iaik.cms
Class OtherRecipientInfo

java.lang.Object
  iaik.cms.RecipientInfo
      iaik.cms.OtherRecipientInfo

All Implemented Interfaces:

ASN1Type

public class OtherRecipientInfo
extends RecipientInfo

This class implements the CMS OtherRecipientInfo type.

The Cryptographic Message Syntax (CMS) (RFC 5652) specifies the OtherRecipientInfo type for allowing an application to "plug-in" RecipientInfo implementations of type other than KeyTransRecipientInfo, KeyAgreeRecipientInfo, KEKRecipientInfo, or PasswordRecipientInfo:

 RecipientInfo ::= CHOICE {
   ktri KeyTransRecipientInfo,
   kari [1] KeyAgreeRecipientInfo,
   kekri [2] KEKRecipientInfo,
   pwri [3] PasswordRecipientinfo,
   ori [4] OtherRecipientInfo }
 

The OtherRecipientInfo choice is defined as an SEQUENCE of two components:

 OtherRecipientInfo ::= SEQUENCE {
   oriType OBJECT IDENTIFIER,
   oriValue ANY DEFINED BY oriType }
 

The oriValue component can have any ASN.1 representation depending on the key management technique identified by the oriType id.

This class allows to register user-specific implementations of ori values based on the corresponding ori type id. A ori value may be implemented by extending the abstract OtherRecipientInfoValue class, e.g.:

 public class MyOtherRecipientInfoValue extends OtherRecipientInfoValue {
 ...
 // the ori type id:
   public static final ObjectID type = ...;
 ...
 }
 ...
 // register the implementation:
 OtherRecipientInfo.register(MyOtherRecipientInfoValue.type, MyOtherRecipientInfoValue.class);
 

OtherRecipientInfo values for which no implementation has been registered are treated as unknown ori values.

An OtherRecipientInfoValue has to be wrapped into an OtherRecipientInfo before adding it to an, for instance, EnvelopedData object:

 MyOtherRecipientInfoValue oriValue = ...;
 OtherRecipientInfo ori = new OtherRecipientInfo(oriValue);
 envelopedData.addRecipientInfo(ori);
 

See Also:

RecipientInfo, OtherRecipientInfoValue, UnknownOtherRecipientInfoValue

Field Summary

Fields inherited from class iaik.cms.RecipientInfo

KEK_RECIPIENT_INFO, KEY_AGREE_RECIPIENT_INFO, KEY_TRANSPORT_RECIPIENT_INFO, keyEncryptionAlgorithm_, OTHER_RECIPIENT_INFO, PASSWORD_RECIPIENT_INFO, securityProvider_, version_

Constructor Summary

OtherRecipientInfo()
Default Constructor.

OtherRecipientInfo(ASN1Object obj)
Creates a OtherRecipientInfo from an ASN1Object.

OtherRecipientInfo(OtherRecipientInfoValue oriValue)
Creates an OtherRecipientInfo from the supplied OtherRecipientInfo value.

Method Summary

static OtherRecipientInfoValue	create(ObjectID type) Returns the implementation of the specified OtherRecipientInfoValue defined through an ASN.1 ObjectID (the ori type).
void	decode(ASN1Object obj) Decodes an OtherRecipientInfo from its ASN.1 representation.
javax.crypto.SecretKey	decryptKey(java.security.Key key, KeyIdentifier recipientIdentifier, java.lang.String cekAlgName) Decrypts the encrypted content-encryption key this RecipientInfo holds for the given recipient.
void	encryptKey(javax.crypto.SecretKey cek) Encrypts the given secret content encryption key for the recipient(s) this RecipientInfo represents.
byte[]	getEncryptedKey(KeyIdentifier recipientIdentifier) Returns the encrypted content-encryption key for the recipient with the given keyIdentfier.
KeyIdentifier[]	getRecipientIdentifiers() Returns the key identifier(s) belonging to the recipient(s) of this RecipientInfo.
boolean	isRecipientInfoFor(KeyIdentifier recipientIdentifier) Checks if this is a RecipientInfo for the recipient identified by the given key identifier.
CertificateIdentifier	isRecipientInfoFor(X509Certificate recipientCertificate) Checks if this is a RecipientInfo for the given recipient certificate.
static void	register(ObjectID type, java.lang.Class cl) Registers a class for implementing a particular OtherRecipientInfo value.
void	setSecurityProvider(SecurityProvider securityProvider) Sets the SecurityProvider for this RecipientInfo.
ASN1Object	toASN1Object() Returns this OtherRecipientInfo as ASN1Object.
java.lang.String	toString() Returns a String representation of this OtherRecipientInfo.

