Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.rsa.certj.crmf

Class EncryptedKey

java.lang.Object
  |
  +--com.rsa.certj.crmf.EncryptedKey
All Implemented Interfaces:
Cloneable, Serializable
public class EncryptedKey
extends Object
implements Cloneable, Serializable

This class contains the EncryptedKey structure used in Archive Options Control, and in Proof Of Possesion of the Key Encipherment Keys. 

 EncryptedKey ::= CHOICE {
     encryptedValue        EncryptedValue,
     envelopedData     [0] EnvelopedData }
       -- The encrypted private key MUST be placed in the envelopedData
       -- encryptedContentInfo encryptedContent OCTET STRING.

 EncryptedValue ::= SEQUENCE {
     intendedAlg   [0] AlgorithmIdentifier  OPTIONAL,
       -- the intended algorithm for which the value will be used
     symmAlg       [1] AlgorithmIdentifier  OPTIONAL,
       -- the symmetric algorithm used to encrypt the value
     encSymmKey    [2] BIT STRING           OPTIONAL,
       -- the (encrypted) symmetric key used to encrypt the value
     keyAlg        [3] AlgorithmIdentifier  OPTIONAL,
       -- algorithm used to encrypt the symmetric key
     valueHint     [4] OCTET STRING         OPTIONAL,
       -- a brief description or identifier of the encValue content
       -- (may be meaningful only to the sending entity, and used only
       -- if EncryptedValue might be re-examined by the sending entity
       -- in the future)
     encValue       BIT STRING }

 EnvelopedData ::= SEQUENCE {
    version Version,
    recipientInfos RecipientInfos,
    encryptedContentInfo EncryptedContentInfo }

 RecipientInfos ::= SET OF RecipientInfo
 
 EncryptedContentInfo ::= SEQUENCE {
    contentType ContentType,
    contentEncryptionAlgorithm
    ContentEncryptionAlgorithmIdentifier,
    encryptedContent
       [0] IMPLICIT EncryptedContent OPTIONAL }

 EncryptedContent ::= OCTET STRING
The fields of type EnvelopedData have the following meanings:

-- version is the syntax version number. It shall be 0 for this version of the standard.

-- recipientInfos is a collection of per-recipient information. There must be at least one element in the collection.

-- encryptedContentInfo is the encrypted content information.

The fields of type EncryptedContentInfo have the following meanings:

-- contentType indicates the type of content.

-- contentEncryptionAlgorithm identifies the content-encryption algorithm (and any associated parameters) under which the content is encrypted. This algorithm is the same for all recipients.

-- encryptedContent is the result of encrypting the content. The field is optional, and if the field is not present, its intended value must be supplied by other means.

Copyright © RSA Security Inc., 2000-2001. All rights reserved.

See Also

Serialized Form

Field Summary

static int

 ENCRYPTED_VALUE

This flag indicates that we are going to use EncryptedValue structure to set all Encrypted Key values.

static int

 ENVELOPED_DATA

This flag indicates that we are going to use EnvelopedData structure to set all Encrypted Key values.
 

Constructor Summary
EncryptedKey(CertJ certJ, CertPathCtx pathCtx, com.rsa.jsafe.JSAFE_PublicKey pubKey, com.rsa.jsafe.JSAFE_PrivateKey privKey)

Creates a EncryptedKey object that contains the values given.
 

Method Summary

 Object

 clone()

Overrides the default clone method to get a deeper clone.

 void

 decodeEncryptedKey(byte[] keyBER, int offset, int special)

Decode the EncryptedKey structure.

 boolean

 equals(Object obj)

Returns true if this object and obj contain the same EncryptedKey, returns false otherwise.

 int

 getDEREncoding(byte[] encoding, int offset, int special)

Places the DER encoding of the EncryptedKey object into encoding, beginning at offset.

 int

 getDERLen(int special)

Returns the number of bytes that will be used by the DER encoding of the EncryptedKey.

 EncryptedValue

 getEncryptedValue()

Gets the EncryptedValue object.

 EnvelopedData

 getEnvelopedData()

Gets the EnvelopedData object, if this object is of ENVELOPED_DATA type

static int

 getNextBEROffset(byte[] valueBER, int offset)

Finds the index of the next element to encode, given valueBER, the BER of a EncryptedKey beginning at offset.

 int

 getType()

Gets the type of this EncryptedKey structure

 void

 setEncryptedValue(EncryptedValue value)

Sets the EncryptedValue object, if this object is of ENCRYPTED_VALUE type

 void

 setEnvelopedData(EnvelopedData data)

Sets the EnvelopedData object, if this object is of ENVELOPED_DATA type

 void

 setType(int type)

Sets the type of the EncryptedKey structure
 
Methods inherited from class java.lang.Object
getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ENCRYPTED_VALUE

public static final int ENCRYPTED_VALUE
This flag indicates that we are going to use EncryptedValue structure to set all Encrypted Key values.

ENVELOPED_DATA

public static final int ENVELOPED_DATA
This flag indicates that we are going to use EnvelopedData structure to set all Encrypted Key values.
Constructor Detail

EncryptedKey

public EncryptedKey(CertJ certJ,
                    CertPathCtx pathCtx,
                    com.rsa.jsafe.JSAFE_PublicKey pubKey,
                    com.rsa.jsafe.JSAFE_PrivateKey privKey)
             throws CRMFException
Creates a EncryptedKey object that contains the values given.

Parameters

         certJ  

CertJ object that contains environment information

         pathCtx  

The CertPathCtx object that contains certificate path validation information for EnvelopedData (pass NULL if using EncryptedValue)

         pubKey  

Public key used to encrypt the Secret key in EncryptedValue structure (pass NULL if decoding, or using EnvelopedData)

         privKey  

Private key used to decrypt the Secret key in EncryptedValue structure (pass NULL if encoding, or using EnvelopedData)

Throws

CRMFException - If specified values are NULL
Method Detail

decodeEncryptedKey

public void decodeEncryptedKey(byte[] keyBER,
                               int offset,
                               int special)
                        throws CRMFException
Decode the EncryptedKey structure. If this object is of ENCRYPTED_VALUE type, user needs to set Recipient's private key before calling this method.

Parameters

         keyBER  

The byte array that contains BER encoding of this object

         offset  

Offset in this array

         special  

That contains any special ASN.1 info, such as OPTIONAL

Throws

CRMFException - If encoding is invalid

setType

public void setType(int type)
             throws CRMFException
Sets the type of the EncryptedKey structure

Parameters

         type  

Specifies how we are going to encode Encrypted Key

Throws

CRMFException - If specified type is invalid

getType

public int getType()
Gets the type of this EncryptedKey structure

Returns

Type that specifies how we are going to encode Encrypted Key

setEncryptedValue

public void setEncryptedValue(EncryptedValue value)
                       throws CRMFException
Sets the EncryptedValue object, if this object is of ENCRYPTED_VALUE type

Parameters

         value  

The strucure that contains the encrypted Private Key

Throws

CRMFException - If there is a cloning error; or if this object is of ENVELOPED_DATA type; or if specified object is null.

getEncryptedValue

public EncryptedValue getEncryptedValue()
                                 throws CRMFException
Gets the EncryptedValue object.

Returns

The EncryptedValue object, if you set the type to ENCRYPTED_VALUE; if this value is not set, returns null.

Throws

CRMFException - If if there is a cloning error; or if this object is of ENVELOPED_DATA type

setEnvelopedData

public void setEnvelopedData(EnvelopedData data)
                      throws CRMFException
Sets the EnvelopedData object, if this object is of ENVELOPED_DATA type

Parameters

         data  

The EnvelopedData strucure that contains the encrypted Private Key

Throws

CRMFException - If there is a cloning error; or if this object is of ENCRYPTED_VALUE type; if specified object is NULL.

getEnvelopedData

public EnvelopedData getEnvelopedData()
                               throws CRMFException
Gets the EnvelopedData object, if this object is of ENVELOPED_DATA type

Returns

The EnvelopedData strucure that contains the encrypted Private Key; if this value is not set, returns null.

Throws

CRMFException - If there is a cloning error; or if this object is of ENCRYPTED_VALUE type

getNextBEROffset

public static int getNextBEROffset(byte[] valueBER,
                                   int offset)
                            throws CRMFException
Finds the index of the next element to encode, given valueBER, the BER of a EncryptedKey beginning at offset. In other words, gets the next offset after the EncryptedKey.

For example, if the offset is 120 and EncryptedKey's BER encoding is 1819 bytes, this method returns 1939, the index immediately following the EncryptedKey. That is, valueBER[120] is the first byte in the encoding of the EncryptedKey, valueBER[1938] is the last byte in the encoding of the EncryptedKey and the next element begins at index 1939.

Parameters

         valueBER  

The BER encoding of a EncryptedKey

         offset  

The offset into valueBER where the encoding begins

Returns

An int that indicates the index to the next element in the BER encoding

Throws

CRMFException - If the method cannot read the BER encoding

getDERLen

public int getDERLen(int special)
              throws CRMFException
Returns the number of bytes that will be used by the DER encoding of the EncryptedKey. If this object is not set with values, returns 0.

Parameters

         special  

That contains any special ASN.1 info, such as OPTIONAL

Returns

The number of bytes that will be used by the DER encoding of the EncryptedKey.

getDEREncoding

public int getDEREncoding(byte[] encoding,
                          int offset,
                          int special)
                   throws CRMFException
Places the DER encoding of the EncryptedKey object into encoding, beginning at offset. To determine how long the encoding will be, call getDERLen. If this object is not yet set with values, this method places nothing into the array and returns 0. To indicate that the DER encoding should follow any special instructions, use the special argument. For instance, to indicate 

   data   [1] IMPLICIT INTEGER
pass in special = (ASN1.CONTEXT_IMPLICIT | 1);

Of course, if there are no special circumstances, pass in special = 0. The following ASN.1 constants are possible values for special: APP_IMPLICIT, APP_EXPLICIT, PRIVATE_IMPLICIT, PRIVATE_EXPLICIT, OPTIONAL, DEFAULT, CONTEXT_IMPLICIT, or CONTEXT_EXPLICIT.

Parameters

         encoding  

The byte array into which the result will be placed.

         offset  

The offset into encoding where the writing is to begin.

         special  

That contains any special ASN.1 info, such as OPTIONAL

Returns

The number of bytes actually placed into encoding.

clone

public Object clone()
             throws CloneNotSupportedException
Overrides the default clone method to get a deeper clone.

Returns

A new EncryptedKey object, a copy of this object

Throws

CloneNotSupportedException - If the cloning operation is not successful.

equals

public boolean equals(Object obj)
Returns true if this object and obj contain the same EncryptedKey, returns false otherwise.

Overrides

equals in class Object

Parameters

         obj  

The instance of EncryptedKey object

Returns

A boolean that indicates whether these objects are equal.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
RSA BSAFE ® Cert-J 2.1.1 001-047007-211-001-000