org.bouncycastle.cms.jcajce.JceKTSKeyTransRecipientInfoGenerator Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bcpkix-fips Show documentation
Show all versions of bcpkix-fips Show documentation
The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. The APIs are designed primarily to be used in conjunction with the BC FIPS provider. The APIs may also be used with other providers although if being used in a FIPS context it is the responsibility of the user to ensure that any other providers used are FIPS certified.
package org.bouncycastle.cms.jcajce;
import java.io.IOException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import org.bouncycastle.cms.KeyTransRecipientInfoGenerator;
import org.bouncycastle.operator.jcajce.JceAsymmetricKeyWrapper;
import org.bouncycastle.operator.jcajce.JceKTSKeyWrapper;
import org.bouncycastle.util.encoders.Hex;
public class JceKTSKeyTransRecipientInfoGenerator
extends KeyTransRecipientInfoGenerator
{
private static final byte[] ANONYMOUS_SENDER = Hex.decode("0c14416e6f6e796d6f75732053656e64657220202020"); // "Anonymous Sender "
private JceKTSKeyTransRecipientInfoGenerator(X509Certificate recipientCert, IssuerAndSerialNumber recipientID, String symmetricWrappingAlg, int keySizeInBits)
throws CertificateEncodingException
{
super(recipientID, new JceKTSKeyWrapper(recipientCert, symmetricWrappingAlg, keySizeInBits, ANONYMOUS_SENDER, getEncodedRecipID(recipientID)));
}
public JceKTSKeyTransRecipientInfoGenerator(X509Certificate recipientCert, String symmetricWrappingAlg, int keySizeInBits)
throws CertificateEncodingException
{
this(recipientCert, new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), symmetricWrappingAlg, keySizeInBits);
}
public JceKTSKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, PublicKey publicKey, String symmetricWrappingAlg, int keySizeInBits)
{
super(subjectKeyIdentifier, new JceKTSKeyWrapper(publicKey, symmetricWrappingAlg, keySizeInBits, ANONYMOUS_SENDER, getEncodedSubKeyId(subjectKeyIdentifier)));
}
private static byte[] getEncodedRecipID(IssuerAndSerialNumber recipientID)
throws CertificateEncodingException
{
try
{
return recipientID.getEncoded(ASN1Encoding.DER);
}
catch (final IOException e)
{
throw new CertificateEncodingException("Cannot process extracted IssuerAndSerialNumber: " + e.getMessage())
{
public Throwable getCause()
{
return e;
}
};
}
}
private static byte[] getEncodedSubKeyId(byte[] subjectKeyIdentifier)
{
try
{
return new DEROctetString(subjectKeyIdentifier).getEncoded();
}
catch (final IOException e)
{
throw new IllegalArgumentException("Cannot process subject key identifier: " + e.getMessage())
{
public Throwable getCause()
{
return e;
}
};
}
}
/**
* Create a generator overriding the algorithm type implied by the public key in the certificate passed in.
*
* @param recipientCert certificate carrying the public key.
* @param algorithmIdentifier the identifier and parameters for the encryption algorithm to be used.
*/
public JceKTSKeyTransRecipientInfoGenerator(X509Certificate recipientCert, AlgorithmIdentifier algorithmIdentifier)
throws CertificateEncodingException
{
super(new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), new JceAsymmetricKeyWrapper(algorithmIdentifier, recipientCert.getPublicKey()));
}
/**
* Create a generator overriding the algorithm type implied by the public key passed in.
*
* @param subjectKeyIdentifier the subject key identifier value to associate with the public key.
* @param algorithmIdentifier the identifier and parameters for the encryption algorithm to be used.
* @param publicKey the public key to use.
*/
public JceKTSKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, AlgorithmIdentifier algorithmIdentifier, PublicKey publicKey)
{
super(subjectKeyIdentifier, new JceAsymmetricKeyWrapper(algorithmIdentifier, publicKey));
}
public JceKTSKeyTransRecipientInfoGenerator setProvider(String providerName)
{
((JceKTSKeyWrapper)this.wrapper).setProvider(providerName);
return this;
}
public JceKTSKeyTransRecipientInfoGenerator setProvider(Provider provider)
{
((JceKTSKeyWrapper)this.wrapper).setProvider(provider);
return this;
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy