public final class BCCryptoHelper extends Object implements ICryptoHelper
ICryptoHelper based on BouncyCastle.| Constructor and Description |
|---|
BCCryptoHelper() |
| Modifier and Type | Method and Description |
|---|---|
MIC |
calculateMIC(javax.mail.internet.MimeBodyPart aPart,
ECryptoAlgorithmSign eDigestAlgorithm,
boolean bIncludeHeaders)
Calculate the MIC
|
KeyStore |
createNewKeyStore(com.helger.security.keystore.IKeyStoreType aKeyStoreType) |
javax.mail.internet.MimeBodyPart |
decrypt(javax.mail.internet.MimeBodyPart aPart,
X509Certificate aX509Cert,
PrivateKey aPrivateKey,
boolean bForceDecrypt,
AS2ResourceHelper aResHelper) |
javax.mail.internet.MimeBodyPart |
encrypt(javax.mail.internet.MimeBodyPart aPart,
X509Certificate aX509Cert,
ECryptoAlgorithmCrypt eAlgorithm,
com.helger.mail.cte.EContentTransferEncoding eCTE) |
String |
getSecurityProviderName() |
boolean |
isCompressed(String sContentType)
Check if the passed content type indicates compression.
|
boolean |
isEncrypted(javax.mail.internet.MimeBodyPart aPart)
Check if the passed MIME body part is encrypted.
|
boolean |
isSigned(javax.mail.internet.MimeBodyPart aPart)
Check if the passed MIME body part is signed.
|
KeyStore |
loadKeyStore(com.helger.security.keystore.IKeyStoreType aKeyStoreType,
InputStream aIS,
char[] aPassword)
Load a key store from the specified input stream.
|
BCCryptoHelper |
setSecurityProviderName(String sSecurityProviderName)
Set the security provider name to use.
|
javax.mail.internet.MimeBodyPart |
sign(javax.mail.internet.MimeBodyPart aPart,
X509Certificate aX509Cert,
PrivateKey aPrivateKey,
ECryptoAlgorithmSign eAlgorithm,
boolean bIncludeCertificateInSignedContent,
boolean bUseOldRFC3851MicAlgs,
boolean bRemoveCmsAlgorithmProtect,
com.helger.mail.cte.EContentTransferEncoding eCTE)
Sign a MIME body part.
|
javax.mail.internet.MimeBodyPart |
verify(javax.mail.internet.MimeBodyPart aPart,
X509Certificate aX509Cert,
boolean bUseCertificateInBodyPart,
boolean bForceVerify,
Consumer<X509Certificate> aEffectiveCertificateConsumer,
AS2ResourceHelper aResHelper)
Verify the specified Mime Body part against the part certificate
|
@Nonnull @Nonempty public String getSecurityProviderName()
BC by default.@Nonnull public BCCryptoHelper setSecurityProviderName(@Nonnull @Nonempty String sSecurityProviderName)
sSecurityProviderName - The provider name. May neither be null nor empty.@Nonnull public KeyStore createNewKeyStore(@Nonnull com.helger.security.keystore.IKeyStoreType aKeyStoreType) throws GeneralSecurityException
createNewKeyStore in interface ICryptoHelperaKeyStoreType - Key store type to use. May not be null.GeneralSecurityException - In case something goes wrong.@Nonnull public KeyStore loadKeyStore(@Nonnull com.helger.security.keystore.IKeyStoreType aKeyStoreType, @Nullable @WillNotClose InputStream aIS, @Nonnull char[] aPassword) throws Exception
ICryptoHelperloadKeyStore in interface ICryptoHelperaKeyStoreType - Key store type to use. May not be null.aIS - The input stream to load the key store from. May not be
null.aPassword - The password to be used for loading. May not be null.null.Exception - In case loading fails.public boolean isEncrypted(@Nonnull javax.mail.internet.MimeBodyPart aPart) throws javax.mail.MessagingException
ICryptoHelperisEncrypted in interface ICryptoHelperaPart - The part to be checked.true if it is encrypted, false otherwise.javax.mail.MessagingExceptionpublic boolean isSigned(@Nonnull javax.mail.internet.MimeBodyPart aPart) throws javax.mail.MessagingException
ICryptoHelperisSigned in interface ICryptoHelperaPart - The part to be checked.true if it is signed, false otherwise.javax.mail.MessagingExceptionpublic boolean isCompressed(@Nonnull String sContentType) throws AS2Exception
ICryptoHelperisCompressed in interface ICryptoHelpersContentType - The content type to be checked. May not be null.true if it is compressed, false
otherwise.AS2Exception - In case something goes wrong.@Nonnull public MIC calculateMIC(@Nonnull javax.mail.internet.MimeBodyPart aPart, @Nonnull ECryptoAlgorithmSign eDigestAlgorithm, boolean bIncludeHeaders) throws GeneralSecurityException, javax.mail.MessagingException, IOException
