iaik.cms
Class OtherRecipientInfo

java.lang.Object
  extended by iaik.cms.RecipientInfo
      extended by iaik.cms.OtherRecipientInfo
All Implemented Interfaces:
ASN1Type

public class OtherRecipientInfo
extends RecipientInfo

This class implements the CMS OtherRecipientInfo type.

The Cryptographic Message Syntax (CMS) ( RFC 5652) specifies the OtherRecipientInfo type for allowing an application to "plug-in" RecipientInfo implementations of type other than KeyTransRecipientInfo, KeyAgreeRecipientInfo, KEKRecipientInfo, or PasswordRecipientInfo:

 RecipientInfo ::= CHOICE {
   ktri KeyTransRecipientInfo,
   kari [1] KeyAgreeRecipientInfo,
   kekri [2] KEKRecipientInfo,
   pwri [3] PasswordRecipientinfo,
   ori [4] OtherRecipientInfo }
 
The OtherRecipientInfo choice is defined as an SEQUENCE of two components:
 OtherRecipientInfo ::= SEQUENCE {
   oriType OBJECT IDENTIFIER,
   oriValue ANY DEFINED BY oriType }
 
The oriValue component can have any ASN.1 representation depending on the key management technique identified by the oriType id.

This class allows to register user-specific implementations of ori values based on the corresponding ori type id. A ori value may be implemented by extending the abstract OtherRecipientInfoValue class, e.g.:

 public class MyOtherRecipientInfoValue extends OtherRecipientInfoValue {
 ...
 // the ori type id:
   public static final ObjectID type = ...;
 ...
 }
 ...
 // register the implementation:
 OtherRecipientInfo.register(MyOtherRecipientInfoValue.type, MyOtherRecipientInfoValue.class);
 
OtherRecipientInfo values for which no implementation has been registered are treated as unknown ori values.

An OtherRecipientInfoValue has to be wrapped into an OtherRecipientInfo before adding it to an, for instance, EnvelopedData object:

 MyOtherRecipientInfoValue oriValue = ...;
 OtherRecipientInfo ori = new OtherRecipientInfo(oriValue);
 envelopedData.addRecipientInfo(ori);
 

See Also:
RecipientInfo, OtherRecipientInfoValue, UnknownOtherRecipientInfoValue

Field Summary
 
Fields inherited from class iaik.cms.RecipientInfo
KEK_RECIPIENT_INFO, KEY_AGREE_RECIPIENT_INFO, KEY_TRANSPORT_RECIPIENT_INFO, keyEncryptionAlgorithm_, OTHER_RECIPIENT_INFO, PASSWORD_RECIPIENT_INFO, securityProvider_, version_
 
Constructor Summary
OtherRecipientInfo()
          Default Constructor.
OtherRecipientInfo(ASN1Object obj)
          Creates a OtherRecipientInfo from an ASN1Object.
OtherRecipientInfo(OtherRecipientInfoValue oriValue)
          Creates an OtherRecipientInfo from the supplied OtherRecipientInfo value.
 
Method Summary
static OtherRecipientInfoValue create(ObjectID type)
          Returns the implementation of the specified OtherRecipientInfoValue defined through an ASN.1 ObjectID (the ori type).
 void decode(ASN1Object obj)
          Decodes an OtherRecipientInfo from its ASN.1 representation.
 javax.crypto.SecretKey decryptKey(java.security.Key key, KeyIdentifier recipientIdentifier, java.lang.String cekAlgName)
          Decrypts the encrypted content-encryption key this RecipientInfo holds for the given recipient.
 void encryptKey(javax.crypto.SecretKey cek)
          Encrypts the given secret content encryption key for the recipient(s) this RecipientInfo represents.
 byte[] getEncryptedKey(KeyIdentifier recipientIdentifier)
          Returns the encrypted content-encryption key for the recipient with the given keyIdentfier.
 KeyIdentifier[] getRecipientIdentifiers()
          Returns the key identifier(s) belonging to the recipient(s) of this RecipientInfo.
 boolean isRecipientInfoFor(KeyIdentifier recipientIdentifier)
          Checks if this is a RecipientInfo for the recipient identified by the given key identifier.
 CertificateIdentifier isRecipientInfoFor(X509Certificate recipientCertificate)
          Checks if this is a RecipientInfo for the given recipient certificate.
static void register(ObjectID type, java.lang.Class cl)
          Registers a class for implementing a particular OtherRecipientInfo value.
 void setSecurityProvider(SecurityProvider securityProvider)
          Sets the SecurityProvider for this RecipientInfo.
 ASN1Object toASN1Object()
          Returns this OtherRecipientInfo as ASN1Object.
 java.lang.String toString()
          Returns a String representation of this OtherRecipientInfo.
 
Methods inherited from class iaik.cms.RecipientInfo
createRecipientInfos, decryptKey, decryptKey, decryptKey, getKeyEncryptionAlgorithm, getRecipientInfoType, getSecurityProvider, getVersion, parseRecipientInfo, parseRecipientInfo, parseRecipientInfo, parseRecipientInfo, parseRecipientInfos, parseRecipientInfos
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

OtherRecipientInfo

public OtherRecipientInfo()
Default Constructor. Creates an empty OtherRecipientInfo. This constructor only is used for dynamic object creation and shall not be used by an application.


OtherRecipientInfo

public OtherRecipientInfo(OtherRecipientInfoValue oriValue)
Creates an OtherRecipientInfo from the supplied OtherRecipientInfo value. The ori type ID is obtained from the supplied value.

Parameters:
oriValue - the value component of this OtherRecipientInfo

OtherRecipientInfo

public OtherRecipientInfo(ASN1Object obj)
                   throws CodingException
Creates a OtherRecipientInfo from an ASN1Object.

The ASN1Object supplied to this constructor represents an already exisiting OtherRecipientInfo object that may have been created by calling toASN1Object.

Parameters:
obj - the OtherRecipientInfo as ASN1Object
Throws:
CodingException - if the object can not be parsed
Method Detail

create

public static OtherRecipientInfoValue create(ObjectID type)
                                      throws java.lang.InstantiationException
Returns the implementation of the specified OtherRecipientInfoValue defined through an ASN.1 ObjectID (the ori type).

Parameters:
type - the OID identifying the ori type the OtherRecipientInfo value belongs to
Returns:
the implementation of the OtherRecipientInfoValue identified by the given ori type
Throws:
java.lang.InstantiationException - if there is no implementation for the requested type

register

public static void register(ObjectID type,
                            java.lang.Class cl)
                     throws java.lang.IllegalArgumentException
Registers a class for implementing a particular OtherRecipientInfo value.

Parameters:
type - the OID identifying the ori type the OtherRecipientInfo value implementing class belongs to
cl - the class which implements the OtherRecipientInfo value in mind
Throws:
java.lang.IllegalArgumentException

encryptKey

public void encryptKey(javax.crypto.SecretKey cek)
                throws CMSException
Encrypts the given secret content encryption key for the recipient(s) this RecipientInfo represents.

Specified by:
encryptKey in class RecipientInfo
Parameters:
cek - the symmetric content encryption key to encrypt
Throws:
CMSException - if the key encryption process fails for some reason (e.g. the key-encryption algortihm used by this RecipientInfo is not implemented, or the recipient key is invalid, ...)

decryptKey

public javax.crypto.SecretKey decryptKey(java.security.Key key,
                                         KeyIdentifier recipientIdentifier,
                                         java.lang.String cekAlgName)
                                  throws CMSException,
                                         java.security.InvalidKeyException
Decrypts the encrypted content-encryption key this RecipientInfo holds for the given recipient.

The recovered key is returned as SecretKey.

Specified by:
decryptKey in class RecipientInfo
Parameters:
key - the recipient key used to decrypt the encrypted content-encryption key.
recipientIdentifier - information to be used for getting the right encrypted content encryption key for the right recipient; may be required if this RecipientInfo holds content encryption keys for more than one recipient (see KeyAgreeRecipientInfo)
cekAlgName - the name of the content encryption key (e.g. "DES") to be set for the SecretKey object created by this method
Returns:
the recovered (decrypted) content encryption key as SecretKey in RAW format
Throws:
CMSException - if the key-decryption process fails for some reason (e.g. the key-encryption algorithm used by this RecipientInfo is not supported, a padding error occurs during decryption...
java.security.InvalidKeyException - if the specified private key is not valid

getEncryptedKey

public byte[] getEncryptedKey(KeyIdentifier recipientIdentifier)
                       throws CMSException
Returns the encrypted content-encryption key for the recipient with the given keyIdentfier.

Specified by:
getEncryptedKey in class RecipientInfo
Parameters:
recipientIdentifier - information to be used for getting the right encrypted content encryption key for the right recipient; may be required if this RecipientInfo holds content encryption keys for more than one recipient (see KeyAgreeRecipientInfo)
Returns:
the encrypted content-encryption key for the recipient with the given key identifier
Throws:
CMSException - if no recipient with this key identifier is included

getRecipientIdentifiers

public KeyIdentifier[] getRecipientIdentifiers()
Returns the key identifier(s) belonging to the recipient(s) of this RecipientInfo.

Specified by:
getRecipientIdentifiers in class RecipientInfo
Returns:
the key identifier(s) belonging to the recipient(s) of this RecipientInfo

isRecipientInfoFor

public boolean isRecipientInfoFor(KeyIdentifier recipientIdentifier)
Checks if this is a RecipientInfo for the recipient identified by the given key identifier.

Specified by:
isRecipientInfoFor in class RecipientInfo
Parameters:
recipientIdentifier - the key identifier belonging to the recipient we are searching for
Returns:
true if this RecipientInfo belongs to the particular recipient in mind, false if not

isRecipientInfoFor

public CertificateIdentifier isRecipientInfoFor(X509Certificate recipientCertificate)
Checks if this is a RecipientInfo for the given recipient certificate.

Specified by:
isRecipientInfoFor in class RecipientInfo
Parameters:
recipientCertificate - the certificate of the recipient
Returns:
the CertificateIdentifier indicating that the recipient with the given certificate is the owner of this RecipientInfo, null if not

setSecurityProvider

public void setSecurityProvider(SecurityProvider securityProvider)
Sets the SecurityProvider for this RecipientInfo.

This method allows to explicitly set a SecurityProvider for this RecipientInfo. If no explicit SecurityProvider is set, the default system wide installed SecurityProvider will be used for the required cryptographic operations.

Overrides:
setSecurityProvider in class RecipientInfo
Parameters:
securityProvider - the SecurityProvider to be set

decode

public void decode(ASN1Object obj)
            throws CodingException
Decodes an OtherRecipientInfo from its ASN.1 representation. This method parses the ori type id from the supplied ASN.1 representation and tries to find an registered OtherRecipientInfoValue implementation for the parsed type ID. If no OtherRecipientInfoValue implementation can be found, an UnknownOtherRecipientInfoValue object is created for the unknown OtherRecipientInfo allowing to query for information about the OtherRecipientInfo value.

Parameters:
obj - the OtherRecipientInfo as ASN1Object
Throws:
CodingException - if the ASN1Object cannot be parsed

toASN1Object

public ASN1Object toASN1Object()
                        throws CodingException
Returns this OtherRecipientInfo as ASN1Object.

Returns:
this OtherRecipientInfo as ASN1Object.
Throws:
CodingException

toString

public java.lang.String toString()
Returns a String representation of this OtherRecipientInfo.

Specified by:
toString in class RecipientInfo
Returns:
a String representation of this OtherRecipientInfo

This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).

IAIK-CMS 5.1, (c) 2002 IAIK, (c) 2003 - 2010 SIC