com.ibm.security.pkcs7
Class EncryptedData

java.lang.Object
  |
  +--com.ibm.security.pkcsutil.PKCSDerObject
        |
        +--com.ibm.security.pkcs7.Content
              |
              +--com.ibm.security.pkcs7.EncryptedData

public final class EncryptedData
extends Content
implements Cloneable

Implements the ASN.1 EncryptedData type.

The EncryptedData type content can consist of EncryptedContentInfo of any type. Unlike EnvelopedData, EncryptedData has neither recipients nor encrypted content-encryption keys. Keys are assumed to be managed by other means.

EncryptedData ::= SEQUENCE { version CMSVersion, encryptedContentInfo EncryptedContentInfo, unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }

This definition reflects PKCS #7 version 1.5 specifications with selected enhancements from the Cryptographic Message Syntax (CMS) RFC 2630 specifications.

EncryptedData objects are immutable; they cannot be changed once created.

See Also:
EncryptedContentInfo

Fields inherited from class com.ibm.security.pkcsutil.PKCSDerObject
provider
 
Constructor Summary
EncryptedData(byte[] der)
          Create an EncryptedData object with a DER byte array.
EncryptedData(byte[] der, String provider)
          Create an EncryptedData object with a DER byte array.
EncryptedData(EncryptedContentInfo eci, PKCSAttributes unprotectedAttrs)
          Create an EncryptedData object with the specified values.
EncryptedData(EncryptedContentInfo eci, PKCSAttributes unprotectedAttrs, String provider)
          Create an EncryptedData object with the specified values.
EncryptedData(String filename, boolean base64)
          Create an EncryptedData with the filename of the DER-encoded or BASE64-encoded object.
EncryptedData(String filename, boolean base64, String provider)
          Create an EncryptedData with the filename of the DER-encoded or BASE64-encoded object.
 
Method Summary
 Object clone()
          Creates a clone of this EncryptedData object.
protected  void decode(com.ibm.security.pkcs7.DerValue encoding)
          Initializes an EncryptedData object from a DerValue.
 ContentInfo decrypt(byte[] key)
          Decrypts the object's encrypted content using the input decryption key.
 void encode(OutputStream os)
          Encodes this object to an OutputStream.
 boolean equals(Object other)
          Determines if this EncryptedData object is equivalent to the input object.
protected  void finalize()
          Ensure that the contentEncryptionKey bytes are nulled out when there are no more references to this object.
 EncryptedContentInfo getEncryptedContent()
          Returns a reference the encryptedContent data member of this object.
 byte[] getEncryptionKey()
          Returns the key used to encrypt the content, or null if this object was not used to encrypt the content.
 ObjectIdentifier getObjectIdentifier()
          Returns a reference to the Object Identifier for this object.
 PKCSAttribute getUnprotectedAttribute(ObjectIdentifier oid)
          Returns a reference to the unprotected attribute from the unprotected attribute set based on an ObjectIdentifier.
 PKCSAttributes getUnprotectedAttributes()
          Returns a reference to the set unprotected attributes.
 BigInteger getVersion()
          Returns a reference to the version for this object.
 String toString()
          Returns a string representation of this EncryptedData object.
 
Methods inherited from class com.ibm.security.pkcsutil.PKCSDerObject
decode, decode, encode, hashCode, read, readBASE64, write, write, writeBASE64
 
Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

EncryptedData

public EncryptedData(byte[] der)
              throws IOException
Create an EncryptedData object with a DER byte array.
Parameters:
der - a byte array containing the DER encoding of an EncryptedData object.
Throws:
IOException - on decoding errors.

EncryptedData

public EncryptedData(byte[] der,
                     String provider)
              throws IOException
Create an EncryptedData object with a DER byte array.
Parameters:
der - a byte array containing the DER encoding of an EncryptedData object.
provider - the name of the java security provider to use
Throws:
IOException - on decoding errors.

EncryptedData

public EncryptedData(EncryptedContentInfo eci,
                     PKCSAttributes unprotectedAttrs)
Create an EncryptedData object with the specified values.
Parameters:
eci - the encrypted content contained in an EncryptedContentInfo object.
unprotectedAttrs - PKCSAttributes set of unprotected attributes.

EncryptedData

public EncryptedData(EncryptedContentInfo eci,
                     PKCSAttributes unprotectedAttrs,
                     String provider)
Create an EncryptedData object with the specified values.
Parameters:
eci - the encrypted content contained in an EncryptedContentInfo object.
unprotectedAttrs - PKCSAttributes set of unprotected attributes.
provider - the name of the java security provider to use

EncryptedData

public EncryptedData(String filename,
                     boolean base64)
              throws IOException
Create an EncryptedData with the filename of the DER-encoded or BASE64-encoded object.
Parameters:
filename - name of the DER-encoded or base64-encoded object
base64 - true if BASE64-encoded, false if DER-encoded
Throws:
IOException - on decoding errors.

EncryptedData

public EncryptedData(String filename,
                     boolean base64,
                     String provider)
              throws IOException
Create an EncryptedData with the filename of the DER-encoded or BASE64-encoded object.
Parameters:
filename - name of the DER-encoded or base64-encoded object
base64 - true if BASE64-encoded, false if DER-encoded
provider - the name of the java security provider to use
Throws:
IOException - on decoding errors.
Method Detail

clone

public Object clone()
Creates a clone of this EncryptedData object.
Overrides:
clone in class Object
Returns:
clone of this EncryptedData object.

encode

public void encode(OutputStream os)
            throws IOException
Encodes this object to an OutputStream.
Overrides:
encode in class PKCSDerObject
Parameters:
os - the OutputStream to write the encoded data to.
Throws:
IOException - on encoding error.

decode

protected void decode(com.ibm.security.pkcs7.DerValue encoding)
               throws IOException
Initializes an EncryptedData object from a DerValue. The DER encoding must be in the format specified by the EncryptedData ASN.1 notation.
Parameters:
encoding - a DER-encoded EncryptedData object.
Throws:
IllegalArgumentException - invalid version.
IOException - on parsing error.

equals

public boolean equals(Object other)
Determines if this EncryptedData object is equivalent to the input object.
Overrides:
equals in class PKCSDerObject
Parameters:
other - the object to compare this one to.
Returns:
true, if the two objects are equivalent, false otherwise.

getUnprotectedAttribute

public PKCSAttribute getUnprotectedAttribute(ObjectIdentifier oid)
Returns a reference to the unprotected attribute from the unprotected attribute set based on an ObjectIdentifier.
Parameters:
oid - ObjectIdentifier to match
Returns:
unprotected attribute matching the oid, null otherwise.

getUnprotectedAttributes

public PKCSAttributes getUnprotectedAttributes()
Returns a reference to the set unprotected attributes.
Returns:
unprotected PKCSAttribute set or null if none were set.

getEncryptionKey

public byte[] getEncryptionKey()
Returns the key used to encrypt the content, or null if this object was not used to encrypt the content.
Returns:
the key used to encrypt the content, or null if this object was not used to encrypt the content.

decrypt

public ContentInfo decrypt(byte[] key)
                    throws IOException,
                           PKCSException
Decrypts the object's encrypted content using the input decryption key. The decrypted content is returned as the content octets of a ContentInfo object.
Parameters:
decryptionKey - a byte encoding of the key to use for content decryption.
Returns:
a ContentInfo object containing the decrypted content.
Throws:
IOException - if wrapping of the decrypted content into a ContentInfo object fails.
PKCSException - content decryption error.

getObjectIdentifier

public ObjectIdentifier getObjectIdentifier()
Returns a reference to the Object Identifier for this object.
Overrides:
getObjectIdentifier in class PKCSDerObject
Returns:
the Object Identifier for this object.

getEncryptedContent

public EncryptedContentInfo getEncryptedContent()
Returns a reference the encryptedContent data member of this object. EncryptedContentInfo objects are immutable.
Returns:
the encryptedContent data member of this object.

getVersion

public BigInteger getVersion()
Returns a reference to the version for this object. BigInteger is an immutable object.
Returns:
the version for this object.

toString

public String toString()
Returns a string representation of this EncryptedData object.
Overrides:
toString in class Content
Returns:
a string representation of this object.

finalize

protected void finalize()
Ensure that the contentEncryptionKey bytes are nulled out when there are no more references to this object.
Overrides:
finalize in class Object