Methods inherited from class iaik.cms.RecipientInfo

createRecipientInfos, decryptKey, decryptKey, decryptKey, getKeyEncryptionAlgorithm, getRecipientInfoType, getSecurityProvider, getVersion, parseRecipientInfo, parseRecipientInfo, parseRecipientInfo, parseRecipientInfo, parseRecipientInfos, parseRecipientInfos

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

OtherRecipientInfo

public OtherRecipientInfo()

Default Constructor. Creates an empty OtherRecipientInfo. This constructor only is used for dynamic object creation and shall not be used by an application.

OtherRecipientInfo

public OtherRecipientInfo(OtherRecipientInfoValue oriValue)

Creates an OtherRecipientInfo from the supplied OtherRecipientInfo value. The ori type ID is obtained from the supplied value.

Parameters:

oriValue - the value component of this OtherRecipientInfo

OtherRecipientInfo

public OtherRecipientInfo(ASN1Object obj)
                   throws CodingException

Creates a OtherRecipientInfo from an ASN1Object.

The ASN1Object supplied to this constructor represents an already exisiting OtherRecipientInfo object that may have been created by calling toASN1Object.

Parameters:

obj - the OtherRecipientInfo as ASN1Object

Throws:

CodingException - if the object can not be parsed

Method Detail

create

public static OtherRecipientInfoValue create(ObjectID type)
                                      throws java.lang.InstantiationException

Returns the implementation of the specified OtherRecipientInfoValue defined through an ASN.1 ObjectID (the ori type).

Parameters:

type - the OID identifying the ori type the OtherRecipientInfo value belongs to

Returns:

the implementation of the OtherRecipientInfoValue identified by the given ori type

Throws:

java.lang.InstantiationException - if there is no implementation for the requested type

register

public static void register(ObjectID type,
                            java.lang.Class cl)
                     throws java.lang.IllegalArgumentException

Registers a class for implementing a particular OtherRecipientInfo value.

Parameters:

type - the OID identifying the ori type the OtherRecipientInfo value implementing class belongs to

cl - the class which implements the OtherRecipientInfo value in mind

Throws:

java.lang.IllegalArgumentException

encryptKey

public void encryptKey(javax.crypto.SecretKey cek)
                throws CMSException

Encrypts the given secret content encryption key for the recipient(s) this RecipientInfo represents.

Specified by:

encryptKey in class RecipientInfo

Parameters:

cek - the symmetric content encryption key to encrypt

Throws:

CMSException - if the key encryption process fails for some reason (e.g. the key-encryption algortihm used by this RecipientInfo is not implemented, or the recipient key is invalid, ...)

decryptKey

public javax.crypto.SecretKey decryptKey(java.security.Key key,
                                         KeyIdentifier recipientIdentifier,
                                         java.lang.String cekAlgName)
                                  throws CMSException,
                                         java.security.InvalidKeyException

Decrypts the encrypted content-encryption key this RecipientInfo holds for the given recipient.

The recovered key is returned as SecretKey.

