public abstract class JceKTSKeyTransRecipient extends java.lang.Object implements KeyTransRecipient
Modifier and Type | Field and Description |
---|---|
protected EnvelopedDataHelper |
contentHelper |
protected java.util.Map |
extraMappings |
protected EnvelopedDataHelper |
helper |
protected boolean |
unwrappedKeyMustBeEncodable |
protected boolean |
validateKeySize |
Constructor and Description |
---|
JceKTSKeyTransRecipient(java.security.PrivateKey recipientKey,
byte[] partyVInfo) |
Modifier and Type | Method and Description |
---|---|
protected java.security.Key |
extractSecretKey(org.bouncycastle.asn1.x509.AlgorithmIdentifier keyEncryptionAlgorithm,
org.bouncycastle.asn1.x509.AlgorithmIdentifier encryptedKeyAlgorithm,
byte[] encryptedEncryptionKey) |
protected static byte[] |
getPartyVInfoFromRID(KeyTransRecipientId recipientId) |
JceKTSKeyTransRecipient |
setAlgorithmMapping(org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm,
java.lang.String algorithmName)
Internally algorithm ids are converted into cipher names using a lookup table.
|
JceKTSKeyTransRecipient |
setContentProvider(java.security.Provider provider)
Set the provider to use for content processing.
|
JceKTSKeyTransRecipient |
setContentProvider(java.lang.String providerName)
Set the provider to use for content processing.
|
JceKTSKeyTransRecipient |
setKeySizeValidation(boolean doValidate)
Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.
|
JceKTSKeyTransRecipient |
setProvider(java.security.Provider provider)
Set the provider to use for key recovery and content processing.
|
JceKTSKeyTransRecipient |
setProvider(java.lang.String providerName)
Set the provider to use for key recovery and content processing.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getRecipientOperator
protected EnvelopedDataHelper helper
protected EnvelopedDataHelper contentHelper
protected java.util.Map extraMappings
protected boolean validateKeySize
protected boolean unwrappedKeyMustBeEncodable
public JceKTSKeyTransRecipient(java.security.PrivateKey recipientKey, byte[] partyVInfo)
public JceKTSKeyTransRecipient setProvider(java.security.Provider provider)
provider
- provider to use.public JceKTSKeyTransRecipient setProvider(java.lang.String providerName)
providerName
- the name of the provider to use.public JceKTSKeyTransRecipient setAlgorithmMapping(org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm, java.lang.String algorithmName)
For example:
unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
algorithm
- OID of algorithm in recipient.algorithmName
- JCE algorithm name to use.public JceKTSKeyTransRecipient setContentProvider(java.security.Provider provider)
provider
- the provider to use.public JceKTSKeyTransRecipient setContentProvider(java.lang.String providerName)
providerName
- the name of the provider to use.public JceKTSKeyTransRecipient setKeySizeValidation(boolean doValidate)
This setting will not have any affect if the encryption algorithm in the recipient does not specify a particular key size, or if the unwrapper is a HSM and the byte encoding of the unwrapped secret key is not available.
doValidate
- true if unwrapped key's should be validated against the content encryption algorithm, false otherwise.protected java.security.Key extractSecretKey(org.bouncycastle.asn1.x509.AlgorithmIdentifier keyEncryptionAlgorithm, org.bouncycastle.asn1.x509.AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey) throws CMSException
CMSException
protected static byte[] getPartyVInfoFromRID(KeyTransRecipientId recipientId) throws java.io.IOException
java.io.IOException