org.bouncycastle.cms.jcajce
Class JceKEKRecipient

java.lang.Object
  |
  +--org.bouncycastle.cms.jcajce.JceKEKRecipient

All Implemented Interfaces:

KEKRecipient, Recipient

Direct Known Subclasses:

JceKEKAuthenticatedRecipient, JceKEKEnvelopedRecipient

public abstract class JceKEKRecipient

extends java.lang.Object

implements KEKRecipient

Field Summary

protected EnvelopedDataHelper	contentHelper
protected EnvelopedDataHelper	helper
protected boolean	validateKeySize

Constructor Summary

JceKEKRecipient(javax.crypto.SecretKey recipientKey)

Method Summary

protected java.security.Key	extractSecretKey(org.bouncycastle.asn1.x509.AlgorithmIdentifier keyEncryptionAlgorithm, org.bouncycastle.asn1.x509.AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedContentEncryptionKey)
JceKEKRecipient	setContentProvider(java.security.Provider provider) Set the provider to use for content processing.
JceKEKRecipient	setContentProvider(java.lang.String providerName) Set the provider to use for content processing.
JceKEKRecipient	setKeySizeValidation(boolean doValidate) Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.
JceKEKRecipient	setProvider(java.security.Provider provider) Set the provider to use for key recovery and content processing.
JceKEKRecipient	setProvider(java.lang.String providerName) Set the provider to use for key recovery and content processing.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.bouncycastle.cms.KEKRecipient

getRecipientOperator

Field Detail

helper

protected EnvelopedDataHelper helper

contentHelper

protected EnvelopedDataHelper contentHelper

validateKeySize

protected boolean validateKeySize

Constructor Detail

JceKEKRecipient

public JceKEKRecipient(javax.crypto.SecretKey recipientKey)

Method Detail

setProvider

public JceKEKRecipient setProvider(java.security.Provider provider)

Set the provider to use for key recovery and content processing.

Parameters:

provider - provider to use.

Returns:

this recipient.

setProvider

public JceKEKRecipient setProvider(java.lang.String providerName)

Set the provider to use for key recovery and content processing.

Parameters:

providerName - the name of the provider to use.

Returns:

this recipient.

setContentProvider

public JceKEKRecipient setContentProvider(java.security.Provider provider)

Set the provider to use for content processing.

Parameters:

provider - the provider to use.

Returns:

this recipient.

setContentProvider

public JceKEKRecipient setContentProvider(java.lang.String providerName)

Set the provider to use for content processing.

Parameters:

providerName - the name of the provider to use.

Returns:

this recipient.

setKeySizeValidation

public JceKEKRecipient setKeySizeValidation(boolean doValidate)

Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.

This setting will not have any affect if the encryption algorithm in the recipient does not specify a particular key size, or if the unwrapper is a HSM and the byte encoding of the unwrapped secret key is not available.

Parameters:

doValidate - true if unwrapped key's should be validated against the content encryption algorithm, false otherwise.

Returns:

this recipient.

extractSecretKey

protected java.security.Key extractSecretKey(org.bouncycastle.asn1.x509.AlgorithmIdentifier keyEncryptionAlgorithm,
                                             org.bouncycastle.asn1.x509.AlgorithmIdentifier encryptedKeyAlgorithm,
                                             byte[] encryptedContentEncryptionKey)
                                      throws CMSException