Examples of codec.pkcs7.RecipientInfo

• codec.pkcs7.Data
  This class represents a PKCS#7 RecipientInfo structure. It is defined as follows:

   RecipientInfo ::= SEQUENCE { version Version, -- 0 for version 1.5 of PKCS#7 issuerAndSerialNumber IssuerAndSerialNumber, keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, encryptedKey EncryptedKey } EncryptedKey ::= OCTET STRING KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier 

  For completeness, we also present the structures referenced in the RecipientInfo structure.

   IssuerAndSerialNumber ::= SEQUENCE { issuer Name, serialNumber CertificateSerialNumber } CertificateSerialNumber ::= INTEGER 

  This class provides methods to create a RecipientInfo structure from a certificate and a BEK. BEK stands for Bulk Encryption Key. The BEK is in general a symmetric key that is used to encrypt bulk data. The BEK is then encrypted with the public key of the recipient of the bulk data. The public key is sometimes called the Key Encryption Key (KEK).

  The BEK can be retrieved easily from instances of this structure as long as the algorithm of the DEK is known. This information is not stored in this class but in the {@link EncryptedContentInfo EncryptedContentInfo} structure,which contains RecipientInfo structures for each intended recipient of the bulk data.

  This class is completely JCE integrated. It determines the instances to use for encrypting and decrypting based on the OID contained in its instances. The OID are mapped to algorithm names and vice versa by the {@link JCA JCA}class, which requires appropriate aliases to be defined for algorithm implementations as described in the JCE documentation. If your installed providers do not support the aliasing scheme then request such support from your provider's supplier, or add a provider that properly defines the aliases (aliases are global to all providers). @author Volker Roth @version "$Id: RecipientInfo.java,v 1.6 2007/08/30 08:45:05 pebinger Exp $"

     * @param safe
     *                the SafeContents to be added to the AuthenticatedSafe
     */
    public void addSafeContents(SafeContents safe) throws IOException,
      ASN1Exception {
  ContentInfo cinfo = makeData(safe);
  add(cinfo);
    }

     *                the PBE algorithm to be used
     */
    public void addSafeContents(SafeContents safe, char[] passwd,
      String algorithm) throws IOException, ASN1Exception,
      GeneralSecurityException {
  ContentInfo cinfo = makeEncryptedData(safe, passwd, algorithm);
  add(cinfo);
    }

     */
    public void addSafeContents(SafeContents safe, SecretKey key,
      String algorithm, AlgorithmParameters params,
      java.security.cert.X509Certificate[] cert) throws IOException,
      ASN1Exception, BadNameException, GeneralSecurityException {
  ContentInfo cinfo = makeEnvelopedData(safe, key, algorithm, params,
    cert);
  add(cinfo);
    }

     */
    public int[] getProtectionMode() {
  int[] proMode;
  proMode = new int[this.size()];
  for (int i = 0; i < this.size(); i++) {
      ContentInfo cinfo = (ContentInfo) this.get(i);
      if (cinfo.getContent() instanceof Data) {
    proMode[i] = NO_PROTECTION;
      } else if (cinfo.getContent() instanceof EncryptedData) {
    proMode[i] = PASSWORD_PROTECTION;
      } else if (cinfo.getContent() instanceof EnvelopedData) {
    proMode[i] = PUBLIC_KEY_PROTECTION;
      } else {
    throw new IllegalStateException("Illegal protection mode: "
      + proMode[i]);
      }

     */
    public SafeContents getSafeContents(int i) throws IOException,
      ASN1Exception {
  byte[] encodedData;
  ByteArrayInputStream bais;
  ContentInfo cinfo = (ContentInfo) this.get(i);
  if (cinfo.getContent() instanceof Data) {
      encodedData = ((Data) cinfo.getContent()).getByteArray();
  } else {
      System.out
        .println("This bag is either password or public-key protected.");
      return null;
  }

    public SafeContents getSafeContents(int i, java.security.PrivateKey key,
      java.security.cert.X509Certificate cert) throws IOException,
      ASN1Exception, GeneralSecurityException, NoSuchElementException {
  ByteArrayInputStream bais;

  ContentInfo cinfo = (ContentInfo) this.get(i);
  EnvelopedData envData = null;
  if (cinfo.getContent() instanceof EnvelopedData) {
      envData = (EnvelopedData) cinfo.getContent();
  } else {
      System.out
        .println("This bag is password protected or not protected at all.");
      return null;
  }

  ByteArrayOutputStream baos = new ByteArrayOutputStream();
  DEREncoder encoder = new DEREncoder(baos);
  safe.encode(encoder);
  data = new Data(baos.toByteArray());
  baos.close();
  ContentInfo cInfo = new ContentInfo(data);
  return cInfo;
    }

  // make an EncryptedData and put it in a ContentInfo
  EncryptedData ecd = new EncryptedData(algorithm, pbekey, params);
  ecd.setData(bais);
  bais.close();

  ContentInfo cinfo = new ContentInfo();
  cinfo.setContent(new codec.asn1.ASN1ObjectIdentifier(
    "1.2.840.113549.1.7.6"), ecd);
  return cinfo;
    }

  bais.close();
  for (int i = 0; i < cert.length; i++) {
      edata.addRecipient(cert[i]);
  }

  ContentInfo cinfo = new ContentInfo(edata);
  return cinfo;
    }

     *
     * @return Contentinfo with contentType Data.
     */
    private ContentInfo makeData(SafeContents safe) throws IOException,
      ASN1Exception {
  Data data = null;
  ByteArrayOutputStream baos = new ByteArrayOutputStream();
  DEREncoder encoder = new DEREncoder(baos);
  safe.encode(encoder);
  data = new Data(baos.toByteArray());
  baos.close();
  ContentInfo cInfo = new ContentInfo(data);
  return cInfo;
    }