minor refactoring, added contributed SMIMEEnvelopedUtil, added support for encryption check on SMIMEAuthEnvelopedData messages to SMIMEToolkit.

Author: dghgit

mail/src/main/java/org/bouncycastle/mail/smime/SMIMEAuthEnvelopedGenerator.java

@@ -1,23 +1,27 @@
 package org.bouncycastle.mail.smime;
 
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.cms.*;
-import org.bouncycastle.operator.OutputAEADEncryptor;
-import org.bouncycastle.operator.OutputEncryptor;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import javax.activation.CommandMap;
 import javax.activation.MailcapCommandMap;
 import javax.mail.MessagingException;
 import javax.mail.internet.MimeBodyPart;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
+
+import org.bouncycastle.asn1.ASN1EncodableVector;
+import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.cms.CMSAuthEnvelopedDataGenerator;
+import org.bouncycastle.cms.CMSAuthEnvelopedDataStreamGenerator;
+import org.bouncycastle.cms.CMSException;
+import org.bouncycastle.cms.RecipientInfoGenerator;
+import org.bouncycastle.operator.OutputAEADEncryptor;
+import org.bouncycastle.operator.OutputEncryptor;
 
 /**
  * General class for generating a pkcs7-mime message using AEAD algorithm.
- *
+ * <p>
  * A simple example of usage.
  *
  * <pre>
@@ -34,11 +38,11 @@
 public class SMIMEAuthEnvelopedGenerator
     extends SMIMEEnvelopedGenerator
 {
-    public static final String  AES128_GCM      = CMSAuthEnvelopedDataGenerator.AES128_GCM;
-    public static final String  AES192_GCM      = CMSAuthEnvelopedDataGenerator.AES192_GCM;
-    public static final String  AES256_GCM      = CMSAuthEnvelopedDataGenerator.AES256_GCM;
+    public static final String AES128_GCM = CMSAuthEnvelopedDataGenerator.AES128_GCM;
+    public static final String AES192_GCM = CMSAuthEnvelopedDataGenerator.AES192_GCM;
+    public static final String AES256_GCM = CMSAuthEnvelopedDataGenerator.AES256_GCM;
 
-    private static final String AUTH_ENCRYPTED_CONTENT_TYPE = "application/pkcs7-mime; name=\"smime.p7m\"; smime-type=authEnveloped-data";
+    static final String AUTH_ENVELOPED_DATA_CONTENT_TYPE = "application/pkcs7-mime; name=\"smime.p7m\"; smime-type=authEnveloped-data";
 
     final private AuthEnvelopedGenerator authFact;
 
@@ -90,19 +94,21 @@ public void setBerEncodeRecipients(
     /**
      * return encrypted content type for enveloped data.
      */
-    protected String getEncryptedContentType() {
-        return AUTH_ENCRYPTED_CONTENT_TYPE;
+    protected String getEncryptedContentType()
+    {
+        return AUTH_ENVELOPED_DATA_CONTENT_TYPE;
     }
 
     /**
      * return content encryptor.
      */
     protected SMIMEStreamingProcessor getContentEncryptor(
-            MimeBodyPart content,
-            OutputEncryptor encryptor)
-            throws SMIMEException
+        MimeBodyPart content,
+        OutputEncryptor encryptor)
+        throws SMIMEException
     {
-        if (encryptor instanceof OutputAEADEncryptor) {
+        if (encryptor instanceof OutputAEADEncryptor)
+        {
             return new ContentEncryptor(content, (OutputAEADEncryptor)encryptor);
         }
         // this would happen if the encryption algorithm is not AEAD algorithm
@@ -113,12 +119,12 @@ private static class AuthEnvelopedGenerator
         extends CMSAuthEnvelopedDataStreamGenerator
     {
         private ASN1ObjectIdentifier dataType;
-        private ASN1EncodableVector  recipientInfos;
+        private ASN1EncodableVector recipientInfos;
 
         protected OutputStream open(
             ASN1ObjectIdentifier dataType,
-            OutputStream         out,
-            ASN1EncodableVector  recipientInfos,
+            OutputStream out,
+            ASN1EncodableVector recipientInfos,
             OutputAEADEncryptor encryptor)
             throws IOException
         {
@@ -130,31 +136,31 @@ protected OutputStream open(
 
         OutputStream regenerate(
             OutputStream out,
-            OutputAEADEncryptor     encryptor)
+            OutputAEADEncryptor encryptor)
             throws IOException
         {
             return super.open(dataType, out, recipientInfos, encryptor);
         }
     }
 
     private class ContentEncryptor
-            implements SMIMEStreamingProcessor
+        implements SMIMEStreamingProcessor
     {
         private final MimeBodyPart _content;
         private OutputAEADEncryptor _encryptor;
 
         private boolean _firstTime = true;
 
