Bouncy Castle Cryptography Library 1.59

org.bouncycastle.cms.jcajce
Class JceKTSKeyTransRecipient

java.lang.Object
  extended byorg.bouncycastle.cms.jcajce.JceKTSKeyTransRecipient
All Implemented Interfaces:
KeyTransRecipient, Recipient
Direct Known Subclasses:
JceKTSKeyTransAuthenticatedRecipient, JceKTSKeyTransEnvelopedRecipient

public abstract class JceKTSKeyTransRecipient
extends java.lang.Object
implements KeyTransRecipient


Field Summary
protected  EnvelopedDataHelper contentHelper
           
protected  java.util.Map extraMappings
           
protected  EnvelopedDataHelper helper
           
protected  boolean unwrappedKeyMustBeEncodable
           
protected  boolean validateKeySize
           
 
Constructor Summary
JceKTSKeyTransRecipient(java.security.PrivateKey recipientKey, byte[] partyVInfo)
           
 
Method Summary
protected  java.security.Key extractSecretKey(org.bouncycastle.asn1.x509.AlgorithmIdentifier keyEncryptionAlgorithm, org.bouncycastle.asn1.x509.AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey)
           
protected static byte[] getPartyVInfoFromRID(KeyTransRecipientId recipientId)
           
 JceKTSKeyTransRecipient setAlgorithmMapping(org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm, java.lang.String algorithmName)
          Internally algorithm ids are converted into cipher names using a lookup table.
 JceKTSKeyTransRecipient setContentProvider(java.security.Provider provider)
          Set the provider to use for content processing.
 JceKTSKeyTransRecipient setContentProvider(java.lang.String providerName)
          Set the provider to use for content processing.
 JceKTSKeyTransRecipient setKeySizeValidation(boolean doValidate)
          Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.
 JceKTSKeyTransRecipient setProvider(java.security.Provider provider)
          Set the provider to use for key recovery and content processing.
 JceKTSKeyTransRecipient setProvider(java.lang.String providerName)
          Set the provider to use for key recovery and content processing.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.bouncycastle.cms.KeyTransRecipient
getRecipientOperator
 

Field Detail

helper

protected EnvelopedDataHelper helper

contentHelper

protected EnvelopedDataHelper contentHelper

extraMappings

protected java.util.Map extraMappings

validateKeySize

protected boolean validateKeySize

unwrappedKeyMustBeEncodable

protected boolean unwrappedKeyMustBeEncodable
Constructor Detail

JceKTSKeyTransRecipient

public JceKTSKeyTransRecipient(java.security.PrivateKey recipientKey,
                               byte[] partyVInfo)
Method Detail

setProvider

public JceKTSKeyTransRecipient setProvider(java.security.Provider provider)
Set the provider to use for key recovery and content processing.

Parameters:
provider - provider to use.
Returns:
this recipient.

setProvider

public JceKTSKeyTransRecipient setProvider(java.lang.String providerName)
Set the provider to use for key recovery and content processing.

Parameters:
providerName - the name of the provider to use.
Returns:
this recipient.

setAlgorithmMapping

public JceKTSKeyTransRecipient setAlgorithmMapping(org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm,
                                                   java.lang.String algorithmName)
Internally algorithm ids are converted into cipher names using a lookup table. For some providers the standard lookup table won't work. Use this method to establish a specific mapping from an algorithm identifier to a specific algorithm.

For example: unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");

Parameters:
algorithm - OID of algorithm in recipient.
algorithmName - JCE algorithm name to use.
Returns:
the current Recipient.

setContentProvider

public JceKTSKeyTransRecipient setContentProvider(java.security.Provider provider)
Set the provider to use for content processing. If providerName is null a "no provider" search will be used to satisfy getInstance calls.

Parameters:
provider - the provider to use.
Returns:
this recipient.

setContentProvider

public JceKTSKeyTransRecipient setContentProvider(java.lang.String providerName)
Set the provider to use for content processing. If providerName is null a "no provider" search will be used to satisfy getInstance calls.

Parameters:
providerName - the name of the provider to use.
Returns:
this recipient.

setKeySizeValidation

public JceKTSKeyTransRecipient setKeySizeValidation(boolean doValidate)
Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.

This setting will not have any affect if the encryption algorithm in the recipient does not specify a particular key size, or if the unwrapper is a HSM and the byte encoding of the unwrapped secret key is not available.

Parameters:
doValidate - true if unwrapped key's should be validated against the content encryption algorithm, false otherwise.
Returns:
this recipient.

extractSecretKey

protected java.security.Key extractSecretKey(org.bouncycastle.asn1.x509.AlgorithmIdentifier keyEncryptionAlgorithm,
                                             org.bouncycastle.asn1.x509.AlgorithmIdentifier encryptedKeyAlgorithm,
                                             byte[] encryptedEncryptionKey)
                                      throws CMSException
Throws:
CMSException

getPartyVInfoFromRID

protected static byte[] getPartyVInfoFromRID(KeyTransRecipientId recipientId)
                                      throws java.io.IOException
Throws:
java.io.IOException

Bouncy Castle Cryptography Library 1.59