncycastle.cms.CMSAlgorithm;
|
||||
import org.bouncycastle.cms.RecipientInfoGenerator;
|
||||
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
|
||||
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
|
||||
import org.bouncycastle.mail.smime.SMIMEEnvelopedGenerator;
|
||||
import org.bouncycastle.operator.OutputEncryptor;
|
||||
import java.security.KeyStore;
|
||||
import java.security.cert.*;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Enumeration;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* S/MIME encryption using the new BouncyCastle 1.46 APIs.
|
||||
|
|
@ -57,12 +53,11 @@ public class SMIMEEncrypt {
|
|||
|
||||
/**
|
||||
* Creates a new SMIMEEncrypt instance.
|
||||
*
|
||||
* @param keystore
|
||||
* key store to use for recipient certificates
|
||||
*
|
||||
* @param keystore key store to use for recipient certificates
|
||||
*/
|
||||
public SMIMEEncrypt(KeyStore keystore) {
|
||||
List<Certificate> certificates = new ArrayList<Certificate>();
|
||||
List<Certificate> certificates = new ArrayList<>();
|
||||
|
||||
try {
|
||||
Enumeration<String> aliases = keystore.aliases();
|
||||
|
|
@ -85,19 +80,19 @@ public class SMIMEEncrypt {
|
|||
/**
|
||||
* Encrypts a MimeMessage to all its recipients.
|
||||
*
|
||||
* @param message
|
||||
* MIME message to encrypt
|
||||
* @param message MIME message to encrypt
|
||||
* @return encrypted S/MIME message
|
||||
* @throws Exception
|
||||
* if an error occurs
|
||||
* @throws Exception if an error occurs
|
||||
*/
|
||||
public MimeMessage encryptMessage(MimeMessage message) throws Exception {
|
||||
SMIMEEnvelopedGenerator smeg = new SMIMEEnvelopedGenerator();
|
||||
for (Address recipient : message.getAllRecipients()) {
|
||||
Collection<? extends Certificate> certificates = getCertificates((InternetAddress) recipient);
|
||||
for (Certificate cert : certificates) {
|
||||
RecipientInfoGenerator recipientInfoGen = new JceKeyTransRecipientInfoGenerator(
|
||||
(X509Certificate) cert);
|
||||
RSAESOAEPparams params = new RSAESOAEPparams();
|
||||
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, params);
|
||||
JceKeyTransRecipientInfoGenerator recipientInfoGen = new JceKeyTransRecipientInfoGenerator((X509Certificate) cert, algorithmIdentifier);
|
||||
recipientInfoGen.setAlgorithmMapping(PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA/OAEP");
|
||||
smeg.addRecipientInfoGenerator(recipientInfoGen);
|
||||
}
|
||||
}
|
||||
|
|
@ -113,12 +108,10 @@ public class SMIMEEncrypt {
|
|||
|
||||
/**
|
||||
* Helper method for getting certificates from a keystore.
|
||||
*
|
||||
* @param recipient
|
||||
* recipient address
|
||||
*
|
||||
* @param recipient recipient address
|
||||
* @return X.509 certificate for recipient
|
||||
* @throws Exception
|
||||
* if an error occurs
|
||||
* @throws Exception if an error occurs
|
||||
*/
|
||||
private Collection<? extends Certificate> getCertificates(
|
||||
InternetAddress recipient) throws Exception {
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
package info.dittberner.jcajceprovidertest.sectest;
|
||||
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
|
||||
import java.security.Provider;
|
||||
import java.security.Security;
|
||||
|
||||
/**
|
||||
* Utility to list all available Security providers and their implemented algorithm names.
