org.bouncycastle.cms.jcajce.JceKeyTransRecipient Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bcpkix-jdk18on Show documentation
Show all versions of bcpkix-jdk18on Show documentation
The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.
package org.bouncycastle.cms.jcajce;
import java.security.Key;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
import org.bouncycastle.asn1.cms.KEMRecipientInfo;
import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
import org.bouncycastle.asn1.cryptopro.Gost2814789EncryptedKey;
import org.bouncycastle.asn1.cryptopro.GostR3410KeyTransport;
import org.bouncycastle.asn1.cryptopro.GostR3410TransportParameters;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.KeyTransRecipient;
import org.bouncycastle.jcajce.spec.GOST28147WrapParameterSpec;
import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
import org.bouncycastle.operator.OperatorException;
import org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;
import org.bouncycastle.util.Arrays;
public abstract class JceKeyTransRecipient
implements KeyTransRecipient
{
private PrivateKey recipientKey;
protected EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
protected EnvelopedDataHelper contentHelper = helper;
protected Map extraMappings = new HashMap();
protected boolean validateKeySize = false;
protected boolean unwrappedKeyMustBeEncodable;
public JceKeyTransRecipient(PrivateKey recipientKey)
{
this.recipientKey = CMSUtils.cleanPrivateKey(recipientKey);
}
/**
* Set the provider to use for key recovery and content processing.
*
* @param provider provider to use.
* @return this recipient.
*/
public JceKeyTransRecipient setProvider(Provider provider)
{
this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
this.contentHelper = helper;
return this;
}
/**
* Set the provider to use for key recovery and content processing.
*
* @param providerName the name of the provider to use.
* @return this recipient.
*/
public JceKeyTransRecipient setProvider(String providerName)
{
this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
this.contentHelper = helper;
return this;
}
/**
* Internally algorithm ids are converted into cipher names using a lookup table. For some providers
* the standard lookup table won't work. Use this method to establish a specific mapping from an
* algorithm identifier to a specific algorithm.
*
* For example:
*
* unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
*
*
* @param algorithm OID of algorithm in recipient.
* @param algorithmName JCE algorithm name to use.
* @return the current Recipient.
*/
public JceKeyTransRecipient setAlgorithmMapping(ASN1ObjectIdentifier algorithm, String algorithmName)
{
extraMappings.put(algorithm, algorithmName);
return this;
}
/**
* Set the provider to use for content processing. If providerName is null a "no provider" search will be
* used to satisfy getInstance calls.
*
* @param provider the provider to use.
* @return this recipient.
*/
public JceKeyTransRecipient setContentProvider(Provider provider)
{
this.contentHelper = CMSUtils.createContentHelper(provider);
return this;
}
/**
* Flag that unwrapping must produce a key that will return a meaningful value from a call to Key.getEncoded().
* This is important if you are using a HSM for unwrapping and using a software based provider for
* decrypting the content. Default value: false.
*
* @param unwrappedKeyMustBeEncodable true if getEncoded() should return key bytes, false if not necessary.
* @return this recipient.
*/
public JceKeyTransRecipient setMustProduceEncodableUnwrappedKey(boolean unwrappedKeyMustBeEncodable)
{
this.unwrappedKeyMustBeEncodable = unwrappedKeyMustBeEncodable;
return this;
}
/**
* Set the provider to use for content processing. If providerName is null a "no provider" search will be
* used to satisfy getInstance calls.
*
* @param providerName the name of the provider to use.
* @return this recipient.
*/
public JceKeyTransRecipient setContentProvider(String providerName)
{
this.contentHelper = CMSUtils.createContentHelper(providerName);
return this;
}
/**
* Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.
*
* This setting will not have any affect if the encryption algorithm in the recipient does not specify a particular key size, or
* if the unwrapper is a HSM and the byte encoding of the unwrapped secret key is not available.
*
*
* @param doValidate true if unwrapped key's should be validated against the content encryption algorithm, false otherwise.