Specified by:

decryptKey in class RecipientInfo

Parameters:

key - the recipient key used to decrypt the encrypted content-encryption key.

recipientIdentifier - information to be used for getting the right encrypted content encryption key for the right recipient; may be required if this RecipientInfo holds content encryption keys for more than one recipient (see KeyAgreeRecipientInfo)

cekAlgName - the name of the content encryption key (e.g. "AES") to be set for the SecretKey object created by this method

Returns:

the recovered (decrypted) content encryption key as SecretKey in RAW format

Throws:

CMSException - if the key-decryption process fails for some reason (e.g. the key-encryption algorithm used by this RecipientInfo is not supported, a padding error occurs during decryption...

java.security.InvalidKeyException - if the specified private key is not valid

getEncryptedKey

public byte[] getEncryptedKey(KeyIdentifier recipientIdentifier)
                       throws CMSException

Returns the encrypted content-encryption key for the recipient with the given keyIdentfier.

Specified by:

getEncryptedKey in class RecipientInfo

Parameters:

recipientIdentifier - information to be used for getting the right encrypted content encryption key for the right recipient; may be required if this RecipientInfo holds content encryption keys for more than one recipient (see KeyAgreeRecipientInfo)

Returns:

the encrypted content-encryption key for the recipient with the given key identifier

Throws:

CMSException - if no recipient with this key identifier is included

getRecipientIdentifiers

public KeyIdentifier[] getRecipientIdentifiers()

Returns the key identifier(s) belonging to the recipient(s) of this RecipientInfo.

Specified by:

getRecipientIdentifiers in class RecipientInfo

Returns:

the key identifier(s) belonging to the recipient(s) of this RecipientInfo

isRecipientInfoFor

public boolean isRecipientInfoFor(KeyIdentifier recipientIdentifier)

Checks if this is a RecipientInfo for the recipient identified by the given key identifier.

Specified by:

isRecipientInfoFor in class RecipientInfo

Parameters:

recipientIdentifier - the key identifier belonging to the recipient we are searching for

Returns:

true if this RecipientInfo belongs to the particular recipient in mind, false if not

isRecipientInfoFor

public CertificateIdentifier isRecipientInfoFor(X509Certificate recipientCertificate)

Checks if this is a RecipientInfo for the given recipient certificate.

Specified by:

isRecipientInfoFor in class RecipientInfo

Parameters:

recipientCertificate - the certificate of the recipient

Returns:

the CertificateIdentifier indicating that the recipient with the given certificate is the owner of this RecipientInfo, null if not

setSecurityProvider

public void setSecurityProvider(SecurityProvider securityProvider)

Sets the SecurityProvider for this RecipientInfo.

This method allows to explicitly set a SecurityProvider for this RecipientInfo. If no explicit SecurityProvider is set, the default system wide installed SecurityProvider will be used for the required cryptographic operations.

Overrides:

setSecurityProvider in class RecipientInfo

Parameters:

securityProvider - the SecurityProvider to be set

decode

public void decode(ASN1Object obj)
            throws CodingException

Decodes an OtherRecipientInfo from its ASN.1 representation. This method parses the ori type id from the supplied ASN.1 representation and tries to find an registered OtherRecipientInfoValue implementation for the parsed type ID. If no OtherRecipientInfoValue implementation can be found, an UnknownOtherRecipientInfoValue object is created for the unknown OtherRecipientInfo allowing to query for information about the OtherRecipientInfo value.

Parameters:

obj - the OtherRecipientInfo as ASN1Object

Throws:

CodingException - if the ASN1Object cannot be parsed

toASN1Object

public ASN1Object toASN1Object()
                        throws CodingException

Returns this OtherRecipientInfo as ASN1Object.

Returns:

this OtherRecipientInfo as ASN1Object.

Throws:

CodingException

toString

public java.lang.String toString()

Returns a String representation of this OtherRecipientInfo.

Specified by:

toString in class RecipientInfo

Returns:

a String representation of this OtherRecipientInfo