Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

codec.pkcs7
Class EncryptedContentInfo

java.lang.Object
  |
  +--java.util.AbstractCollection
        |
        +--java.util.AbstractList
              |
              +--java.util.ArrayList
                    |
                    +--codec.asn1.ASN1AbstractCollection
                          |
                          +--codec.asn1.ASN1Sequence
                                |
                                +--codec.pkcs7.EncryptedContentInfo
All Implemented Interfaces:
ASN1Collection, ASN1Type, Cloneable, Collection, Externalizable, List, Serializable
public class EncryptedContentInfo
extends ASN1Sequence

This class represents a EncryptedContentInfo as defined in PKCS#7. The ASN.1 definition of this structure is 

 EncryptedContentInfo ::= SEQUENCE {
   contentType ContentType,
   contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
   encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
 }
 EncryptedContent ::= OCTET STRING
 ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier

contentType indicates the type of content embedded in the EncryptedContent. The encryptedContent is optional; if it is not included in this structure then it must be provided by other means (such as a detached file).

PKCS#7 specifies six content types, of which five are supported: data, signedData, envelopedData, signedAndEnvelopedData, and encryptedData. All of these content types have registered OIDs.

Version:
"$Id: EncryptedContentInfo.java,v 1.9 2007/08/30 08:45:05 pebinger Exp $"
Author:
Volker Roth, Markus Tak
See Also:
Serialized Form

Field Summary
protected  String bea_
          The bulk encryption algorithm.
static int BUFFER_SIZE
          The size of the buffer allocated for encrypting.
protected  AlgorithmIdentifier cAlg_
          The ContentEncryptionAlgorithmIdentifier
protected  ASN1ObjectIdentifier contentType_
          The OID defining the contents of this structure.
protected  ASN1TaggedType econtent_
          The encrypted content, if present in this structure.
 
Fields inherited from class java.util.AbstractList
modCount
 
Constructor Summary
EncryptedContentInfo()
          Creates an instance ready for parsing.
EncryptedContentInfo(String bea, SecretKey bek, AlgorithmParameters params)
          Initializes an instance with the given secret key, algorithm, and parameters.
 
Method Summary
 byte[] crypt(byte[] in, int offset, int length, int opmode)
          Crypts or decrypts the given input bytes and returns the resulting cipher text or clear text.
 void crypt(byte[] in, OutputStream out, int opmode)
          Crypts or decrypts the given input bytes and writes the resulting cipher text or clear text tp the given output stream.
 void crypt(InputStream in, OutputStream out, int opmode)
          Pipes the input to the output while encrypting or decrypting the piped data with the BEK.
 void decode(Decoder dec)
          Decodes this instance with the given decoder.
 String getAlgorithm()
          Returns the name of the bulk encryption algorithm name.
 ASN1ObjectIdentifier getContentType()
          Returns the contentType of this structure.
 byte[] getData()
          This method decrypts and returns the decrypted data contained in this instance or null if there is no contained data.
 byte[] getEncryptedContent()
          This method returns the actual content of this structure.
 AlgorithmParameters getParameters()
          Returns the algorithm parameters of the bulk encryption algorithm identifier.
 SecretKey getSecretKey()
          Returns the secret bulk encryption key.
protected  void init()
          Basic initialization.
 void init(PrivateKey kdk, RecipientInfo info)
          Initializes this instance for encryption/decryption with the BEK that is stored in the given RecipientInfo.
 void init(SecretKey key)
          Initializes this instance for encryption/decryption with the given secret key.
 boolean isReady()
          This method returns true if this instance is ready for encryption/decryption without further initialization.
 RecipientInfo newRecipient(X509Certificate cert)
          This method initializes and returns a new RecipientInfo based on the given certificate.
 RecipientInfo newRecipient(X509Certificate cert, int encType)
          This method initializes and returns a new RecipientInfo based on the given certificate and encoding type.
 void setContentType(ASN1ObjectIdentifier oid)
          Sets the content type to the given OID.
 void setData(InputStream in)
          Encrypts the given data and inserts it as Data content.
 void setEncryptedContent(ASN1ObjectIdentifier oid, InputStream in)
          Encrypts the given data and embeds it into this instance.
 
