Change the encoding of the CMSEnvelopedData

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Change the encoding of the CMSEnvelopedData

Nidhi Aggarwal

Hi ,

 

 

I wish to obtain a DER encoded enveloped data. I am encoding the  data (“mseedNdPerm”) as shown below. But the encoding done in CMSEnvelopedData is using BER encoding. Is it possible to change the same.

 

Security.addProvider(new BouncyCastleProvider());

JCECredentials[] jceCredentials = getCredentials();

 

byte [] mseedNdPerm = new byte[24];

byte[] mSeed = new byte[20];

for(int i=0 ; i<20 ; i++)

                mSeed[i] = 2;

               

System.arraycopy(mSeed, 0, mseedNdPerm, 0, 20);

int perms = -2;

perms |= 1; // Always set DOC_OPEN bit.

int permsInd;

for (permsInd = 0; permsInd < 4; permsInd++)

{

                mseedNdPerm[23 - permsInd] = (byte) (perms & 0xFF);

                perms >>= 8;

}

                               

                               

                               

//Create an encrypted Enveloped Packet using RSA library

byte [] pkcs7Packet = buildEnvelopedData( jceCredentials, mseedNdPerm);

 

System.out.println("The size of encrypted packet is " + pkcs7Packet.length + " bytes\n");

BASE64Encoder encoder = new BASE64Encoder();

String encryptedContent = encoder.encode(pkcs7Packet);

System.out.println("Signed content: " + encryptedContent + "\n");

 

 

private static byte[] buildEnvelopedData(JCECredentials[] credentials, byte[] dataForEncryption) throws CertificateEncodingException, CMSException, IOException

{

                CMSTypedData  data = new CMSProcessableByteArray(dataForEncryption);

                CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator();

                for (int certInd = 0; certInd < credentials.length; certInd++)

                {

                                JCECredentials jceCredentials = credentials[certInd];

                                gen.addRecipientInfoGenerator(new

                                                JceKeyTransRecipientInfoGenerator(jceCredentials.getCertificate()).setProvider("BC")); 

 

                }

                JceCMSContentEncryptorBuilder encryptorBuilder = new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC);

                encryptorBuilder.setProvider("BC");

                OutputEncryptor outEnc = encryptorBuilder.build();

                CMSEnvelopedData enveloped = gen.generate(

                                data,

                                outEnc);

                return enveloped.getEncoded();

 

}

Reply | Threaded
Open this post in threaded view
|

Re: Change the encoding of the CMSEnvelopedData

David Hook-3

Try:

enveloped.toASN1Structure().getEncoded(ASN1Encoding.DL);

That will use direct length encoding rather than DER, but it should do the trick. You can use ASN1Encoding.DER if it really has to be DER.

Regards,

David

On 08/01/18 20:49, Nidhi Aggarwal wrote:

Hi ,

 

 

I wish to obtain a DER encoded enveloped data. I am encoding the  data (“mseedNdPerm”) as shown below. But the encoding done in CMSEnvelopedData is using BER encoding. Is it possible to change the same.

 

Security.addProvider(new BouncyCastleProvider());

JCECredentials[] jceCredentials = getCredentials();

 

byte [] mseedNdPerm = new byte[24];

byte[] mSeed = new byte[20];

for(int i=0 ; i<20 ; i++)

                mSeed[i] = 2;

               

System.arraycopy(mSeed, 0, mseedNdPerm, 0, 20);

int perms = -2;

perms |= 1; // Always set DOC_OPEN bit.

int permsInd;

for (permsInd = 0; permsInd < 4; permsInd++)

{

                mseedNdPerm[23 - permsInd] = (byte) (perms & 0xFF);

                perms >>= 8;

}

                               

                               

                               

//Create an encrypted Enveloped Packet using RSA library

byte [] pkcs7Packet = buildEnvelopedData( jceCredentials, mseedNdPerm);

 

System.out.println("The size of encrypted packet is " + pkcs7Packet.length + " bytes\n");

BASE64Encoder encoder = new BASE64Encoder();

String encryptedContent = encoder.encode(pkcs7Packet);

System.out.println("Signed content: " + encryptedContent + "\n");

 

 

private static byte[] buildEnvelopedData(JCECredentials[] credentials, byte[] dataForEncryption) throws CertificateEncodingException, CMSException, IOException

{

                CMSTypedData  data = new CMSProcessableByteArray(dataForEncryption);

                CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator();

                for (int certInd = 0; certInd < credentials.length; certInd++)

                {

                                JCECredentials jceCredentials = credentials[certInd];

                                gen.addRecipientInfoGenerator(new

                                                JceKeyTransRecipientInfoGenerator(jceCredentials.getCertificate()).setProvider("BC")); 

 

                }

                JceCMSContentEncryptorBuilder encryptorBuilder = new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC);

                encryptorBuilder.setProvider("BC");

                OutputEncryptor outEnc = encryptorBuilder.build();

                CMSEnvelopedData enveloped = gen.generate(

                                data,

                                outEnc);

                return enveloped.getEncoded();

 

}