|
||||
*
|
||||
* @author Jan Dittberner <<a href="mailto:jan@dittberner.info>jan@dittberner.info</a>>
|
||||
*/
|
||||
public class ListAlgorithmNames {
|
||||
public static void main(String[] args) {
|
||||
if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
}
|
||||
|
||||
for (Provider provider : Security.getProviders()) {
|
||||
System.out.println("Provider: " + provider.getName());
|
||||
for (Provider.Service service : provider.getServices()) {
|
||||
System.out.println(" Algorithm: " + service.getAlgorithm());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
|
@ -20,8 +20,30 @@
|
|||
* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
||||
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
*/
|
||||
package de.communardo.jdi.bcsmime_demo;
|
||||
package info.dittberner.bcsmime_demo;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
import org.bouncycastle.asn1.x500.X500Name;
|
||||
import org.bouncycastle.asn1.x509.*;
|
||||
import org.bouncycastle.cert.CertIOException;
|
||||
import org.bouncycastle.cert.X509CertificateHolder;
|
||||
import org.bouncycastle.cert.X509v3CertificateBuilder;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.operator.ContentSigner;
|
||||
import org.bouncycastle.operator.OperatorCreationException;
|
||||
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
|
||||
|
||||
import javax.mail.BodyPart;
|
||||
import javax.mail.Message.RecipientType;
|
||||
import javax.mail.MessagingException;
|
||||
import javax.mail.Multipart;
|
||||
import javax.mail.Session;
|
||||
import javax.mail.internet.InternetAddress;
|
||||
import javax.mail.internet.MimeBodyPart;
|
||||
import javax.mail.internet.MimeMessage;
|
||||
import javax.mail.internet.MimeMultipart;
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
import java.security.KeyPair;
|
||||
|
|
@ -29,49 +51,63 @@ import java.security.KeyPairGenerator;
|
|||
import java.security.KeyStore;
|
||||
import java.security.Security;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.util.Date;
|
||||
|
||||
import javax.mail.BodyPart;
|
||||
import javax.mail.MessagingException;
|
||||
import javax.mail.Multipart;
|
||||
import javax.mail.Session;
|
||||
import javax.mail.Message.RecipientType;
|
||||
import javax.mail.internet.InternetAddress;
|
||||
import javax.mail.internet.MimeBodyPart;
|
||||
import javax.mail.internet.MimeMessage;
|
||||
import javax.mail.internet.MimeMultipart;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.bouncycastle.asn1.x500.X500Name;
|
||||
import org.bouncycastle.asn1.x509.BasicConstraints;
|
||||
import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
|
||||
import org.bouncycastle.asn1.x509.GeneralName;
|
||||
import org.bouncycastle.asn1.x509.GeneralNames;
|
||||
import org.bouncycastle.asn1.x509.KeyPurposeId;
|
||||
import org.bouncycastle.asn1.x509.KeyUsage;
|
||||
import org.bouncycastle.asn1.x509.X509Extension;
|
||||
import org.bouncycastle.cert.X509CertificateHolder;
|
||||
import org.bouncycastle.cert.X509v3CertificateBuilder;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.operator.ContentSigner;
|
||||
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
|
||||
|
||||
/**
|
||||
* Test Encryption and Decryption.
|
||||
*
|
||||
*
|
||||
* @author Jan Dittberner <<a href=
|
||||
* "mailto:jan.dittberner@t-systems.com>jan.dittberner@t-systems.com</a>
|
||||
* & g t ;
|
||||
*/
|
||||
public class EncryptDecryptTest extends TestCase {
|
||||
String[][] testEntries = new String[][]{
|
||||
new String[]{"test1", "testrecpt1@example.org", "Test Recipient 1"},
|
||||
new String[]{"test2", "testrecpt2@example.org", "Test Recipient 2"}
|
||||
};
|
||||
private KeyStore keystore;
|
||||
|
||||
private class KeyEntryData {
|
||||
private final X509CertificateHolder certificateHolder;
|
||||
KeyPair keyPair;
|
||||
|
||||
private KeyEntryData(KeyPairGenerator kpg, String address) throws CertIOException, OperatorCreationException {
|
||||
this.keyPair = kpg.generateKeyPair();
|
||||
|
||||
X500Name issuer = new X500Name(
|
||||
String.format("CN=Test Recipient,emailAddress=%s", address));
|
||||
//noinspection UnnecessaryLocalVariable
|
||||
X500Name subject = issuer;
|
||||
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(
|
||||
issuer, BigInteger.valueOf(System.currentTimeMillis()),
|
||||
new Date(System.currentTimeMillis() - 50000), new Date(
|
||||
System.currentTimeMillis() + 50000), subject,
|
||||
keyPair.getPublic());
