org.bouncycastle.asn1.cms.AuthEnvelopedData Maven / Gradle / Ivy
Show all versions of bcprov-debug-jdk14 Show documentation
package org.bouncycastle.asn1.cms;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.BERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
/**
* RFC 5083:
*
* CMS AuthEnveloped Data object.
*
* ASN.1:
*
* id-ct-authEnvelopedData OBJECT IDENTIFIER ::= { iso(1)
* member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
* smime(16) ct(1) 23 }
*
* AuthEnvelopedData ::= SEQUENCE {
* version CMSVersion,
* originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
* recipientInfos RecipientInfos,
* authEncryptedContentInfo EncryptedContentInfo,
* authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
* mac MessageAuthenticationCode,
* unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
*
*/
public class AuthEnvelopedData
extends ASN1Object
{
private ASN1Integer version;
private OriginatorInfo originatorInfo;
private ASN1Set recipientInfos;
private EncryptedContentInfo authEncryptedContentInfo;
private ASN1Set authAttrs;
private ASN1OctetString mac;
private ASN1Set unauthAttrs;
public AuthEnvelopedData(
OriginatorInfo originatorInfo,
ASN1Set recipientInfos,
EncryptedContentInfo authEncryptedContentInfo,
ASN1Set authAttrs,
ASN1OctetString mac,
ASN1Set unauthAttrs)
{
// "It MUST be set to 0."
this.version = new ASN1Integer(0);
this.originatorInfo = originatorInfo;
// "There MUST be at least one element in the collection."
this.recipientInfos = recipientInfos;
if (this.recipientInfos.size() == 0)
{
throw new IllegalArgumentException("AuthEnvelopedData requires at least 1 RecipientInfo");
}
this.authEncryptedContentInfo = authEncryptedContentInfo;
// "The authAttrs MUST be present if the content type carried in
// EncryptedContentInfo is not id-data."
this.authAttrs = authAttrs;
if (!authEncryptedContentInfo.getContentType().equals(CMSObjectIdentifiers.data))
{
if (authAttrs == null || authAttrs.size() == 0)
{
throw new IllegalArgumentException("authAttrs must be present with non-data content");
}
}
this.mac = mac;
this.unauthAttrs = unauthAttrs;
}
/**
* Constructs AuthEnvelopedData by parsing supplied ASN1Sequence
* * @param seq An ASN1Sequence with AuthEnvelopedData */ private AuthEnvelopedData( ASN1Sequence seq) { int index = 0; // "It MUST be set to 0." ASN1Primitive tmp = seq.getObjectAt(index++).toASN1Primitive(); version = ASN1Integer.getInstance(tmp); if (version.intValueExact() != 0) { throw new IllegalArgumentException("AuthEnvelopedData version number must be 0"); } tmp = seq.getObjectAt(index++).toASN1Primitive(); if (tmp instanceof ASN1TaggedObject) { originatorInfo = OriginatorInfo.getInstance((ASN1TaggedObject)tmp, false); tmp = seq.getObjectAt(index++).toASN1Primitive(); } // "There MUST be at least one element in the collection." recipientInfos = ASN1Set.getInstance(tmp); if (this.recipientInfos.size() == 0) { throw new IllegalArgumentException("AuthEnvelopedData requires at least 1 RecipientInfo"); } tmp = seq.getObjectAt(index++).toASN1Primitive(); authEncryptedContentInfo = EncryptedContentInfo.getInstance(tmp); tmp = seq.getObjectAt(index++).toASN1Primitive(); if (tmp instanceof ASN1TaggedObject) { authAttrs = ASN1Set.getInstance((ASN1TaggedObject)tmp, false); tmp = seq.getObjectAt(index++).toASN1Primitive(); } else { // "The authAttrs MUST be present if the content type carried in // EncryptedContentInfo is not id-data." if (!authEncryptedContentInfo.getContentType().equals(CMSObjectIdentifiers.data)) { if (authAttrs == null || authAttrs.size() == 0) { throw new IllegalArgumentException("authAttrs must be present with non-data content"); } } } mac = ASN1OctetString.getInstance(tmp); if (seq.size() > index) { tmp = seq.getObjectAt(index).toASN1Primitive(); unauthAttrs = ASN1Set.getInstance((ASN1TaggedObject)tmp, false); } } /** * Return an AuthEnvelopedData object from a tagged object. *
* Accepted inputs: * * {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats * * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly * tagged false otherwise. * @return a reference that can be assigned to AuthEnvelopedData (may be null) * @throws IllegalArgumentException if the object held by the * tagged object cannot be converted. */ public static AuthEnvelopedData getInstance( ASN1TaggedObject obj, boolean explicit) { return getInstance(ASN1Sequence.getInstance(obj, explicit)); } /** * Return an AuthEnvelopedData object from the given object. *
* Accepted inputs:
*
* null → null
* {@link AuthEnvelopedData} object
* {@link ASN1Sequence org.bouncycastle.asn1.ASN1Sequence} input formats with AuthEnvelopedData structure inside
*
*
* @param obj The object we want converted.
* @return a reference that can be assigned to AuthEnvelopedData (may be null)
* @throws IllegalArgumentException if the object cannot be converted, or was null.
*/
public static AuthEnvelopedData getInstance(
Object obj)
{
if (obj == null || obj instanceof AuthEnvelopedData)
{
return (AuthEnvelopedData)obj;
}
if (obj instanceof ASN1Sequence)
{
return new AuthEnvelopedData((ASN1Sequence)obj);
}
throw new IllegalArgumentException("Invalid AuthEnvelopedData: " + obj.getClass().getName());
}
public ASN1Integer getVersion()
{
return version;
}
public OriginatorInfo getOriginatorInfo()
{
return originatorInfo;
}
public ASN1Set getRecipientInfos()
{
return recipientInfos;
}
public EncryptedContentInfo getAuthEncryptedContentInfo()
{
return authEncryptedContentInfo;
}
public ASN1Set getAuthAttrs()
{
return authAttrs;
}
public ASN1OctetString getMac()
{
return mac;
}
public ASN1Set getUnauthAttrs()
{
return unauthAttrs;
}
/**
* Produce an object suitable for an ASN1OutputStream.
*/
public ASN1Primitive toASN1Primitive()
{
ASN1EncodableVector v = new ASN1EncodableVector(7);
v.add(version);
if (originatorInfo != null)
{
v.add(new DERTaggedObject(false, 0, originatorInfo));
}
v.add(recipientInfos);
v.add(authEncryptedContentInfo);
// "authAttrs optionally contains the authenticated attributes."
if (authAttrs != null)
{
// "AuthAttributes MUST be DER encoded, even if the rest of the
// AuthEnvelopedData structure is BER encoded."
v.add(new DERTaggedObject(false, 1, authAttrs));
}
v.add(mac);
// "unauthAttrs optionally contains the unauthenticated attributes."
if (unauthAttrs != null)
{
v.add(new DERTaggedObject(false, 2, unauthAttrs));
}
return new BERSequence(v);
}
}