Methods inherited from class codec.asn1.ASN1Sequence
getTag
 
Methods inherited from class codec.asn1.ASN1AbstractCollection
checkConstraints, encode, getCollection, getConstraint, getTagClass, getValue, isExplicit, isOptional, isType, readExternal, setConstraint, setExplicit, setOptional, toString, writeExternal
 
Methods inherited from class java.util.ArrayList
add, add, addAll, addAll, clear, clone, contains, ensureCapacity, get, indexOf, isEmpty, lastIndexOf, remove, removeRange, set, size, toArray, toArray, trimToSize
 
Methods inherited from class java.util.AbstractList
equals, hashCode, iterator, listIterator, listIterator, subList
 
Methods inherited from class java.util.AbstractCollection
containsAll, remove, removeAll, retainAll
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface java.util.Collection
add, addAll, clear, contains, containsAll, equals, hashCode, isEmpty, iterator, remove, removeAll, retainAll, size, toArray, toArray
 
Methods inherited from interface java.util.List
containsAll, equals, hashCode, iterator, listIterator, listIterator, remove, removeAll, retainAll, subList
 

Field Detail

BUFFER_SIZE

public static final int BUFFER_SIZE
The size of the buffer allocated for encrypting.

contentType_

protected ASN1ObjectIdentifier contentType_
The OID defining the contents of this structure.

cAlg_

protected AlgorithmIdentifier cAlg_
The ContentEncryptionAlgorithmIdentifier

econtent_

protected ASN1TaggedType econtent_
The encrypted content, if present in this structure.

bea_

protected String bea_
The bulk encryption algorithm.
Constructor Detail

EncryptedContentInfo

public EncryptedContentInfo()
Creates an instance ready for parsing. After decoding of this instance, it must be initialized with one of the init methods, before encryption or decryption operation can commence.

EncryptedContentInfo

public EncryptedContentInfo(String bea,
                            SecretKey bek,
                            AlgorithmParameters params)
                     throws InvalidAlgorithmParameterException
Initializes an instance with the given secret key, algorithm, and parameters. The content type is set to Data. Instances created with this constructor are ready for encryption and decryption operations by means of the crypt methods.
Parameters:
bea - The bulk encryption algorithm name.
bek - The secret bulk encryption key.
params - The bulk encryption algorithm parameters.
Method Detail

getContentType

public ASN1ObjectIdentifier getContentType()
Returns the contentType of this structure. This value is defined only if the structure has been decoded successfully, or the content has been set previously.
Returns:
The OID describing the contentType of this structure.

getEncryptedContent

public byte[] getEncryptedContent()
This method returns the actual content of this structure.
Returns:
The content or null if no content is available.

getAlgorithm

public String getAlgorithm()
Returns the name of the bulk encryption algorithm name.
Returns:
The algorithm name.
Throws:
IllegalStateException - if this instance is not yet initialized.

getParameters

public AlgorithmParameters getParameters()
Returns the algorithm parameters of the bulk encryption algorithm identifier.
Returns:
The algorithm parameters.

getSecretKey

public SecretKey getSecretKey()
Returns the secret bulk encryption key.
Returns:
The BEK or null.
Throws:
IllegalStateException - if this instance is not yet initialized.

init

public void init(PrivateKey kdk,
                 RecipientInfo info)
          throws GeneralSecurityException
Initializes this instance for encryption/decryption with the BEK that is stored in the given RecipientInfo. The BEK is decrypted with the given private key and initialized according to the algorithm specified in this instance's contentEncryptionAlgorithmIdentifier.
Parameters:
kdk - The private Key Decryption Key required to decrypt the BEK.
info - The RecipientInfo that holds the BEK.
Throws:
GeneralSecurityException - if some cipher related exception is thrown by the underlying engines.

init

public void init(SecretKey key)
          throws GeneralSecurityException
Initializes this instance for encryption/decryption with the given secret key.
Parameters:
key - The secret key that is used to decrypt. The key must match the algorithm defined in the contentEncryptionAlgorithmIdentifier.
Throws:
GeneralSecurityException - if some cipher related exception is thrown by the underlying engines.

init

protected void init()
             throws GeneralSecurityException
Basic initialization.

isReady

public boolean isReady()
This method returns true if this instance is ready for encryption/decryption without further initialization.
Returns:
true if it is ready.

newRecipient

public RecipientInfo newRecipient(X509Certificate cert)
                           throws GeneralSecurityException,
                                  BadNameException
This method initializes and returns a new RecipientInfo based on the given certificate. The BEK must already be initialized, otherwise an exception is thrown.
Parameters:
cert - the certificate
Returns:
the created RecipientInfo
Throws:
GeneralSecurityException - if some cipher operation fails.
BadNameException - if the issuer name in the given certificate cannot be parsed.
IllegalStateException - if the BEK is not yet initialized.