|
||||
certificateBuilder.addExtension(Extension.basicConstraints, true,
|
||||
new BasicConstraints(true));
|
||||
certificateBuilder.addExtension(Extension.keyUsage, true,
|
||||
new KeyUsage(KeyUsage.digitalSignature
|
||||
| KeyUsage.keyEncipherment));
|
||||
certificateBuilder.addExtension(Extension.extendedKeyUsage, true,
|
||||
new ExtendedKeyUsage(KeyPurposeId.id_kp_emailProtection));
|
||||
certificateBuilder.addExtension(Extension.subjectAlternativeName,
|
||||
false, new GeneralNames(new GeneralName(
|
||||
GeneralName.rfc822Name, address)));
|
||||
|
||||
ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSA")
|
||||
.build(keyPair.getPrivate());
|
||||
this.certificateHolder = certificateBuilder.build(signer);
|
||||
}
|
||||
|
||||
private Certificate getCertificate() throws CertificateException, CertIOException, OperatorCreationException {
|
||||
return (new JcaX509CertificateConverter()).getCertificate(certificateHolder);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*
|
||||
*
|
||||
* @see junit.framework.TestCase#setUp()
|
||||
*/
|
||||
@Override
|
||||
|
|
@ -86,35 +122,12 @@ public class EncryptDecryptTest extends TestCase {
|
|||
|
||||
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
|
||||
kpg.initialize(2048);
|
||||
KeyPair keypair = kpg.generateKeyPair();
|
||||
|
||||
X500Name issuer = new X500Name(
|
||||
"CN=Test Recipient,emailAddress=testrecpt@example.org");
|
||||
X500Name subject = issuer;
|
||||
X509v3CertificateBuilder certbuilder = new JcaX509v3CertificateBuilder(
|
||||
issuer, BigInteger.valueOf(System.currentTimeMillis()),
|
||||
new Date(System.currentTimeMillis() - 50000), new Date(
|
||||
System.currentTimeMillis() + 50000), subject,
|
||||
keypair.getPublic());
|
||||
certbuilder.addExtension(X509Extension.basicConstraints, true,
|
||||
new BasicConstraints(true));
|
||||
certbuilder.addExtension(X509Extension.keyUsage, true,
|
||||
new KeyUsage(KeyUsage.digitalSignature
|
||||
| KeyUsage.keyEncipherment));
|
||||
certbuilder.addExtension(X509Extension.extendedKeyUsage, true,
|
||||
new ExtendedKeyUsage(KeyPurposeId.id_kp_emailProtection));
|
||||
certbuilder.addExtension(X509Extension.subjectAlternativeName,
|
||||
false, new GeneralNames(new GeneralName(
|
||||
GeneralName.rfc822Name, "testrecpt@example.org")));
|
||||
for (String[] entry : testEntries) {
|
||||
KeyEntryData keyEntryData = new KeyEntryData(kpg, entry[1]);
|
||||
keystore.setKeyEntry(entry[0], keyEntryData.keyPair.getPrivate(), "changeit".toCharArray(), new Certificate[]{keyEntryData.getCertificate()});
|
||||
}
|
||||
|
||||
ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSA")
|
||||
.build(keypair.getPrivate());
|
||||
X509CertificateHolder certholder = certbuilder.build(signer);
|
||||
|
||||
keystore.setKeyEntry("test", keypair.getPrivate(), "changeit"
|
||||
.toCharArray(),
|
||||
new Certificate[] { (new JcaX509CertificateConverter())
|
||||
.getCertificate(certholder) });
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -137,11 +150,10 @@ public class EncryptDecryptTest extends TestCase {
|
|||
}
|
||||
|
||||
/**
|
||||
* Creates a new MimeMessage with one Bodypart.
|
||||
*
|
||||
* Creates a new MimeMessage with one body part.
|
||||
*
|
||||
* @return MimeMessage instance
|
||||
* @throws MessagingException
|
||||
* on error creating the message
|
||||
* @throws MessagingException on error creating the message
|
||||
*/
|
||||
private MimeMessage getNewMultipartMessage() throws MessagingException,
|
||||
IOException {
|
||||
|
|
@ -149,14 +161,15 @@ public class EncryptDecryptTest extends TestCase {
|
|||
.getProperties()));
|
||||
message.setFrom(new InternetAddress("testsender@example.org",
|
||||
"Test Sender"));
|
||||
message.addRecipient(RecipientType.TO, new InternetAddress(
|
||||
"testrecpt@example.org", "Test Recipient"));
|
||||
for (String[] entry : testEntries) {
|
||||
message.addRecipient(RecipientType.TO, new InternetAddress(entry[1], entry[2]));
|
||||
}
|
||||
message.setSubject("Test subject");
|
||||
Multipart multipart = new MimeMultipart();
|
||||
BodyPart textpart = new MimeBodyPart();
|
||||
textpart.setText("Das ist ein Text");
|
||||
multipart.addBodyPart(textpart);
|
||||
BodyPart textPart = new MimeBodyPart();
|
||||
textPart.setText("Das ist ein Text");
|
||||
multipart.addBodyPart(textPart);
|
||||
message.setContent(multipart);
|
||||
return message;
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue