Package org.bouncycastle.cms.jcajce

Class JceKTSKeyTransRecipient

java.lang.Object
org.bouncycastle.cms.jcajce.JceKTSKeyTransRecipient
All Implemented Interfaces:
KeyTransRecipient, Recipient
Direct Known Subclasses:
JceKTSKeyTransAuthenticatedRecipient, JceKTSKeyTransEnvelopedRecipient
public abstract class JceKTSKeyTransRecipient extends Object implements KeyTransRecipient

  • Field Details

    • helper

      protected EnvelopedDataHelper helper

    • contentHelper

      protected EnvelopedDataHelper contentHelper

    • extraMappings

      protected Map extraMappings

    • validateKeySize

      protected boolean validateKeySize

    • unwrappedKeyMustBeEncodable

      protected boolean unwrappedKeyMustBeEncodable

  • Constructor Details

    • JceKTSKeyTransRecipient

      public JceKTSKeyTransRecipient(PrivateKey recipientKey, byte[] partyVInfo)

  • Method Details

    • setProvider

      public JceKTSKeyTransRecipient setProvider(Provider provider)
      Set the provider to use for key recovery and content processing.
      Parameters:
      provider - provider to use.
      Returns:
      this recipient.

    • setProvider

      public JceKTSKeyTransRecipient setProvider(String providerName)
      Set the provider to use for key recovery and content processing.
      Parameters:
      providerName - the name of the provider to use.
      Returns:
      this recipient.

    • setAlgorithmMapping

      public JceKTSKeyTransRecipient setAlgorithmMapping(org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm, String algorithmName)
      Internally algorithm ids are converted into cipher names using a lookup table. For some providers the standard lookup table won't work. Use this method to establish a specific mapping from an algorithm identifier to a specific algorithm.

      For example: 

           unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
      Parameters:
      algorithm - OID of algorithm in recipient.
      algorithmName - JCE algorithm name to use.
      Returns:
      the current Recipient.

    • setContentProvider

      public JceKTSKeyTransRecipient setContentProvider(Provider provider)
      Set the provider to use for content processing. If providerName is null a "no provider" search will be used to satisfy getInstance calls.
      Parameters:
      provider - the provider to use.
      Returns:
      this recipient.

    • setContentProvider

      public JceKTSKeyTransRecipient setContentProvider(String providerName)
      Set the provider to use for content processing. If providerName is null a "no provider" search will be used to satisfy getInstance calls.
      Parameters:
      providerName - the name of the provider to use.
      Returns:
      this recipient.

    • setKeySizeValidation

      public JceKTSKeyTransRecipient setKeySizeValidation(boolean doValidate)
      Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.

      This setting will not have any affect if the encryption algorithm in the recipient does not specify a particular key size, or if the unwrapper is a HSM and the byte encoding of the unwrapped secret key is not available.

      Parameters:
      doValidate - true if unwrapped key's should be validated against the content encryption algorithm, false otherwise.
      Returns:
      this recipient.

    • extractSecretKey

      protected Key extractSecretKey(org.bouncycastle.asn1.x509.AlgorithmIdentifier keyEncryptionAlgorithm, org.bouncycastle.asn1.x509.AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey) throws CMSException
      Throws:
      CMSException

    • getPartyVInfoFromRID

      protected static byte[] getPartyVInfoFromRID(KeyTransRecipientId recipientId) throws IOException
      Throws:
      IOException