KeyTransRecipientInformationpublic class KeyTransRecipientInformation extends RecipientInformation | the KeyTransRecipientInformation class for a recipient who has been sent a secret
key encrypted using their public key that needs to be used to
extract the message. |
| Fields Summary |
|---|
| private org.bouncycastle.asn1.cms.KeyTransRecipientInfo | _info |
| Constructors Summary |
|---|
public KeyTransRecipientInformation(org.bouncycastle.asn1.cms.KeyTransRecipientInfo info, org.bouncycastle.asn1.x509.AlgorithmIdentifier encAlg, InputStream data)
super(encAlg, AlgorithmIdentifier.getInstance(info.getKeyEncryptionAlgorithm()), data);
this._info = info;
// this._encAlg = encAlg;
this._rid = new RecipientId();
RecipientIdentifier r = info.getRecipientIdentifier();
try
{
if (r.isTagged())
{
ASN1OctetString octs = ASN1OctetString.getInstance(r.getId());
_rid.setSubjectKeyIdentifier(octs.getOctets());
}
else
{
IssuerAndSerialNumber iAnds = IssuerAndSerialNumber.getInstance(r.getId());
_rid.setIssuer(iAnds.getName().getEncoded());
_rid.setSerialNumber(iAnds.getSerialNumber().getValue());
}
}
catch (IOException e)
{
throw new IllegalArgumentException("invalid rid in KeyTransRecipientInformation");
}
|
| Methods Summary |
|---|
| public CMSTypedStream | getContentStream(java.security.Key key, java.lang.String prov)decrypt the content and return it as a byte array.
return getContentStream(key, CMSUtils.getProvider(prov));
| | public CMSTypedStream | getContentStream(java.security.Key key, java.security.Provider prov)
byte[] encryptedKey = _info.getEncryptedKey().getOctets();
String keyExchangeAlgorithm = getExchangeEncryptionAlgorithmName(_keyEncAlg.getObjectId());
String alg = CMSEnvelopedHelper.INSTANCE.getSymmetricCipherName(_encAlg.getObjectId().getId());
try
{
Cipher keyCipher = CMSEnvelopedHelper.INSTANCE.getSymmetricCipher(keyExchangeAlgorithm, prov);
Key sKey;
try
{
keyCipher.init(Cipher.UNWRAP_MODE, key);
sKey = keyCipher.unwrap(encryptedKey, alg, Cipher.SECRET_KEY);
}
catch (GeneralSecurityException e) // some providers do not support UNWRAP
{
keyCipher.init(Cipher.DECRYPT_MODE, key);
sKey = new SecretKeySpec(keyCipher.doFinal(encryptedKey), alg);
}
catch (IllegalStateException e) // some providers do not support UNWRAP
{
keyCipher.init(Cipher.DECRYPT_MODE, key);
sKey = new SecretKeySpec(keyCipher.doFinal(encryptedKey), alg);
}
catch (UnsupportedOperationException e) // some providers do not support UNWRAP
{
keyCipher.init(Cipher.DECRYPT_MODE, key);
sKey = new SecretKeySpec(keyCipher.doFinal(encryptedKey), alg);
}
catch (ProviderException e) // some providers do not support UNWRAP
{
keyCipher.init(Cipher.DECRYPT_MODE, key);
sKey = new SecretKeySpec(keyCipher.doFinal(encryptedKey), alg);
}
return getContentFromSessionKey(sKey, prov);
}
catch (NoSuchAlgorithmException e)
{
throw new CMSException("can't find algorithm.", e);
}
catch (InvalidKeyException e)
{
throw new CMSException("key invalid in message.", e);
}
catch (NoSuchPaddingException e)
{
throw new CMSException("required padding not supported.", e);
}
catch (IllegalBlockSizeException e)
{
throw new CMSException("illegal blocksize in message.", e);
}
catch (BadPaddingException e)
{
throw new CMSException("bad padding in message.", e);
}
| | private java.lang.String | getExchangeEncryptionAlgorithmName(org.bouncycastle.asn1.DERObjectIdentifier oid)
if (PKCSObjectIdentifiers.rsaEncryption.equals(oid))
{
return "RSA/ECB/PKCS1Padding";
}
return oid.getId();
|
|