newRecipient

public RecipientInfo newRecipient(X509Certificate cert,
                                  int encType)
                           throws GeneralSecurityException,
                                  BadNameException
This method initializes and returns a new RecipientInfo based on the given certificate and encoding type. The BEK must already be initialized, otherwise an exception is thrown.
Parameters:
cert - the certificate
encType - the encoding type
Returns:
the created RecipientInfo
Throws:
GeneralSecurityException - if some cipher operation fails.
BadNameException - if the issuer name in the given certificate cannot be parsed.
IllegalStateException - if the BEK is not yet initialized.

setData

public void setData(InputStream in)
             throws IOException,
                    GeneralSecurityException
Encrypts the given data and inserts it as Data content. The input stream is not closed.
Throws:
IllegalStateException - if the DEK is not initialized.
GeneralSecurityException - if something nasty happens while encrypting such as algorithms not found, bad paddings et cetera.

getData

public byte[] getData()
               throws GeneralSecurityException,
                      NoSuchElementException
This method decrypts and returns the decrypted data contained in this instance or null if there is no contained data.
Throws:
InconsistentStateException - in case of an unexpected internal exception. This should never happen.
IllegalStateException - if the DEK is not initialized.
NoSuchElementException - if the content type is not Data.
GeneralSecurityException - if a cipher operation fails.

crypt

public void crypt(InputStream in,
                  OutputStream out,
                  int opmode)
           throws IOException,
                  GeneralSecurityException
Pipes the input to the output while encrypting or decrypting the piped data with the BEK. The output stream is not closed by this method but the input stream is.
Parameters:
in - The stream from which data is read.
out - The stream to which data is written.
opmode - The operation mode of the cipher, either Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE.
Throws:
GeneralSecurityException - if the some cipher operation caused an exception.
IllegalStateException - if the BEK is not initialized.
IOException - if some I/O error is detected.

crypt

public void crypt(byte[] in,
                  OutputStream out,
                  int opmode)
           throws IOException,
                  GeneralSecurityException
Crypts or decrypts the given input bytes and writes the resulting cipher text or clear text tp the given output stream. The output stream is flushed but not closed by this method.
Parameters:
in - The byte array from which data is taken.
out - The stream to which data is written.
opmode - The operation mode of the cipher, either Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE.
Throws:
GeneralSecurityException - if the some cipher operation caused an exception.
IllegalStateException - if the BEK is not initialized.
IOException - if some I/O error is detected.

crypt

public byte[] crypt(byte[] in,
                    int offset,
                    int length,
                    int opmode)
             throws GeneralSecurityException
Crypts or decrypts the given input bytes and returns the resulting cipher text or clear text.
Parameters:
in - The byte array from which data is taken.
offset - The offset in the byte array at which the data starts.
length - The number of bytes to operate on starting at the given offset.
opmode - The operation mode of the cipher, either Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE.
Returns:
The resulting cipher text or clear text depending on the operation mode.
Throws:
GeneralSecurityException - if the some cipher operation caused an exception.
IllegalStateException - if the BEK is not initialized.

decode

public void decode(Decoder dec)
            throws IOException,
                   ASN1Exception
Decodes this instance with the given decoder. After decoding, an attempt is made to resolve the algorithm name and parameters.
Overrides:
decode in class ASN1AbstractCollection
Parameters:
dec - The decoder to use.

setEncryptedContent

public void setEncryptedContent(ASN1ObjectIdentifier oid,
                                InputStream in)
                         throws IOException,
                                GeneralSecurityException
Encrypts the given data and embeds it into this instance. The content type is set to the specified OID.
Parameters:
oid - The OID that identifies the content type.
in - The stream from which the data is read.
Throws:
IllegalStateException - if this instance is not properly initialized for encryption.
GeneralSecurityException - if something nasty happens while encrypting such as algorithms not found, bad paddings et cetera.

setContentType

public void setContentType(ASN1ObjectIdentifier oid)
Sets the content type to the given OID. The OID is copied by reference. Modifying it afterwards causes side effects.
Parameters:
oid - The OID that identifies the content type.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
Copyright © Fraunhofer Gesellschaft. All Rights Reserved.