1 package org.bouncycastle.asn1.cms; 2 3 import org.bouncycastle.asn1.ASN1EncodableVector; 4 import org.bouncycastle.asn1.ASN1Integer; 5 import org.bouncycastle.asn1.ASN1Object; 6 import org.bouncycastle.asn1.ASN1OctetString; 7 import org.bouncycastle.asn1.ASN1Primitive; 8 import org.bouncycastle.asn1.ASN1Sequence; 9 import org.bouncycastle.asn1.ASN1TaggedObject; 10 import org.bouncycastle.asn1.DERSequence; 11 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 12 13 /** 14 * <a href="https://tools.ietf.org/html/rfc5652#section-6.2.3">RFC 5652</a>: 15 * Content encryption key delivery mechanisms. 16 * <p> 17 * <pre> 18 * KEKRecipientInfo ::= SEQUENCE { 19 * version CMSVersion, -- always set to 4 20 * kekid KEKIdentifier, 21 * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, 22 * encryptedKey EncryptedKey 23 * } 24 * </pre> 25 */ 26 public class KEKRecipientInfo 27 extends ASN1Object 28 { 29 private ASN1Integer version; 30 private KEKIdentifier kekid; 31 private AlgorithmIdentifier keyEncryptionAlgorithm; 32 private ASN1OctetString encryptedKey; 33 KEKRecipientInfo( KEKIdentifier kekid, AlgorithmIdentifier keyEncryptionAlgorithm, ASN1OctetString encryptedKey)34 public KEKRecipientInfo( 35 KEKIdentifier kekid, 36 AlgorithmIdentifier keyEncryptionAlgorithm, 37 ASN1OctetString encryptedKey) 38 { 39 this.version = new ASN1Integer(4); 40 this.kekid = kekid; 41 this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; 42 this.encryptedKey = encryptedKey; 43 } 44 KEKRecipientInfo( ASN1Sequence seq)45 public KEKRecipientInfo( 46 ASN1Sequence seq) 47 { 48 version = (ASN1Integer)seq.getObjectAt(0); 49 kekid = KEKIdentifier.getInstance(seq.getObjectAt(1)); 50 keyEncryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(2)); 51 encryptedKey = (ASN1OctetString)seq.getObjectAt(3); 52 } 53 54 /** 55 * Return a KEKRecipientInfo object from a tagged object. 56 * 57 * @param obj the tagged object holding the object we want. 58 * @param explicit true if the object is meant to be explicitly 59 * tagged false otherwise. 60 * @exception IllegalArgumentException if the object held by the 61 * tagged object cannot be converted. 62 */ getInstance( ASN1TaggedObject obj, boolean explicit)63 public static KEKRecipientInfo getInstance( 64 ASN1TaggedObject obj, 65 boolean explicit) 66 { 67 return getInstance(ASN1Sequence.getInstance(obj, explicit)); 68 } 69 70 /** 71 * Return a KEKRecipientInfo object from the given object. 72 * <p> 73 * Accepted inputs: 74 * <ul> 75 * <li> null → null 76 * <li> {@link KEKRecipientInfo} object 77 * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KEKRecipientInfo structure inside 78 * </ul> 79 * 80 * @param obj the object we want converted. 81 * @exception IllegalArgumentException if the object cannot be converted. 82 */ getInstance( Object obj)83 public static KEKRecipientInfo getInstance( 84 Object obj) 85 { 86 if (obj instanceof KEKRecipientInfo) 87 { 88 return (KEKRecipientInfo)obj; 89 } 90 91 if (obj != null) 92 { 93 return new KEKRecipientInfo(ASN1Sequence.getInstance(obj)); 94 } 95 96 return null; 97 } 98 getVersion()99 public ASN1Integer getVersion() 100 { 101 return version; 102 } 103 getKekid()104 public KEKIdentifier getKekid() 105 { 106 return kekid; 107 } 108 getKeyEncryptionAlgorithm()109 public AlgorithmIdentifier getKeyEncryptionAlgorithm() 110 { 111 return keyEncryptionAlgorithm; 112 } 113 getEncryptedKey()114 public ASN1OctetString getEncryptedKey() 115 { 116 return encryptedKey; 117 } 118 119 /** 120 * Produce an object suitable for an ASN1OutputStream. 121 */ toASN1Primitive()122 public ASN1Primitive toASN1Primitive() 123 { 124 ASN1EncodableVector v = new ASN1EncodableVector(4); 125 126 v.add(version); 127 v.add(kekid); 128 v.add(keyEncryptionAlgorithm); 129 v.add(encryptedKey); 130 131 return new DERSequence(v); 132 } 133 } 134