All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.helger.asic.extras.CmsEncryptedAsicWriter Maven / Gradle / Ivy

/**
 * Copyright (C) 2015-2017 difi (www.difi.no)
 * Copyright (C) 2018-2021 Philip Helger (www.helger.com)
 * philip[at]helger[dot]com
 *
 * This Source Code Form is subject to the terms of the
 * Mozilla Public License, v. 2.0.
 * If a copy of the MPL was not distributed
 * with this file, You can obtain one at
 * https://mozilla.org/MPL/2.0/
 */
package com.helger.asic.extras;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Set;
import java.util.TreeSet;

import javax.annotation.Nonnull;

import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSEnvelopedData;
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;

import com.helger.asic.AsicUtils;
import com.helger.asic.IAsicWriter;
import com.helger.asic.SignatureHelper;
import com.helger.bc.PBCProvider;
import com.helger.commons.io.stream.NonBlockingByteArrayInputStream;
import com.helger.commons.io.stream.NonBlockingByteArrayOutputStream;
import com.helger.commons.mime.IMimeType;

/**
 * Wrapper to seamlessly encode specific files.
 */
public class CmsEncryptedAsicWriter implements IAsicWriter
{
  private final IAsicWriter m_aAsicWriter;
  private final X509Certificate m_aCertificate;
  private final ASN1ObjectIdentifier m_aCmsAlgorithm;

  private final Set  m_aEntryNames = new TreeSet <> ();

  public CmsEncryptedAsicWriter (final IAsicWriter aAsicWriter, final X509Certificate aCertificate)
  {
    this (aAsicWriter, aCertificate, CMSAlgorithm.AES256_GCM);
  }

  public CmsEncryptedAsicWriter (final IAsicWriter aAsicWriter,
                                 final X509Certificate aCertificate,
                                 final ASN1ObjectIdentifier aCMSAlgorithm)
  {
    m_aAsicWriter = aAsicWriter;
    m_aCertificate = aCertificate;
    m_aCmsAlgorithm = aCMSAlgorithm;
  }

  @Nonnull
  public IAsicWriter add (final InputStream aIS, final String sFilename, final IMimeType aMimeType) throws IOException
  {
    return m_aAsicWriter.add (aIS, sFilename, aMimeType);
  }

  @Nonnull
  public IAsicWriter addEncrypted (final File aFile) throws IOException
  {
    return addEncrypted (aFile.toPath ());
  }

  @Nonnull
  public IAsicWriter addEncrypted (final File aFile, final String sEntryName) throws IOException
  {
    return addEncrypted (aFile.toPath (), sEntryName);
  }

  @Nonnull
  public IAsicWriter addEncrypted (final Path aFile) throws IOException
  {
    return addEncrypted (aFile, aFile.toFile ().getName ());
  }

  @Nonnull
  public IAsicWriter addEncrypted (final Path aFile, final String sEntryName) throws IOException
  {
    try (final InputStream aIS = Files.newInputStream (aFile))
    {
      addEncrypted (aIS, sEntryName);
    }
    return this;
  }

  @Nonnull
  public IAsicWriter addEncrypted (final InputStream aIS, final String sFilename) throws IOException
  {
    return addEncrypted (aIS, sFilename, AsicUtils.detectMime (sFilename));
  }

  @Nonnull
  public IAsicWriter addEncrypted (final File aFile,
                                   final String sEntryName,
                                   final IMimeType aMimeType) throws IOException
  {
    return addEncrypted (aFile.toPath (), sEntryName, aMimeType);
  }

  @Nonnull
  public IAsicWriter addEncrypted (final Path aFile,
                                   final String sEntryName,
                                   final IMimeType aMimeType) throws IOException
  {
    try (final InputStream aIS = Files.newInputStream (aFile))
    {
      addEncrypted (aIS, sEntryName, aMimeType);
    }
    return this;
  }

  @Nonnull
  public IAsicWriter addEncrypted (final InputStream aIS,
                                   final String sFilename,
                                   final IMimeType aMimeType) throws IOException
  {
    try (final NonBlockingByteArrayOutputStream aBAOS = new NonBlockingByteArrayOutputStream ())
    {
      AsicUtils.copyStream (aIS, aBAOS);

      final CMSEnvelopedDataGenerator aCMSEnvelopedDataGenerator = new CMSEnvelopedDataGenerator ();
      aCMSEnvelopedDataGenerator.addRecipientInfoGenerator (new JceKeyTransRecipientInfoGenerator (m_aCertificate).setProvider (PBCProvider.getProvider ()));
      final CMSEnvelopedData aData = aCMSEnvelopedDataGenerator.generate (new CMSProcessableByteArray (aBAOS.toByteArray ()),
                                                                          new JceCMSContentEncryptorBuilder (m_aCmsAlgorithm).setProvider (PBCProvider.getProvider ())
                                                                                                                             .build ());

      m_aEntryNames.add (sFilename);

      return m_aAsicWriter.add (new NonBlockingByteArrayInputStream (aData.getEncoded ()),
                                sFilename + ".p7m",
                                aMimeType);
    }
    catch (final CMSException | CertificateEncodingException e)
    {
      throw new IOException (e.getMessage (), e);
    }
  }

  @Nonnull
  public IAsicWriter setRootEntryName (final String sName)
  {
    String name = sName;
    if (m_aEntryNames.contains (name))
      name += ".p7m";

    return m_aAsicWriter.setRootEntryName (name);
  }

  @Nonnull
  public IAsicWriter sign (@Nonnull final SignatureHelper aSH) throws IOException
  {
    return m_aAsicWriter.sign (aSH);
  }
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy