com.ibm.security.pkcs7
Class EncryptedContentInfo

java.lang.Object
  |
  +--com.ibm.security.pkcsutil.PKCSDerObject
        |
        +--com.ibm.security.pkcs7.EncryptedContentInfo

public final class EncryptedContentInfo
extends PKCSDerObject
implements Cloneable

Implements the ASN.1 EncryptedContentInfo type specified in PKCS #7 and later in S/MIME-CMS. It is mainly used in EnvelopedData to hold the encrypted content which is encrypted by a symmetric key algorithm. It is also used in PKCS #12 (PFX) to hold a PKCS #12 encryption result.

EncryptedContentInfo ::= SEQUENCE { contentType ContentType, contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL } ContentType ::= OBJECT IDENTIFIER ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier EncryptedContent ::= OCTET STRING

This implementation reflects PKCS #7 version 1.5 specifications with selected enhancements from the Cryptographic Message Syntax (CMS) RFC 2630 specifications.

EncryptedContentInfo objects are immutable; they cannot be changed once created.

See Also:
AlgorithmId

Fields inherited from class com.ibm.security.pkcsutil.PKCSDerObject
provider
 
Constructor Summary
EncryptedContentInfo(byte[] der)
          Create an EncryptedContentInfo object with a DER-encoded byte array.
EncryptedContentInfo(byte[] der, String provider)
          Create an EncryptedContentInfo object with a DER-encoded byte array.
EncryptedContentInfo(ContentInfo cinfo, String algname, byte[] key)
          Create an EncryptedContentInfo object with the specified contentInfo, encryption algorithm, and key byte array.
EncryptedContentInfo(ContentInfo cinfo, String algname, byte[] key, String provider)
          Create an EncryptedContentInfo object with the specified contentInfo, encryption algorithm, and key byte array.
EncryptedContentInfo(ContentInfo cinfo, String algname, int keySize)
          Create an EncryptedContentInfo object with the specified contentInfo, encryption algorithm, and key size.
EncryptedContentInfo(ContentInfo cinfo, String algname, int keySize, String provider)
          Create an EncryptedContentInfo object with the specified contentInfo, encryption algorithm, and key size.
EncryptedContentInfo(ObjectIdentifier contentType, AlgorithmId contentEncryptionAlg, byte[] encryptedContent)
          Create an EncryptedContentInfo object with the specified values.
EncryptedContentInfo(ObjectIdentifier contentType, AlgorithmId contentEncryptionAlg, byte[] encryptedContent, String provider)
          Create an EncryptedContentInfo object with the specified values.
EncryptedContentInfo(String filename, boolean base64)
          Create an EncryptedContentInfo with the filename of the DER-encoded or BASE64-encoded object.
EncryptedContentInfo(String filename, boolean base64, String provider)
          Create an EncryptedContentInfo with the filename of the DER-encoded or BASE64-encoded object.
 
Method Summary
 Object clone()
          Creates a clone of this EncryptedContentInfo object.
protected  void decode(com.ibm.security.pkcs7.DerValue encoding)
          Initializes an EncryptedContentInfo object from a DerValue.
 ContentInfo decrypt(byte[] decryptionKey)
          Decrypts the object's encrypted content using the input decryption key.
 void encode(OutputStream os)
          Encodes this object to an OutputStream.
 boolean equals(Object other)
          Determines if this EncryptedContentInfo object is equivalent to the input object.
protected  void finalize()
          Ensures that the encryptionKeyBytes bytes are nulled out when there are no more references to this object.
 AlgorithmId getContentEncryptionAlgorithm()
          Returns a copy of the the encryption algorithm that was used to encrypt the content.
 ObjectIdentifier getContentType()
          Returns a reference to the ObjectIdentifer for the encrypted content.
 byte[] getEncryptedContent()
          Returns a copy of the encrypted content.
 byte[] getEncryptionKey()
          Returns a copy of the key byte array used to encrypt the content, or null if this object was not used to encrypt the content.
 String toString()
          Returns a string representation of this EncryptedContentInfo object.
 
Methods inherited from class com.ibm.security.pkcsutil.PKCSDerObject
decode, decode, encode, getObjectIdentifier, hashCode, read, readBASE64, write, write, writeBASE64
 
Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

EncryptedContentInfo

public EncryptedContentInfo(byte[] der)
                     throws IOException
Create an EncryptedContentInfo object with a DER-encoded byte array.
Parameters:
der - a byte array containing the DER-encoded encoding of an EncryptedContentInfo object.
Throws:
IOException - on decoding errors.

EncryptedContentInfo

public EncryptedContentInfo(byte[] der,
                            String provider)
                     throws IOException
Create an EncryptedContentInfo object with a DER-encoded byte array.
Parameters:
der - a byte array containing the DER-encoded encoding of an
provider - the name of the java security provider EncryptedContentInfo object.
Throws:
IOException - on decoding errors.

EncryptedContentInfo

public EncryptedContentInfo(ObjectIdentifier contentType,
                            AlgorithmId contentEncryptionAlg,
                            byte[] encryptedContent)
Create an EncryptedContentInfo object with the specified values.
Parameters:
contentType - the content type of the input encrypted content.
contentEncryptionAlg - specifies the algorithm used to encrypt the input encrypted content.
encryptedContent - the encrypted content.

EncryptedContentInfo

public EncryptedContentInfo(ObjectIdentifier contentType,
                            AlgorithmId contentEncryptionAlg,
                            byte[] encryptedContent,
                            String provider)
Create an EncryptedContentInfo object with the specified values.
Parameters:
contentType - the content type of the input encrypted content.
contentEncryptionAlg - specifies the algorithm used to encrypt the input encrypted content.
encryptedContent - the encrypted content.
provider - the name of the java security provider

EncryptedContentInfo

public EncryptedContentInfo(ContentInfo cinfo,
                            String algname,
                            int keySize,
                            String provider)
                     throws PKCSException,
                            IOException
Create an EncryptedContentInfo object with the specified contentInfo, encryption algorithm, and key size.
Parameters:
cinfo - a ContentInfo object containing the content to be encrypted. Only the content octets are encrypted, not any tag or length information.
algname - the algorithm used to encrypt the content. This may be just the algorithm used (valid values are DES, DESede and RC2)
keySize - the key size of the encryption key. Valid values are algorithm-dependent: DES accepts a key size of 56 bits, RC2 accepts key sizes between 1 and 128 bytes (8 - 128*8 bits) and DESede accepts key sizes of 112 or 168 bits.
provider - the name of the java security provider
Throws:
IOException - if extraction of the content octets from the ContentInfo object fails.
PKCSException - content encryption error.

EncryptedContentInfo

public EncryptedContentInfo(ContentInfo cinfo,
                            String algname,
                            int keySize)
                     throws PKCSException,
                            IOException
Create an EncryptedContentInfo object with the specified contentInfo, encryption algorithm, and key size.
Parameters:
cinfo - a ContentInfo object containing the content to be encrypted. Only the content octets are encrypted, not any tag or length information.
algname - the algorithm used to encrypt the content. This may be just the algorithm used (valid values are DES, DESede and RC2)
keySize - the key size of the encryption key. Valid values are algorithm-dependent: DES accepts a key size of 56 bits, RC2 accepts key sizes between 1 and 128 bytes (8 - 128*8 bits) and DESede accepts key sizes of 112 or 168 bits.
Throws:
IOException - if extraction of the content octets from the ContentInfo object fails.
PKCSException - content encryption error.

EncryptedContentInfo

public EncryptedContentInfo(ContentInfo cinfo,
                            String algname,
                            byte[] key)
                     throws PKCSException,
                            IOException
Create an EncryptedContentInfo object with the specified contentInfo, encryption algorithm, and key byte array.
Parameters:
cinfo - a ContentInfo object containing the content to be encrypted. Only the content octets are encrypted, not any tag or length information.
algname - the algorithm used to encrypt the content. This may be be just the algorithm used (valid values are DES, DESede and RC2) or a complete transformation in which the algorithm is one of DES, DESede or RC2, the mode is CBC and the padding is PKCS5Padding.
key - the key used in the encryption operation; this key must correspond to the input encryption algorithm.
Throws:
IOException - if extraction of the content octets from the ContentInfo object fails.
PKCSException - content encryption error.

EncryptedContentInfo

public EncryptedContentInfo(ContentInfo cinfo,
                            String algname,
                            byte[] key,
                            String provider)
                     throws PKCSException,
                            IOException
Create an EncryptedContentInfo object with the specified contentInfo, encryption algorithm, and key byte array.
Parameters:
cinfo - a ContentInfo object containing the content to be encrypted. Only the content octets are encrypted, not any tag or length information.
algname - the algorithm used to encrypt the content. This may be be just the algorithm used (valid values are DES, DESede and RC2) or a complete transformation in which the algorithm is one of DES, DESede or RC2, the mode is CBC and the padding is PKCS5Padding.
key - the key used in the encryption operation; this key must correspond to the input encryption algorithm.
provider - the name of the java security provider
Throws:
IOException - if extraction of the content octets from the ContentInfo object fails.
PKCSException - content encryption error.

EncryptedContentInfo

public EncryptedContentInfo(String filename,
                            boolean base64)
                     throws IOException
Create an EncryptedContentInfo with the filename of the DER-encoded or BASE64-encoded object.
Parameters:
filename - name of the DER-encoded or base64-encoded object
base64 - true if BASE64-encoded, false if DER-encoded
Throws:
IOException - on decoding errors.

EncryptedContentInfo

public EncryptedContentInfo(String filename,
                            boolean base64,
                            String provider)
                     throws IOException
Create an EncryptedContentInfo with the filename of the DER-encoded or BASE64-encoded object.
Parameters:
filename - name of the DER-encoded or base64-encoded object
base64 - true if BASE64-encoded, false if DER-encoded
provider - the name of the java security provider to use
Throws:
IOException - on decoding errors.
Method Detail

encode

public void encode(OutputStream os)
            throws IOException
Encodes this object to an OutputStream.
Overrides:
encode in class PKCSDerObject
Parameters:
os - the OutputStream to write the encoded data to.
Throws:
IOException - on encoding error.

decode

protected void decode(com.ibm.security.pkcs7.DerValue encoding)
               throws IOException
Initializes an EncryptedContentInfo object from a DerValue. The DER encoding must be in the format specified by the EncryptedContentInfo ASN.1 notation.
Parameters:
encoding - a DER-encoded EncryptedContentInfo object.
Throws:
IOException - on parsing error.

equals

public boolean equals(Object other)
Determines if this EncryptedContentInfo object is equivalent to the input object.
Overrides:
equals in class PKCSDerObject
Parameters:
other - the object to compare this one to.
Returns:
true, if the two objects are equivalent, false otherwise.

toString

public String toString()
Returns a string representation of this EncryptedContentInfo object.
Overrides:
toString in class PKCSDerObject
Returns:
a string representation of this object.

decrypt

public ContentInfo decrypt(byte[] decryptionKey)
                    throws IOException,
                           PKCSException
Decrypts the object's encrypted content using the input decryption key. The decrypted content is returned as the content octets of a ContentInfo object.
Parameters:
decryptionKey - a byte encoding of the key to use for content decryption.
Returns:
a ContentInfo object containing the decrypted content.
Throws:
IOException - if wrapping of the decrypted content into a ContentInfo object fails.
PKCSException - content decryption error.

getContentEncryptionAlgorithm

public AlgorithmId getContentEncryptionAlgorithm()
                                          throws IOException
Returns a copy of the the encryption algorithm that was used to encrypt the content.
Returns:
the algorithm used to encrypt the content.

getContentType

public ObjectIdentifier getContentType()
Returns a reference to the ObjectIdentifer for the encrypted content.
Returns:
an ObjectIdentifer for the encrypted content.

getEncryptedContent

public byte[] getEncryptedContent()
Returns a copy of the encrypted content.
Returns:
the encrypted content.

clone

public Object clone()
Creates a clone of this EncryptedContentInfo object.
Overrides:
clone in class Object
Returns:
clone of this EncryptedContentInfo object.

getEncryptionKey

public byte[] getEncryptionKey()
Returns a copy of the key byte array used to encrypt the content, or null if this object was not used to encrypt the content.
Returns:
the key used to encrypt the content, or null if this object was not used to encrypt the content.

finalize

protected void finalize()
Ensures that the encryptionKeyBytes bytes are nulled out when there are no more references to this object.
Overrides:
finalize in class Object