ICryptoHelpercalculateMIC in interface ICryptoHelperaPart - MIME part to calculate the MIC from. May not be null.eDigestAlgorithm - The digest algorithm to be used. May not be null.bIncludeHeaders - true if the MIME headers should be included,
false if only the content should be used.null.GeneralSecurityExceptionjavax.mail.MessagingExceptionIOException@Nonnull public javax.mail.internet.MimeBodyPart decrypt(@Nonnull javax.mail.internet.MimeBodyPart aPart, @Nonnull X509Certificate aX509Cert, @Nonnull PrivateKey aPrivateKey, boolean bForceDecrypt, @Nonnull AS2ResourceHelper aResHelper) throws GeneralSecurityException, javax.mail.MessagingException, org.bouncycastle.cms.CMSException, org.bouncycastle.mail.smime.SMIMEException, IOException
decrypt in interface ICryptoHelperGeneralSecurityExceptionjavax.mail.MessagingExceptionorg.bouncycastle.cms.CMSExceptionorg.bouncycastle.mail.smime.SMIMEExceptionIOException@Nonnull public javax.mail.internet.MimeBodyPart encrypt(@Nonnull javax.mail.internet.MimeBodyPart aPart, @Nonnull X509Certificate aX509Cert, @Nonnull ECryptoAlgorithmCrypt eAlgorithm, @Nonnull com.helger.mail.cte.EContentTransferEncoding eCTE) throws GeneralSecurityException, org.bouncycastle.mail.smime.SMIMEException, org.bouncycastle.cms.CMSException
encrypt in interface ICryptoHelperGeneralSecurityExceptionorg.bouncycastle.mail.smime.SMIMEExceptionorg.bouncycastle.cms.CMSException@Nonnull public javax.mail.internet.MimeBodyPart sign(@Nonnull javax.mail.internet.MimeBodyPart aPart, @Nonnull X509Certificate aX509Cert, @Nonnull PrivateKey aPrivateKey, @Nonnull ECryptoAlgorithmSign eAlgorithm, boolean bIncludeCertificateInSignedContent, boolean bUseOldRFC3851MicAlgs, boolean bRemoveCmsAlgorithmProtect, @Nonnull com.helger.mail.cte.EContentTransferEncoding eCTE) throws GeneralSecurityException, org.bouncycastle.mail.smime.SMIMEException, javax.mail.MessagingException, org.bouncycastle.operator.OperatorCreationException
ICryptoHelpersign in interface ICryptoHelperaPart - MIME body part to be signed. May not be null.aX509Cert - The certificate that should be added to the signed information. May
not be null.aPrivateKey - Private key to be used for signing. May not be null.eAlgorithm - The algorithm to be used for signing. May not be null.bIncludeCertificateInSignedContent - true if the passed certificate should be part of the
signed content, false if the certificate should not be
put in the content. E.g. for PEPPOL this must be true.bUseOldRFC3851MicAlgs - true to use the old RFC 3851 MIC algorithm names (e.g.
sha1), false to use the new RFC 5751 MIC
algorithm names (e.g. sha-1).bRemoveCmsAlgorithmProtect - if true, the CMS attribute "AlgorithmProtect" will be
removed. This is needed in compatibility with e.g. IBM Sterling.
Default value should be false. Since 4.10.1. See Issue
#137.eCTE - The Content-Transfer-Encoding to be used. May not be
null.null.GeneralSecurityExceptionorg.bouncycastle.mail.smime.SMIMEExceptionjavax.mail.MessagingExceptionorg.bouncycastle.operator.OperatorCreationException@Nonnull public javax.mail.internet.MimeBodyPart verify(@Nonnull javax.mail.internet.MimeBodyPart aPart, @Nullable X509Certificate aX509Cert, boolean bUseCertificateInBodyPart, boolean bForceVerify, @Nullable Consumer<X509Certificate> aEffectiveCertificateConsumer, @Nonnull AS2ResourceHelper aResHelper) throws GeneralSecurityException, IOException, javax.mail.MessagingException, org.bouncycastle.cms.CMSException, org.bouncycastle.operator.OperatorCreationException
ICryptoHelperverify in interface ICryptoHelperaPart - Original partaX509Cert - Certificate to check against or null if the certificate
provided in the message should be used.bUseCertificateInBodyPart - If true any certificate that is passed in the body part
is used for verification. If false only the provided
certificate is used.bForceVerify - true to force verification even if the Content-Type
header does not indicate so.aEffectiveCertificateConsumer - An optional consumer that takes the effective certificate that was
used for verification. May be null.aResHelper - The resource helper to use. May not be null.null.GeneralSecurityExceptionIOExceptionjavax.mail.MessagingExceptionorg.bouncycastle.cms.CMSExceptionorg.bouncycastle.operator.OperatorCreationExceptionCopyright © 2013–2022 Philip Helger. All rights reserved.