         ContentEncryptor(
-                MimeBodyPart content,
-                OutputAEADEncryptor encryptor)
+            MimeBodyPart content,
+            OutputAEADEncryptor encryptor)
         {
             _content = content;
             _encryptor = encryptor;
         }
 
         public void write(OutputStream out)
-                throws IOException
+            throws IOException
         {
             OutputStream encrypted;
 

mail/src/main/java/org/bouncycastle/mail/smime/SMIMEEnvelopedGenerator.java

@@ -62,9 +62,9 @@ public class SMIMEEnvelopedGenerator
     public static final String  SEED_WRAP       = CMSEnvelopedDataGenerator.SEED_WRAP;
 
     public static final String  ECDH_SHA1KDF    = CMSEnvelopedDataGenerator.ECDH_SHA1KDF;
-
-    private static final String ENCRYPTED_CONTENT_TYPE = "application/pkcs7-mime; name=\"smime.p7m\"; smime-type=enveloped-data";
 
+    static final String ENVELOPED_DATA_CONTENT_TYPE = "application/pkcs7-mime; name=\"smime.p7m\"; smime-type=enveloped-data";
+
     private EnvelopedGenerator fact;
 
     static
@@ -116,7 +116,7 @@ public void setBerEncodeRecipients(
      * return encrypted content type for enveloped data.
      */
     protected String getEncryptedContentType() {
-        return ENCRYPTED_CONTENT_TYPE;
+        return ENVELOPED_DATA_CONTENT_TYPE;
     }
 
     /**

mail/src/main/java/org/bouncycastle/mail/smime/SMIMEEnvelopedUtil.java

@@ -0,0 +1,57 @@
+package org.bouncycastle.mail.smime;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.mail.MessagingException;
+import javax.mail.internet.MimeBodyPart;
+
+import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import org.bouncycastle.cms.CMSException;
+import org.bouncycastle.cms.RecipientInformationStore;
+
+public class SMIMEEnvelopedUtil
+{
+    private static Set<ASN1ObjectIdentifier> authOIDs = new HashSet<ASN1ObjectIdentifier>();
+
+    static
+    {
+        authOIDs.add(NISTObjectIdentifiers.id_aes128_GCM);
+        authOIDs.add(NISTObjectIdentifiers.id_aes128_GCM);
+        authOIDs.add(NISTObjectIdentifiers.id_aes128_GCM);
+    }
+
+    /**
+     * Parse the passed in MimeMessage extracting the RecipientInfos from it.
+     *
+     * @param message the message to be parsed.
+     * @return the RecipientInformation store for the passed in message.
+     * @throws MessagingException
+     * @throws CMSException
+     */
+    public static RecipientInformationStore getRecipientInfos(MimeBodyPart message) throws MessagingException, CMSException
+    {
+        if(message.getContentType().equals(SMIMEAuthEnvelopedGenerator.AUTH_ENVELOPED_DATA_CONTENT_TYPE))
+        {
+            return new SMIMEAuthEnveloped(message).getRecipientInfos();
+        }
+        return new SMIMEEnveloped(message).getRecipientInfos();
+    }
+
+    /**
+     * Utility method which will return an SMIMEEnvelopedGenerator or an
+     * SMIMEAuthEnvelopedGenerator as appropriate for the algorithm OID passed in.
+     *
+     * @param algorithm algorithm OID
+     * @return a SMIME Enveloped Generator class.
+     */
+    public static SMIMEEnvelopedGenerator createGenerator(ASN1ObjectIdentifier algorithm)
+    {
+        if (authOIDs.contains(algorithm))
+        {
+            return new SMIMEAuthEnvelopedGenerator();
+        }
+        return new SMIMEEnvelopedGenerator();
+    }
+}

mail/src/main/java/org/bouncycastle/mail/smime/SMIMEToolkit.java

@@ -54,7 +54,10 @@ public SMIMEToolkit(DigestCalculatorProvider digestCalculatorProvider)
     public boolean isEncrypted(Part message)
         throws MessagingException
     {
-        return message.getHeader("Content-Type")[0].equals("application/pkcs7-mime; name=\"smime.p7m\"; smime-type=enveloped-data");
+        String mainContentType = message.getHeader("Content-Type")[0];
+
+        return mainContentType.equals(SMIMEEnvelopedGenerator.ENVELOPED_DATA_CONTENT_TYPE)
+            || mainContentType.equals(SMIMEAuthEnvelopedGenerator.AUTH_ENVELOPED_DATA_CONTENT_TYPE);
     }
 
     /**