Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import java.io.BufferedInputStream;
- import java.io.ByteArrayInputStream;
- import java.io.ByteArrayOutputStream;
- import java.io.FileInputStream;
- import java.io.FileOutputStream;
- import java.io.IOException;
- import java.security.KeyStore;
- import java.security.Principal;
- import java.security.PrivateKey;
- import java.security.Security;
- import java.security.cert.CertStore;
- import java.security.cert.Certificate;
- import java.security.cert.CertificateFactory;
- import java.security.cert.CollectionCertStoreParameters;
- import java.security.cert.X509Certificate;
- import java.util.ArrayList;
- import java.util.Enumeration;
- import java.util.List;
- import java.util.Properties;
- import javax.activation.CommandMap;
- import javax.activation.MailcapCommandMap;
- import javax.mail.Message;
- import javax.mail.Session;
- import javax.mail.Transport;
- import javax.mail.internet.InternetAddress;
- import javax.mail.internet.MimeBodyPart;
- import javax.mail.internet.MimeMessage;
- import javax.mail.internet.MimeMultipart;
- import org.bouncycastle.asn1.ASN1EncodableVector;
- import org.bouncycastle.asn1.ASN1Sequence;
- import org.bouncycastle.asn1.DEROutputStream;
- import org.bouncycastle.asn1.cms.AttributeTable;
- import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
- import org.bouncycastle.asn1.cms.PasswordRecipientInfo;
- import org.bouncycastle.asn1.cms.RecipientInfo;
- import org.bouncycastle.asn1.smime.SMIMECapabilitiesAttribute;
- import org.bouncycastle.asn1.smime.SMIMECapability;
- import org.bouncycastle.asn1.smime.SMIMECapabilityVector;
- import org.bouncycastle.asn1.smime.SMIMEEncryptionKeyPreferenceAttribute;
- import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
- import org.bouncycastle.asn1.x509.X509Name;
- import org.bouncycastle.cms.CMSEnvelopedGenerator;
- import org.bouncycastle.cms.CMSException;
- import org.bouncycastle.cms.RecipientInfoGenerator;
- import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
- import org.bouncycastle.jce.provider.BouncyCastleProvider;
- import org.bouncycastle.mail.smime.SMIMEEnvelopedGenerator;
- import org.bouncycastle.mail.smime.SMIMEException;
- import org.bouncycastle.mail.smime.SMIMESignedGenerator;
- import org.bouncycastle.operator.GenericKey;
- import org.bouncycastle.util.Strings;
- import oracle.security.crypto.smime.SmimeEnveloped;
- import usto.re.smime.utils.ConvertCertificates;
- /**
- * Example that sends a signed and encrypted mail message.
- */
- public class SendSignedAndEncryptedMail {
- private static RecipientInfoGenerator recipientInfoGen;
- @SuppressWarnings("deprecation")
- public static void main(String args[]) {
- // if (args.length != 5) {
- // System.err.println(
- // "usage: SendSignedAndEncryptedMail <pkcs12Keystore> <password>
- // <keyalias> <smtp server> <email address>");
- // System.exit(0);
- // }
- try {
- MailcapCommandMap mailcap = (MailcapCommandMap) CommandMap.getDefaultCommandMap();
- mailcap.addMailcap(
- "application/pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_signature");
- mailcap.addMailcap(
- "application/pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_mime");
- mailcap.addMailcap(
- "application/x-pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_signature");
- mailcap.addMailcap(
- "application/x-pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_mime");
- mailcap.addMailcap(
- "multipart/signed;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.multipart_signed");
- CommandMap.setDefaultCommandMap(mailcap);
- /* Add BC */
- Security.addProvider(new BouncyCastleProvider());
- /* Open the keystore */
- KeyStore keystore = KeyStore.getInstance("PKCS12", "BC");
- keystore.load(new FileInputStream("/home/daniel/Downloads/meucertificado.p12"), "mypass".toCharArray());
- String alias = "";
- Enumeration elem = keystore.aliases();
- X509Certificate c = null;
- while (elem.hasMoreElements()) {
- alias = (String) elem.nextElement();
- // System.out.println("alias:" + alias);
- // System.out.println(" >>> ");
- c = (X509Certificate) keystore.getCertificate(alias);
- Principal subject = c.getSubjectDN();
- String subjectArray[] = subject.toString().split(",");
- for (String s : subjectArray) {
- String[] str = s.trim().split("=");
