Somebody likes to try

pull/187/head
M66B 4 years ago
parent 808a6b1877
commit 9f1d41ea42

@ -127,6 +127,7 @@ import org.bouncycastle.cms.RecipientInfoGenerator;
import org.bouncycastle.cms.SignerInfoGenerator; import org.bouncycastle.cms.SignerInfoGenerator;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder; import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder; import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientInfoGenerator;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator; import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.operator.ContentSigner; import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.DigestCalculatorProvider; import org.bouncycastle.operator.DigestCalculatorProvider;
@ -2832,8 +2833,16 @@ public class FragmentCompose extends FragmentBase {
// Encrypt // Encrypt
CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator(); CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
if ("EC".equals(privkey.getAlgorithm())) { if ("EC".equals(privkey.getAlgorithm())) {
JceKeyAgreeRecipientInfoGenerator gen = new JceKeyAgreeRecipientInfoGenerator(
CMSAlgorithm.ECDH_SHA256KDF,
privkey,
chain[0].getPublicKey(),
CMSAlgorithm.AES128_WRAP);
for (X509Certificate cert : certs)
gen.addRecipient(cert);
cmsEnvelopedDataGenerator.addRecipientInfoGenerator(gen);
// https://security.stackexchange.com/a/53960 // https://security.stackexchange.com/a/53960
throw new IllegalArgumentException("ECDSA cannot be used for encryption"); // throw new IllegalArgumentException("ECDSA cannot be used for encryption");
} else { } else {
for (X509Certificate cert : certs) { for (X509Certificate cert : certs) {
RecipientInfoGenerator gen = new JceKeyTransRecipientInfoGenerator(cert); RecipientInfoGenerator gen = new JceKeyTransRecipientInfoGenerator(cert);

Loading…
Cancel
Save