org.nhindirect.stagent.cryptography
Class SMIMECryptographerImpl

java.lang.Object
  org.nhindirect.stagent.cryptography.SMIMECryptographerImpl

All Implemented Interfaces:

Cryptographer

public class SMIMECryptographerImpl
extends Object
implements Cryptographer

Executes the cryptography operations. This include encryption, decryption, and signature generation.

Author:

Greg Meyer, Umesh Madan

Field Summary

static SMIMECryptographerImpl

Default

Constructor Summary

SMIMECryptographerImpl()
Constructs a Cryptographer with a default EncryptionAlgorithm and DigestAlgorithm.

SMIMECryptographerImpl(EncryptionAlgorithm encryptionAlgorithm, DigestAlgorithm digestAlgorithm)
Constructs a Cryptographer with an EncryptionAlgorithm and DigestAlgorithm.

Method Summary

void	checkSignature(SignedEntity signedEntity, X509Certificate signerCertificate, Collection<X509Certificate> anchors) Validates that a signed entity has a valid message and signature.
MimeEntity	decrypt(Message message, X509CertificateEx decryptingCertificate) Decrypts a message with the provided certificates private key.
MimeEntity	decrypt(MimeEntity encryptedEntity, Collection<X509CertificateEx> decryptingCertificates) Decrypts an entity with the provided certificates' private key.
MimeEntity	decrypt(MimeEntity encryptedEntity, X509CertificateEx decryptingCertificate) Decrypts an entity with the provided certificate's private key.
org.bouncycastle.cms.CMSSignedData	deserializeEnvelopedSignature(byte[] messageBytes)
org.bouncycastle.cms.CMSSignedData	deserializeEnvelopedSignature(MimeEntity envelopeEntity)
org.bouncycastle.cms.CMSSignedData	deserializeSignatureEnvelope(SignedEntity entity) Extracts the ASN1 encoded signature data from the signed entity.
MimeEntity	encrypt(MimeEntity entity, Collection<X509Certificate> encryptingCertificates) Encrypts an entity using the provided certificates.
MimeEntity	encrypt(MimeEntity entity, X509Certificate encryptingCertificate) Encrypts an entity using the provided certificate.
MimeEntity	encrypt(javax.mail.internet.MimeMultipart mmEntity, Collection<X509Certificate> encryptingCertificates) Encrypts a mulit part MIME entity using the provided certificates.
MimeEntity	encrypt(javax.mail.internet.MimeMultipart entity, X509Certificate encryptingCertificate) Encrypts a mulit part MIME entity using the provided certificate.
DigestAlgorithm	getDigestAlgorithm() Gets the DigestAlgorithm.
EncryptionAlgorithm	getEncryptionAlgorithm() Gets the EncryptionAlgorithm.
boolean	isIncludeMultipartEpilogueInSignature() Indicates if the the Epilogue part of a multipart entity should be used to generate the message signature.
void	setDigestAlgorithm(DigestAlgorithm value) Sets the DigestAlgorithm.
void	setEncryptionAlgorithm(EncryptionAlgorithm value) Sets the EncryptionAlgorithm
void	setIncludeMultipartEpilogueInSignature(boolean value) Sets if the the Epilogue part of a multipart entity should be used to generate the message signature.
SignedEntity	sign(Message message, Collection<X509Certificate> signingCertificates)
SignedEntity	sign(Message message, X509Certificate signingCertificate) Signs a message with the provided certificate.
SignedEntity	sign(MimeEntity entity, Collection<X509Certificate> signingCertificates) Signs an entity with the provided certificates.
SignedEntity	sign(MimeEntity entity, X509Certificate signingCertificate) Signs an entity with the provided certificate.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

Default

public static final SMIMECryptographerImpl Default

Constructor Detail

SMIMECryptographerImpl

public SMIMECryptographerImpl()

Constructs a Cryptographer with a default EncryptionAlgorithm and DigestAlgorithm.

SMIMECryptographerImpl

public SMIMECryptographerImpl(EncryptionAlgorithm encryptionAlgorithm,
                              DigestAlgorithm digestAlgorithm)

Constructs a Cryptographer with an EncryptionAlgorithm and DigestAlgorithm.

Parameters:

encryptionAlgorithm - The encryption algorithm used to encrypt the message.

digestAlgorithm - The digest algorithm used to generate the message digest stored in the message signature.

Method Detail

getEncryptionAlgorithm

public EncryptionAlgorithm getEncryptionAlgorithm()

Gets the EncryptionAlgorithm.

Returns:

The EncryptionAlgorithm used to encrypt messages.

setEncryptionAlgorithm

@Inject(optional=true)
public void setEncryptionAlgorithm(EncryptionAlgorithm value)

Sets the EncryptionAlgorithm

Parameters:

value - The EncryptionAlgorithm used to encrypt messages.

getDigestAlgorithm

public DigestAlgorithm getDigestAlgorithm()

Gets the DigestAlgorithm.

Returns:

The DigestAlgorithm used generate the message digest stored in the message signature.

setDigestAlgorithm

@Inject(optional=true)
public void setDigestAlgorithm(DigestAlgorithm value)

Sets the DigestAlgorithm.

Parameters:

value - The DigestAlgorithm used generate the message digest stored in the message signature.

isIncludeMultipartEpilogueInSignature

public boolean isIncludeMultipartEpilogueInSignature()

Indicates if the the Epilogue part of a multipart entity should be used to generate the message signature.

Returns:

True if the the Epilogue part of a multipart entity should be used to generate the message signature. False otherwise.

setIncludeMultipartEpilogueInSignature

@Inject(optional=true)
public void setIncludeMultipartEpilogueInSignature(boolean value)

Sets if the the Epilogue part of a multipart entity should be used to generate the message signature.

