1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
|
package javax.crypto;
import java.io.*;
import java.security.*;
import java.security.spec.*;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.DEROutputStream;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.DERObjectIdentifier;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
/**
* This class implements the <code>EncryptedPrivateKeyInfo</code> type
* as defined in PKCS #8.
* <p>Its ASN.1 definition is as follows:
*
* <pre>
* EncryptedPrivateKeyInfo ::= SEQUENCE {
* encryptionAlgorithm AlgorithmIdentifier,
* encryptedData OCTET STRING }
*
* AlgorithmIdentifier ::= SEQUENCE {
* algorithm OBJECT IDENTIFIER,
* parameters ANY DEFINED BY algorithm OPTIONAL }
* </pre>
*/
public class EncryptedPrivateKeyInfo
{
private org.spongycastle.asn1.pkcs.EncryptedPrivateKeyInfo infoObj;
private AlgorithmParameters algP;
/*
* Constructs (i.e., parses) an <code>EncryptedPrivateKeyInfo</code> from
* its ASN.1 encoding.
*
* @param encoded the ASN.1 encoding of this object.
* @exception NullPointerException if the <code>encoded</code> is null.
* @exception IOException if error occurs when parsing the ASN.1 encoding.
*/
public EncryptedPrivateKeyInfo(
byte[] encoded)
throws NullPointerException, IOException
{
if (encoded == null)
{
throw new NullPointerException("parameters null");
}
ByteArrayInputStream bIn = new ByteArrayInputStream(encoded);
ASN1InputStream dIn = new ASN1InputStream(bIn);
infoObj = org.spongycastle.asn1.pkcs.EncryptedPrivateKeyInfo.getInstance((ASN1Sequence)dIn.readObject());
try
{
algP = this.getParameters();
}
catch (NoSuchAlgorithmException e)
{
throw new IOException("can't create parameters: " + e.toString());
}
}
/*
* Constructs an <code>EncryptedPrivateKeyInfo</code> from the
* encryption algorithm name and the encrypted data.
* <p>Note: the <code>encrypedData</code> is cloned when constructing
* this object.
* <p>
* If encryption algorithm has associated parameters use the constructor
* with AlgorithmParameters as the parameter.
*
* @param algName algorithm name.
* @param encryptedData encrypted data.
* @exception NullPointerException if <code>algName</code> or <code>encryptedData</code> is null.
* @exception IllegalArgumentException if <code>encryptedData</code> is empty, i.e. 0-length.
* @exception NoSuchAlgorithmException if the specified algName is not supported.
*/
public EncryptedPrivateKeyInfo(
String algName,
byte[] encryptedData)
throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException
{
if (algName == null || encryptedData == null)
{
throw new NullPointerException("parameters null");
}
org.spongycastle.asn1.x509.AlgorithmIdentifier kAlgId = new AlgorithmIdentifier(new DERObjectIdentifier(algName), null);
infoObj = new org.spongycastle.asn1.pkcs.EncryptedPrivateKeyInfo(kAlgId, (byte[])encryptedData.clone());
algP = this.getParameters();
}
/**
* Constructs an <code>EncryptedPrivateKeyInfo</code> from the
* encryption algorithm parameters and the encrypted data.
* <p>Note: the <code>encrypedData</code> is cloned when constructing
* this object.
*
* @param algParams the algorithm parameters for the encryption
* algorithm. <code>algParams.getEncoded()</code> should return
* the ASN.1 encoded bytes of the <code>parameters</code> field
* of the <code>AlgorithmIdentifer</code> component of the
* <code>EncryptedPrivateKeyInfo</code> type.
* @param encryptedData encrypted data.
* @exception NullPointerException if <code>algParams</code> or <code>encryptedData</code> is null.
* @exception IllegalArgumentException if <code>encryptedData</code> is empty, i.e. 0-length.
* @exception NoSuchAlgorithmException if the specified algName of the specified <code>algParams</code> parameter is not supported.
*/
public EncryptedPrivateKeyInfo(
AlgorithmParameters algParams,
byte[] encryptedData)
throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException
{
if (algParams == null || encryptedData == null)
{
throw new NullPointerException("parameters null");
}
org.spongycastle.asn1.x509.AlgorithmIdentifier kAlgId = null;
try
{
ByteArrayInputStream bIn = new ByteArrayInputStream(algParams.getEncoded());
ASN1InputStream dIn = new ASN1InputStream(bIn);
kAlgId = new AlgorithmIdentifier(
new DERObjectIdentifier(algParams.getAlgorithm()), dIn.readObject());
}
catch (IOException e)
{
throw new IllegalArgumentException("error in encoding: " + e.toString());
}
infoObj = new org.spongycastle.asn1.pkcs.EncryptedPrivateKeyInfo(kAlgId, (byte[])encryptedData.clone());
algP = this.getParameters();
}
/**
* Returns the encryption algorithm.
*
* @returns the algorithm name.
*/
public String getAlgName()
{
return infoObj.getEncryptionAlgorithm().getObjectId().getId();
}
private AlgorithmParameters getParameters()
throws NoSuchAlgorithmException
{
AlgorithmParameters ap = AlgorithmParameters.getInstance(this.getAlgName());
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dOut = new DEROutputStream(bOut);
try
{
dOut.writeObject(infoObj.getEncryptionAlgorithm().getParameters());
dOut.close();
ap.init(bOut.toByteArray());
}
catch (IOException e)
{
throw new NoSuchAlgorithmException("unable to parse parameters");
}
return ap;
}
/**
* Returns the algorithm parameters used by the encryption algorithm.
*
* @returns the algorithm parameters.
*/
public AlgorithmParameters getAlgParameters()
{
return algP;
}
/**
* Returns a copy of the encrypted data.
*
* @returns a copy of the encrypted data.
*/
public byte[] getEncryptedData()
{
return infoObj.getEncryptedData();
}
/**
* Extract the enclosed PKCS8EncodedKeySpec object from the
* encrypted data and return it.
*
* @return the PKCS8EncodedKeySpec object.
* @exception InvalidKeySpecException if the given cipher is
* inappropriate for the encrypted data or the encrypted
* data is corrupted and cannot be decrypted.
*/
public PKCS8EncodedKeySpec getKeySpec(
Cipher c)
throws InvalidKeySpecException
{
try
{
return new PKCS8EncodedKeySpec(c.doFinal(this.getEncryptedData()));
}
catch (Exception e)
{
throw new InvalidKeySpecException("can't get keySpec: " + e.toString());
}
}
/**
* Returns the ASN.1 encoding of this object.
*
* @returns the ASN.1 encoding.
* @throws IOException if error occurs when constructing its ASN.1 encoding.
*/
public byte[] getEncoded()
throws IOException
{
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dOut = new DEROutputStream(bOut);
dOut.writeObject(infoObj);
dOut.close();
return bOut.toByteArray();
}
}
|