* @return this recipient.
*/
public JceKeyTransRecipient setKeySizeValidation(boolean doValidate)
{
this.validateKeySize = doValidate;
return this;
}
protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey)
throws CMSException
{
if (CMSUtils.isGOST(keyEncryptionAlgorithm.getAlgorithm()))
{
try
{
GostR3410KeyTransport transport = GostR3410KeyTransport.getInstance(encryptedEncryptionKey);
GostR3410TransportParameters transParams = transport.getTransportParameters();
KeyFactory keyFactory = helper.createKeyFactory(keyEncryptionAlgorithm.getAlgorithm());
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(transParams.getEphemeralPublicKey().getEncoded()));
KeyAgreement agreement = helper.createKeyAgreement(keyEncryptionAlgorithm.getAlgorithm());
agreement.init(recipientKey, new UserKeyingMaterialSpec(transParams.getUkm()));
agreement.doPhase(pubKey, true);
SecretKey key = agreement.generateSecret(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.getId());
Cipher keyCipher = helper.createCipher(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap);
keyCipher.init(Cipher.UNWRAP_MODE, key, new GOST28147WrapParameterSpec(transParams.getEncryptionParamSet(), transParams.getUkm()));
Gost2814789EncryptedKey encKey = transport.getSessionEncryptedKey();
return keyCipher.unwrap(Arrays.concatenate(encKey.getEncryptedKey(), encKey.getMacKey()), helper.getBaseCipherName(encryptedKeyAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
}
catch (Exception e)
{
throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
}
}
else if (CMSObjectIdentifiers.id_ori_kem.equals(keyEncryptionAlgorithm.getAlgorithm()))
{
// TODO: note there is a move to change the type for KEMs from KeyTrans, expect this to change
KEMRecipientInfo gktParams = KEMRecipientInfo.getInstance(keyEncryptionAlgorithm.getParameters());
JceAsymmetricKeyUnwrapper unwrapper = helper.createAsymmetricUnwrapper(gktParams.getKem(), recipientKey).setMustProduceEncodableUnwrappedKey(unwrappedKeyMustBeEncodable);
if (!extraMappings.isEmpty())
{
for (Iterator it = extraMappings.keySet().iterator(); it.hasNext(); )
{
ASN1ObjectIdentifier algorithm = (ASN1ObjectIdentifier)it.next();
unwrapper.setAlgorithmMapping(algorithm, (String)extraMappings.get(algorithm));
}
}
try
{
Key key = helper.getJceKey(encryptedKeyAlgorithm, unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedEncryptionKey));
if (validateKeySize)
{
helper.keySizeCheck(encryptedKeyAlgorithm, key);
}
return key;
}
catch (OperatorException e)
{
throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
}
}
else
{
JceAsymmetricKeyUnwrapper unwrapper = helper.createAsymmetricUnwrapper(keyEncryptionAlgorithm, recipientKey).setMustProduceEncodableUnwrappedKey(unwrappedKeyMustBeEncodable);
if (!extraMappings.isEmpty())
{
for (Iterator it = extraMappings.keySet().iterator(); it.hasNext(); )
{
ASN1ObjectIdentifier algorithm = (ASN1ObjectIdentifier)it.next();
unwrapper.setAlgorithmMapping(algorithm, (String)extraMappings.get(algorithm));
}
}
try
{
Key key = helper.getJceKey(encryptedKeyAlgorithm, unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedEncryptionKey));
if (validateKeySize)
{
if (encryptedEncryptionKey.equals(CMSObjectIdentifiers.id_alg_cek_hkdf_sha256))
{
helper.keySizeCheck(
AlgorithmIdentifier.getInstance(encryptedKeyAlgorithm.getParameters()), key);
}
else
{
helper.keySizeCheck(encryptedKeyAlgorithm, key);
}
}
return key;
}
catch (OperatorException e)
{
throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
}
}
}
}