Parameters:

value - True if the the Epilogue part of a multipart entity should be used to generate the message signature. False otherwise.

encrypt

public MimeEntity encrypt(javax.mail.internet.MimeMultipart entity,
                          X509Certificate encryptingCertificate)

Encrypts a mulit part MIME entity using the provided certificate.

Specified by:

encrypt in interface Cryptographer

Parameters:

entity - The entity that will be encrypted.

encryptingCertificate - The public certificates that will be used to encrypt the message.

Returns:

A MimeEntity containing the encrypted part.

encrypt

public MimeEntity encrypt(javax.mail.internet.MimeMultipart mmEntity,
                          Collection<X509Certificate> encryptingCertificates)

Encrypts a mulit part MIME entity using the provided certificates.

Specified by:

encrypt in interface Cryptographer

Parameters:

entity - The entity that will be encrypted.

encryptingCertificates - The public certificates that will be used to encrypt the message.

Returns:

A MimeEntity containing the encrypted part.

encrypt

public MimeEntity encrypt(MimeEntity entity,
                          X509Certificate encryptingCertificate)

Encrypts an entity using the provided certificate.

Specified by:

encrypt in interface Cryptographer

Parameters:

entity - The entity that will be encrypted.

encryptingCertificate - The public certificates that will be used to encrypt the message.

Returns:

A MimeEntity containing the encrypted part.

encrypt

public MimeEntity encrypt(MimeEntity entity,
                          Collection<X509Certificate> encryptingCertificates)

Encrypts an entity using the provided certificates.

Specified by:

encrypt in interface Cryptographer

Parameters:

entity - The entity that will be encrypted.

encryptingCertificate - The public certificates that will be used to encrypt the message.

Returns:

A MimeEntity containing the encrypted part.

decrypt

public MimeEntity decrypt(Message message,
                          X509CertificateEx decryptingCertificate)

Decrypts a message with the provided certificates private key.

Specified by:

decrypt in interface Cryptographer

Parameters:

message - The message that will be decrypted.

decryptingCertificate - The certificate whose private key will be used to decrypt the message.

Returns:

A MimeEntity containing the decrypted part.

decrypt

public MimeEntity decrypt(MimeEntity encryptedEntity,
                          X509CertificateEx decryptingCertificate)

Decrypts an entity with the provided certificate's private key.

Specified by:

decrypt in interface Cryptographer

Parameters:

encryptedEntity - The entity that will be decrypted.

decryptingCertificate - The certificate whose private key will be used to decrypt the message.

Returns:

A MimeEntity containing the decrypted part.

decrypt

public MimeEntity decrypt(MimeEntity encryptedEntity,
                          Collection<X509CertificateEx> decryptingCertificates)

Decrypts an entity with the provided certificates' private key.

Specified by:

decrypt in interface Cryptographer

Parameters:

encryptedEntity - The entity that will be decrypted.

decryptingCertificate - The certificates whose private keys will be used to decrypt the message.

Returns:

A MimeEntity containing the decrypted part.

sign

public SignedEntity sign(Message message,
                         X509Certificate signingCertificate)

Signs a message with the provided certificate.

Specified by:

sign in interface Cryptographer

Parameters:

message - The message that will be signed.

signingCertificate - The certificate used to sign the message.

Returns:

A signed entity that consists of a multipart/signed entity containing the original entity and a message signature.

sign

public SignedEntity sign(Message message,
                         Collection<X509Certificate> signingCertificates)

Specified by:

sign in interface Cryptographer

sign

public SignedEntity sign(MimeEntity entity,
                         X509Certificate signingCertificate)

Signs an entity with the provided certificate.

Specified by:

sign in interface Cryptographer

Parameters:

message - The entity that will be signed.

signingCertificate - The certificate used to sign the message.

Returns:

A signed entity that consists of a multipart/signed entity containing the original entity and a message signature.

sign

public SignedEntity sign(MimeEntity entity,
                         Collection<X509Certificate> signingCertificates)

Signs an entity with the provided certificates.

Specified by:

sign in interface Cryptographer

Parameters:

message - The entity that will be signed.

signingCertificates - The certificates used to sign the message.

Returns:

A signed entity that consists of a multipart/signed entity containing the original entity and a message signature.

checkSignature

public void checkSignature(SignedEntity signedEntity,
                           X509Certificate signerCertificate,
                           Collection<X509Certificate> anchors)
                    throws SignatureValidationException

Validates that a signed entity has a valid message and signature. The signer's certificate is validated to ensure authenticity of the message. Message tampering is also checked with the message's digest and the signed digest in the message signature.

Specified by:

checkSignature in interface Cryptographer

Parameters:

signedEntity - The entity containing the original signed part and the message signature.

signerCertificate - The certificate used to sign the message.

anchors - A collection of certificate anchors used to determine if the certificates used in the signature can be validated as trusted certificates.

Throws:

SignatureValidationException

deserializeSignatureEnvelope

public org.bouncycastle.cms.CMSSignedData deserializeSignatureEnvelope(SignedEntity entity)

Extracts the ASN1 encoded signature data from the signed entity.

Specified by:

deserializeSignatureEnvelope in interface Cryptographer

Parameters:

entity - The entity containing the original signed part and the message signature.

Returns:

A CMSSignedData object that contains the ASN1 encoded signature data of the message.

deserializeEnvelopedSignature

public org.bouncycastle.cms.CMSSignedData deserializeEnvelopedSignature(MimeEntity envelopeEntity)

Specified by:

deserializeEnvelopedSignature in interface Cryptographer

deserializeEnvelopedSignature

public org.bouncycastle.cms.CMSSignedData deserializeEnvelopedSignature(byte[] messageBytes)

Specified by:

deserializeEnvelopedSignature in interface Cryptographer