- String key = str[0];
- String value = str[1];
- // System.out.println(key + " - " + value);
- }
- }
- Certificate[] chain = keystore.getCertificateChain(alias);
- /* Get the private key to sign the message with */
- PrivateKey privateKey = (PrivateKey) keystore.getKey(alias, "mypass".toCharArray());
- if (privateKey == null) {
- throw new Exception("cannot find private key for alias: " + alias);
- }
- /* Create the message to sign and encrypt */
- Properties props = System.getProperties();
- props.put("mail.smtp.host", "10.0.1.163");
- Session session = Session.getDefaultInstance(props, null);
- session.setDebug(true);
- MimeMessage body = new MimeMessage(session);
- body.setFrom(new InternetAddress("daniel@teste.re"));
- body.setRecipient(Message.RecipientType.TO, new InternetAddress("eudes@teste.re"));
- body.setSubject("example encrypted message");
- body.setContent("Mensagem ultramegapower criptografada", "text/plain");
- body.saveChanges();
- /* Create the SMIMESignedGenerator */
- SMIMECapabilityVector capabilities = new SMIMECapabilityVector();
- capabilities.addCapability(SMIMECapability.dES_EDE3_CBC);
- capabilities.addCapability(SMIMECapability.rC2_CBC, 128);
- capabilities.addCapability(SMIMECapability.dES_CBC);
- ASN1EncodableVector attributes = new ASN1EncodableVector();
- attributes.add(new SMIMEEncryptionKeyPreferenceAttribute(
- new IssuerAndSerialNumber(new X509Name(((X509Certificate) chain[0]).getIssuerDN().getName()),
- ((X509Certificate) chain[0]).getSerialNumber())));
- attributes.add(new SMIMECapabilitiesAttribute(capabilities));
- SMIMESignedGenerator signer = new SMIMESignedGenerator();
- signer.addSigner(privateKey,
- (X509Certificate) chain[0], "RSA".equals(privateKey.getAlgorithm())
- ? SMIMESignedGenerator.DIGEST_SHA1 : SMIMESignedGenerator.DIGEST_MD5,
- new AttributeTable(attributes), null);
- /* Add the list of certs to the generator */
- String path = "/home/daniel/Downloads/eudes@teste.re.p12";
- String pwd = "mypass";
- ConvertCertificates conv = new ConvertCertificates();
- conv.decryptCert(path, pwd);
- List certList = new ArrayList();
- certList.add(chain[0]);
- certList.add(conv.getCertificate());
- CertStore certs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC");
- signer.addCertificatesAndCRLs(certs);
- /* Sign the message */
- MimeMultipart mm = signer.generate(body, "BC");
- MimeMessage signedMessage = new MimeMessage(session);
- /* Set all original MIME headers in the signed message */
- Enumeration headers = body.getAllHeaderLines();
- while (headers.hasMoreElements()) {
- signedMessage.addHeaderLine((String) headers.nextElement());
- }
- /* Set the content of the signed message */
- signedMessage.setContent(mm);
- signedMessage.saveChanges();
- /* Create the encrypter */
- SMIMEEnvelopedGenerator encrypter = new SMIMEEnvelopedGenerator();
- encrypter.addKeyTransRecipient(conv.getCertificate());
- encrypter.addKeyTransRecipient((X509Certificate) chain[0]);
- //encrypter.addRecipientInfoGenerator(
- // new JceKeyTransRecipientInfoGenerator(conv.getCertificate().getExtensionValue("2.5.29.14"), conv.getPubKey()));
- // encrypter.addKeyTransRecipient(c);
- /* Encrypt the message */
- MimeBodyPart encryptedPart = encrypter.generate(signedMessage, SMIMEEnvelopedGenerator.RC2_CBC, "BC");
- /*
- * Create a new MimeMessage that contains the encrypted and signed
- * content
- */
- ByteArrayOutputStream out = new ByteArrayOutputStream();
- encryptedPart.writeTo(out);
- MimeMessage encryptedMessage = new MimeMessage(session, new ByteArrayInputStream(out.toByteArray()));
- /* Set all original MIME headers in the encrypted message */
- headers = body.getAllHeaderLines();
- while (headers.hasMoreElements()) {
- String headerLine = (String) headers.nextElement();
- /*
- * Make sure not to override any content-* headers from the
- * original message
- */
- if (!Strings.toLowerCase(headerLine).startsWith("content-")) {
- encryptedMessage.addHeaderLine(headerLine);
- }
- }
- // ReadEncryptedMail.decrypt(encryptedMessage);
- Transport.send(encryptedMessage);
- } catch (SMIMEException ex) {
- ex.getUnderlyingException().printStackTrace(System.err);
- ex.printStackTrace(System.err);
- } catch (Exception ex) {
- ex.printStackTrace(System.err);
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement