Package org.bouncycastle.cms.jcajce

Class JceKEMRecipient

java.lang.Object
org.bouncycastle.cms.jcajce.JceKEMRecipient
All Implemented Interfaces:
KEMRecipient, Recipient
Direct Known Subclasses:
JceKEMEnvelopedRecipient
public abstract class JceKEMRecipient extends Object implements KEMRecipient

  • Field Details

    • helper

      protected EnvelopedDataHelper helper

    • contentHelper

      protected EnvelopedDataHelper contentHelper

    • extraMappings

      protected Map extraMappings

    • validateKeySize

      protected boolean validateKeySize

    • unwrappedKeyMustBeEncodable

      protected boolean unwrappedKeyMustBeEncodable

  • Constructor Details

    • JceKEMRecipient

      public JceKEMRecipient(PrivateKey recipientKey)

  • Method Details

    • setProvider

      public JceKEMRecipient setProvider(Provider provider)
      Set the provider to use for key recovery and content processing.
      Parameters:
      provider - provider to use.
      Returns:
      this recipient.

    • setProvider

      public JceKEMRecipient setProvider(String providerName)
      Set the provider to use for key recovery and content processing.
      Parameters:
      providerName - the name of the provider to use.
      Returns:
      this recipient.

    • setAlgorithmMapping

      public JceKEMRecipient setAlgorithmMapping(org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm, String algorithmName)
      Internally algorithm ids are converted into cipher names using a lookup table. For some providers the standard lookup table won't work. Use this method to establish a specific mapping from an algorithm identifier to a specific algorithm.

      For example: 

           unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
      Parameters:
      algorithm - OID of algorithm in recipient.
      algorithmName - JCE algorithm name to use.
      Returns:
      the current Recipient.

    • setContentProvider

      public JceKEMRecipient setContentProvider(Provider provider)
      Set the provider to use for content processing. If providerName is null a "no provider" search will be used to satisfy getInstance calls.
      Parameters:
      provider - the provider to use.
      Returns:
      this recipient.

    • setMustProduceEncodableUnwrappedKey

      public JceKEMRecipient setMustProduceEncodableUnwrappedKey(boolean unwrappedKeyMustBeEncodable)
      Flag that unwrapping must produce a key that will return a meaningful value from a call to Key.getEncoded(). This is important if you are using a HSM for unwrapping and using a software based provider for decrypting the content. Default value: false.
      Parameters:
      unwrappedKeyMustBeEncodable - true if getEncoded() should return key bytes, false if not necessary.
      Returns:
      this recipient.

    • setContentProvider

      public JceKEMRecipient setContentProvider(String providerName)
      Set the provider to use for content processing. If providerName is null a "no provider" search will be used to satisfy getInstance calls.
      Parameters:
      providerName - the name of the provider to use.
      Returns:
      this recipient.

    • setKeySizeValidation

      public JceKEMRecipient setKeySizeValidation(boolean doValidate)
      Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.

      This setting will not have any affect if the encryption algorithm in the recipient does not specify a particular key size, or if the unwrapper is a HSM and the byte encoding of the unwrapped secret key is not available.

      Parameters:
      doValidate - true if unwrapped key's should be validated against the content encryption algorithm, false otherwise.
      Returns:
      this recipient.

    • extractSecretKey

      protected Key extractSecretKey(org.bouncycastle.asn1.x509.AlgorithmIdentifier keyEncryptionAlgorithm, org.bouncycastle.asn1.x509.AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey) throws CMSException
      Throws:
      CMSException