| package org.bouncycastle.cms.jcajce; |
| |
| import java.io.IOException; |
| import java.security.Provider; |
| import java.security.PublicKey; |
| import java.security.cert.CertificateEncodingException; |
| import java.security.cert.X509Certificate; |
| |
| import org.bouncycastle.asn1.ASN1Encoding; |
| import org.bouncycastle.asn1.DEROctetString; |
| import org.bouncycastle.asn1.cms.IssuerAndSerialNumber; |
| import org.bouncycastle.asn1.x509.AlgorithmIdentifier; |
| import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; |
| import org.bouncycastle.cms.KeyTransRecipientInfoGenerator; |
| import org.bouncycastle.operator.jcajce.JceAsymmetricKeyWrapper; |
| import org.bouncycastle.operator.jcajce.JceKTSKeyWrapper; |
| import org.bouncycastle.util.encoders.Hex; |
| |
| public class JceKTSKeyTransRecipientInfoGenerator |
| extends KeyTransRecipientInfoGenerator |
| { |
| private static final byte[] ANONYMOUS_SENDER = Hex.decode("0c14416e6f6e796d6f75732053656e64657220202020"); // "Anonymous Sender " |
| |
| private JceKTSKeyTransRecipientInfoGenerator(X509Certificate recipientCert, IssuerAndSerialNumber recipientID, String symmetricWrappingAlg, int keySizeInBits) |
| throws CertificateEncodingException |
| { |
| super(recipientID, new JceKTSKeyWrapper(recipientCert, symmetricWrappingAlg, keySizeInBits, ANONYMOUS_SENDER, getEncodedRecipID(recipientID))); |
| } |
| |
| public JceKTSKeyTransRecipientInfoGenerator(X509Certificate recipientCert, String symmetricWrappingAlg, int keySizeInBits) |
| throws CertificateEncodingException |
| { |
| this(recipientCert, new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), symmetricWrappingAlg, keySizeInBits); |
| } |
| |
| public JceKTSKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, PublicKey publicKey, String symmetricWrappingAlg, int keySizeInBits) |
| { |
| super(subjectKeyIdentifier, new JceKTSKeyWrapper(publicKey, symmetricWrappingAlg, keySizeInBits, ANONYMOUS_SENDER, getEncodedSubKeyId(subjectKeyIdentifier))); |
| } |
| |
| private static byte[] getEncodedRecipID(IssuerAndSerialNumber recipientID) |
| throws CertificateEncodingException |
| { |
| try |
| { |
| return recipientID.getEncoded(ASN1Encoding.DER); |
| } |
| catch (final IOException e) |
| { |
| throw new CertificateEncodingException("Cannot process extracted IssuerAndSerialNumber: " + e.getMessage()) |
| { |
| public Throwable getCause() |
| { |
| return e; |
| } |
| }; |
| } |
| } |
| |
| private static byte[] getEncodedSubKeyId(byte[] subjectKeyIdentifier) |
| { |
| try |
| { |
| return new DEROctetString(subjectKeyIdentifier).getEncoded(); |
| } |
| catch (final IOException e) |
| { |
| throw new IllegalArgumentException("Cannot process subject key identifier: " + e.getMessage()) |
| { |
| public Throwable getCause() |
| { |
| return e; |
| } |
| }; |
| } |
| } |
| |
| /** |
| * Create a generator overriding the algorithm type implied by the public key in the certificate passed in. |
| * |
| * @param recipientCert certificate carrying the public key. |
| * @param algorithmIdentifier the identifier and parameters for the encryption algorithm to be used. |
| */ |
| public JceKTSKeyTransRecipientInfoGenerator(X509Certificate recipientCert, AlgorithmIdentifier algorithmIdentifier) |
| throws CertificateEncodingException |
| { |
| super(new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), new JceAsymmetricKeyWrapper(algorithmIdentifier, recipientCert.getPublicKey())); |
| } |
| |
| /** |
| * Create a generator overriding the algorithm type implied by the public key passed in. |
| * |
| * @param subjectKeyIdentifier the subject key identifier value to associate with the public key. |
| * @param algorithmIdentifier the identifier and parameters for the encryption algorithm to be used. |
| * @param publicKey the public key to use. |
| */ |
| public JceKTSKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, AlgorithmIdentifier algorithmIdentifier, PublicKey publicKey) |
| { |
| super(subjectKeyIdentifier, new JceAsymmetricKeyWrapper(algorithmIdentifier, publicKey)); |
| } |
| |
| public JceKTSKeyTransRecipientInfoGenerator setProvider(String providerName) |
| { |
| ((JceKTSKeyWrapper)this.wrapper).setProvider(providerName); |
| |
| return this; |
| } |
| |
| public JceKTSKeyTransRecipientInfoGenerator setProvider(Provider provider) |
| { |
| ((JceKTSKeyWrapper)this.wrapper).setProvider(provider); |
| |
| return this; |
| } |
| } |