001package org.apache.commons.ssl.org.bouncycastle.asn1.cms; 002 003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1EncodableVector; 004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Integer; 005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Object; 006import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1OctetString; 007import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Primitive; 008import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Sequence; 009import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1TaggedObject; 010import org.apache.commons.ssl.org.bouncycastle.asn1.DERSequence; 011import org.apache.commons.ssl.org.bouncycastle.asn1.x509.AlgorithmIdentifier; 012 013/** 014 * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.3">RFC 5652</a>: 015 * Content encryption key delivery mechanisms. 016 * <p> 017 * <pre> 018 * KEKRecipientInfo ::= SEQUENCE { 019 * version CMSVersion, -- always set to 4 020 * kekid KEKIdentifier, 021 * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, 022 * encryptedKey EncryptedKey 023 * } 024 * </pre> 025 */ 026public class KEKRecipientInfo 027 extends ASN1Object 028{ 029 private ASN1Integer version; 030 private KEKIdentifier kekid; 031 private AlgorithmIdentifier keyEncryptionAlgorithm; 032 private ASN1OctetString encryptedKey; 033 034 public KEKRecipientInfo( 035 KEKIdentifier kekid, 036 AlgorithmIdentifier keyEncryptionAlgorithm, 037 ASN1OctetString encryptedKey) 038 { 039 this.version = new ASN1Integer(4); 040 this.kekid = kekid; 041 this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; 042 this.encryptedKey = encryptedKey; 043 } 044 045 public KEKRecipientInfo( 046 ASN1Sequence seq) 047 { 048 version = (ASN1Integer)seq.getObjectAt(0); 049 kekid = KEKIdentifier.getInstance(seq.getObjectAt(1)); 050 keyEncryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(2)); 051 encryptedKey = (ASN1OctetString)seq.getObjectAt(3); 052 } 053 054 /** 055 * Return a KEKRecipientInfo object from a tagged object. 056 * 057 * @param obj the tagged object holding the object we want. 058 * @param explicit true if the object is meant to be explicitly 059 * tagged false otherwise. 060 * @exception IllegalArgumentException if the object held by the 061 * tagged object cannot be converted. 062 */ 063 public static KEKRecipientInfo getInstance( 064 ASN1TaggedObject obj, 065 boolean explicit) 066 { 067 return getInstance(ASN1Sequence.getInstance(obj, explicit)); 068 } 069 070 /** 071 * Return a KEKRecipientInfo object from the given object. 072 * <p> 073 * Accepted inputs: 074 * <ul> 075 * <li> null → null 076 * <li> {@link KEKRecipientInfo} object 077 * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KEKRecipientInfo structure inside 078 * </ul> 079 * 080 * @param obj the object we want converted. 081 * @exception IllegalArgumentException if the object cannot be converted. 082 */ 083 public static KEKRecipientInfo getInstance( 084 Object obj) 085 { 086 if (obj instanceof KEKRecipientInfo) 087 { 088 return (KEKRecipientInfo)obj; 089 } 090 091 if (obj != null) 092 { 093 return new KEKRecipientInfo(ASN1Sequence.getInstance(obj)); 094 } 095 096 return null; 097 } 098 099 public ASN1Integer getVersion() 100 { 101 return version; 102 } 103 104 public KEKIdentifier getKekid() 105 { 106 return kekid; 107 } 108 109 public AlgorithmIdentifier getKeyEncryptionAlgorithm() 110 { 111 return keyEncryptionAlgorithm; 112 } 113 114 public ASN1OctetString getEncryptedKey() 115 { 116 return encryptedKey; 117 } 118 119 /** 120 * Produce an object suitable for an ASN1OutputStream. 121 */ 122 public ASN1Primitive toASN1Primitive() 123 { 124 ASN1EncodableVector v = new ASN1EncodableVector(); 125 126 v.add(version); 127 v.add(kekid); 128 v.add(keyEncryptionAlgorithm); 129 v.add(encryptedKey); 130 131 return new DERSequence(v); 132 } 133}