@Override public byte[] generateWrappedKey(byte[] encryptionKey) throws OperatorException { try { Cipher cipher = Cipher.getInstance("RSA/NONE/OAEPPADDING", "BC"); cipher.init(Cipher.ENCRYPT_MODE, publicKey); return cipher.doFinal(encryptionKey); } catch (Exception ex) { throw new OperatorException("error in generateWrappedKey", ex); } }
@SuppressWarnings("rawtypes") protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey) throws CMSException { JceAsymmetricKeyUnwrapper unwrapper = helper.createAsymmetricUnwrapper(keyEncryptionAlgorithm, recipientKey).setMustProduceEncodableUnwrappedKey(unwrappedKeyMustBeEncodable); if (!extraMappings.isEmpty()) { for (Iterator it = extraMappings.keySet().iterator(); it.hasNext(); ) { ASN1ObjectIdentifier algorithm = (ASN1ObjectIdentifier)it.next(); unwrapper.setAlgorithmMapping(algorithm, (String)extraMappings.get(algorithm)); } } try { Key key = helper.getJceKey(encryptedKeyAlgorithm.getAlgorithm(), unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedEncryptionKey)); if (validateKeySize) { helper.keySizeCheck(encryptedKeyAlgorithm, key); } return key; } catch (OperatorException e) { throw new CMSException("exception unwrapping key: " + e.getMessage(), e); } }
@Override public GenericKey generateUnwrappedKey(AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedKey) throws OperatorException { try { Key sKey = null; Class<?> parentClass = Class.forName("org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper"); Field helpField = parentClass.getDeclaredField("helper"); helpField.setAccessible(true); Class<?> helperClazz = Class.forName("org.bouncycastle.operator.jcajce.OperatorHelper"); Method cipherMeth = helperClazz.getDeclaredMethod("createAsymmetricWrapper", ASN1ObjectIdentifier.class, Map.class); cipherMeth.setAccessible(true); Cipher keyCipher = (Cipher)cipherMeth.invoke(helpField.get(this), this.getAlgorithmIdentifier().getAlgorithm(), extraMappings); // some providers do not support UNWRAP (this appears to be only for asymmetric algorithms) if (sKey == null) { keyCipher.init(Cipher.DECRYPT_MODE, privateKey); sKey = new SecretKeySpec(keyCipher.doFinal(encryptedKey), encryptedKeyAlgorithm.getAlgorithm().getId()); } return new JceGenericKey(encryptedKeyAlgorithm, sKey); } catch (Exception e) { throw new OperatorException("Decrypt failed: " + e.getMessage(), e); } }
return new DERSequence(array).getEncoded(); } catch (Exception ex) { throw new OperatorException("error while generateWrappedKey", ex);