1 files changed, 82 insertions, 0 deletions

diff --git a/libraries/spongycastle/pkix/src/main/java/org/spongycastle/cms/jcajce/JcePasswordRecipient.java b/libraries/spongycastle/pkix/src/main/java/org/spongycastle/cms/jcajce/JcePasswordRecipient.java
new file mode 100644
index 000000000..12f3a0673
--- /dev/null
+++ b/libraries/spongycastle/pkix/src/main/java/org/spongycastle/cms/jcajce/JcePasswordRecipient.java
@@ -0,0 +1,82 @@
+package org.spongycastle.cms.jcajce;
+
+import java.security.GeneralSecurityException;
+import java.security.Key;
+import java.security.Provider;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.spongycastle.asn1.ASN1OctetString;
+import org.spongycastle.asn1.x509.AlgorithmIdentifier;
+import org.spongycastle.cms.CMSException;
+import org.spongycastle.cms.PasswordRecipient;
+
+/**
+ * the RecipientInfo class for a recipient who has been sent a message
+ * encrypted using a password.
+ */
+public abstract class JcePasswordRecipient
+    implements PasswordRecipient
+{
+    private int schemeID = PasswordRecipient.PKCS5_SCHEME2_UTF8;
+    protected EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
+    private char[] password;
+
+    JcePasswordRecipient(
+        char[] password)
+    {
+        this.password = password;
+    }
+
+    public JcePasswordRecipient setPasswordConversionScheme(int schemeID)
+    {
+        this.schemeID = schemeID;
+
+        return this;
+    }
+
+    public JcePasswordRecipient setProvider(Provider provider)
+    {
+        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
+
+        return this;
+    }
+
+    public JcePasswordRecipient setProvider(String providerName)
+    {
+        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
+
+        return this;
+    }
+
+    protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey)
+        throws CMSException
+    {
+        Cipher keyEncryptionCipher = helper.createRFC3211Wrapper(keyEncryptionAlgorithm.getAlgorithm());
+
+        try
+        {
+            IvParameterSpec ivSpec = new IvParameterSpec(ASN1OctetString.getInstance(keyEncryptionAlgorithm.getParameters()).getOctets());
+
+            keyEncryptionCipher.init(Cipher.UNWRAP_MODE, new SecretKeySpec(derivedKey, keyEncryptionCipher.getAlgorithm()), ivSpec);
+
+            return keyEncryptionCipher.unwrap(encryptedContentEncryptionKey, contentEncryptionAlgorithm.getAlgorithm().getId(), Cipher.SECRET_KEY);
+        }
+        catch (GeneralSecurityException e)
+        {
+            throw new CMSException("cannot process content encryption key: " + e.getMessage(), e);
+        }
+    }
+
+    public int getPasswordConversionScheme()
+    {
+        return schemeID;
+    }
+
+    public char[] getPassword()
+    {
+        return password;
+    }
+}