com.rsa.certj.pkcs7

Class EnvelopedData

java.lang.Object
  |
  +--com.rsa.certj.pkcs7.ContentInfo
        |
        +--com.rsa.certj.pkcs7.EnvelopedData

All Implemented Interfaces:

Cloneable, Serializable

public class EnvelopedData

extends ContentInfo

implements Cloneable, Serializable

This class encodes and decodes the PKCS #7 EnvelopedData type. The enveloped data content type consists of encrypted content of any type and encrypted content-encryption keys for one or more recipients. The combination of the encrypted content and the encrypted content-encryption key for a recipient is a digital envelope for that recipient. Any type of content can be enveloped for any number of recipients, in parallel.

The ASN.1 definition is as follows:

 EnvelopedData ::= SEQUENCE {
    version Version,
    recipientInfos RecipientInfos,
    encryptedContentInfo EncryptedContentInfo }

 RecipientInfos ::= SET OF RecipientInfo
 
 EncryptedContentInfo ::= SEQUENCE {
    contentType ContentType,
    contentEncryptionAlgorithm
    ContentEncryptionAlgorithmIdentifier,
    encryptedContent
       [0] IMPLICIT EncryptedContent OPTIONAL }

 EncryptedContent ::= OCTET STRING 

The fields of type EnvelopedData have the following meanings:

version – The syntax version number. It is 0 for this version.

recipientInfos – A collection of per-recipient information. There must be at least one element in the collection.

encryptedContentInfo – The encrypted content information.

The fields of type EncryptedContentInfo have the following meanings:

contentType – The type of content.

contentEncryptionAlgorithm – The content-encryption algorithm (and any associated parameters) under which the content is encrypted.This algorithm is the same for all recipients.

encryptedContent – The result of encrypting the content. The field is optional; if the field is not present, its intended value must be supplied by other means.

Copyright © RSA Security Inc., 1999-2001. All rights reserved.

See Also

Serialized Form

Fields inherited from class com.rsa.certj.pkcs7.ContentInfo

DATA, DIGESTED_DATA, ENCRYPTED_DATA, ENVELOPED_DATA, NO_CONTENT, PKCS7_VERSION_NUMBER_0, PKCS7_VERSION_NUMBER_1, SIGNED_DATA

Constructor Summary

EnvelopedData(CertJ certJ, CertPathCtx pathCtx)

Creates a new object to encode or decode PKCS #7 EnvelopedData.

Method Summary

void	addRecipientInfo(RecipientInfo info) Adds the recipient information to the list of recipients.
void	clearSensitiveData() Clears any sensitive data.
Object	clone() Overrides the default clone method to get a deeper clone.
boolean	equals(Object obj) Returns true if this object and obj contain the same EnvelopedData; returns false otherwise.
String	getEncryptionAlgorithmName() Gets the encryption algorithm name, for example, DES/ECB/NoPad.
byte[]	getEncryptionAlgorithmOID() Gets the encryption algorithm OID.
Vector	getRecipientInfos() Gets the recipient information structures as a Vector.
int	getVersionNumber() Gets the PKCS #7 syntax version number.
void	setContentInfo(ContentInfo content) Sets the actual content data of this EnvelopedData object.
void	setEncryptionAlgorithm(byte[] oid, int offset, int len, int keyLen) Sets the content-encryption algorithm OID.
void	setEncryptionAlgorithm(String algName, int keyLen) Sets the content encryption algorithm OID.
void	setVersionNumber(int versionNumber) Sets the PKCS #7 syntax version number.

Methods inherited from class com.rsa.certj.pkcs7.ContentInfo

bytesRead, clearInternalContentBuffer, endOfMessage, getContent, getContentInfoDERLen, getContentInfoDERLen, getContentType, getDevice, getDeviceList, getInstance, getInstance, getMessageType, getMessageType, getUnprocessedDataLen, readFinal, readInit, readInit, readInit, readUpdate, setCertJ, setCertPath, setDevice, writeMessage, writeMessage

Methods inherited from class java.lang.Object

getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

EnvelopedData

public EnvelopedData(CertJ certJ,
                     CertPathCtx pathCtx)

Creates a new object to encode or decode PKCS #7 EnvelopedData.

Parameters

	certJ		The CertJ object that contains environment information.
	pathCtx		The CertPathCtx object that contains certificate path validation information. Most certification path providers require the trusted certificate component of this object to be non-empty to be able to perform certification path validation.

Method Detail

setVersionNumber

public void setVersionNumber(int versionNumber)

Sets the PKCS #7 syntax version number.

Parameters

versionNumber

The PKCS #7 syntax version number.

getVersionNumber

public int getVersionNumber()

Gets the PKCS #7 syntax version number.

Returns

The PKCS #7 syntax version number.

setEncryptionAlgorithm

public void setEncryptionAlgorithm(String algName,
                                   int keyLen)
                            throws PKCS7Exception

Sets the content encryption algorithm OID.

Parameters

	algName		A String that identifies the ContentEncryptionAlgorithm.
	keyLen		The length of the key, in bits.

Throws

PKCS7Exception - If algName is null or invalid.

setEncryptionAlgorithm

public void setEncryptionAlgorithm(byte[] oid,
                                   int offset,
                                   int len,
                                   int keyLen)
                            throws PKCS7Exception

Sets the content-encryption algorithm OID.

Parameters

	oid		The content-encryption algorithm (and any associated parameters) under which the content is encrypted.
	offset		The offset into oid.
	len		The length of the OID data in oid array.
	keyLen		The length of the key in bits in the oid array.

Throws

PKCS7Exception - If specified OID is null.

getEncryptionAlgorithmName

public String getEncryptionAlgorithmName()
                                  throws PKCS7Exception

Gets the encryption algorithm name, for example, DES/ECB/NoPad.

Returns

The encryption algorithm name.

Throws

PKCS7Exception - If the algorithm name cannot be obtained.

getEncryptionAlgorithmOID

public byte[] getEncryptionAlgorithmOID()

Gets the encryption algorithm OID.

Returns

The encryption algorithm OID.

setContentInfo

public void setContentInfo(ContentInfo content)
                    throws PKCS7Exception

Sets the actual content data of this EnvelopedData object.

Parameters

content

The ContentInfo object that is encrypted. It can have any of PKCS #7 defined content types.

Throws

PKCS7Exception - If this ContentInfo object cannot be cloned, or if this ContentInfo object is null.

addRecipientInfo

public void addRecipientInfo(RecipientInfo info)
                      throws PKCS7Exception

Adds the recipient information to the list of recipients.

Parameters

info

A RecipientInfo object that contains the per-recipient information.

Throws

PKCS7Exception - If this RecipientInfo cannot be cloned, or if it is null.

getRecipientInfos

public Vector getRecipientInfos()

Gets the recipient information structures as a Vector.

Returns

A list of per-recipient information structures.

equals

public boolean equals(Object obj)

Returns true if this object and obj contain the same EnvelopedData; returns false otherwise.

Overrides

equals in class Object

Parameters

obj

An instance of the EnvelopedData class.

Returns

A boolean indicating whether these objects are equal.

clone

public Object clone()
             throws CloneNotSupportedException

Overrides the default clone method to get a deeper clone.

Overrides

clone in class ContentInfo

Returns

A copy of this object in its current state.

Throws

CloneNotSupportedException - If the cloning operation is not successful.

clearSensitiveData

public void clearSensitiveData()

Clears any sensitive data. The finalizer will clear the data, but it is not known when the garbage collector will call the finalizer. This method clears all sensitive data as soon as possible.

Overrides

clearSensitiveData in class ContentInfo