blob: 6ef42d9de2208e11670212180ad599b2d1731b79 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
package org.bouncycastle.mail.smime.examples;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Properties;
import javax.mail.Address;
import javax.mail.Message;
import javax.mail.Session;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.mail.smime.SMIMEEnvelopedGenerator;
/**
* a simple example that creates a single encrypted mail message.
* <p>
* The key store can be created using the class in
* org.bouncycastle.jce.examples.PKCS12Example - the program expects only one
* key to be present in the key file.
* <p>
* Note: while this means that both the private key is available to
* the program, the private key is retrieved from the keystore only for
* the purposes of locating the corresponding public key, in normal circumstances
* you would only be doing this with a certificate available.
*/
public class CreateEncryptedMail
{
public static void main(
String args[])
throws Exception
{
if (args.length != 2)
{
System.err.println("usage: CreateEncryptedMail pkcs12Keystore password");
System.exit(0);
}
if (Security.getProvider("BC") == null)
{
Security.addProvider(new BouncyCastleProvider());
}
//
// Open the key store
//
KeyStore ks = KeyStore.getInstance("PKCS12", "BC");
ks.load(new FileInputStream(args[0]), args[1].toCharArray());
Enumeration e = ks.aliases();
String keyAlias = null;
while (e.hasMoreElements())
{
String alias = (String)e.nextElement();
if (ks.isKeyEntry(alias))
{
keyAlias = alias;
}
}
if (keyAlias == null)
{
System.err.println("can't find a private key!");
System.exit(0);
}
Certificate[] chain = ks.getCertificateChain(keyAlias);
//
// create the generator for creating an smime/encrypted message
//
SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator();
gen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator((X509Certificate)chain[0]).setProvider("BC"));
//
// create a subject key id - this has to be done the same way as
// it is done in the certificate associated with the private key
// version 3 only.
//
/*
MessageDigest dig = MessageDigest.getInstance("SHA1", "BC");
dig.update(cert.getPublicKey().getEncoded());
gen.addKeyTransRecipient(cert.getPublicKey(), dig.digest());
*/
//
// create the base for our message
//
MimeBodyPart msg = new MimeBodyPart();
msg.setText("Hello world!");
MimeBodyPart mp = gen.generate(msg, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC).setProvider("BC").build());
//
// Get a Session object and create the mail message
//
Properties props = System.getProperties();
Session session = Session.getDefaultInstance(props, null);
Address fromUser = new InternetAddress("\"Eric H. Echidna\"<eric@bouncycastle.org>");
Address toUser = new InternetAddress("example@bouncycastle.org");
MimeMessage body = new MimeMessage(session);
body.setFrom(fromUser);
body.setRecipient(Message.RecipientType.TO, toUser);
body.setSubject("example encrypted message");
body.setContent(mp.getContent(), mp.getContentType());
body.saveChanges();
body.writeTo(new FileOutputStream("encrypted.message"));
}
}
|
