blob: 0a0b1950717a9b38829683180b2cfebfdd7cc0cd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
package org.spongycastle.cert.crmf;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import org.spongycastle.asn1.crmf.EncryptedValue;
import org.spongycastle.asn1.x509.Certificate;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.operator.InputDecryptor;
import org.spongycastle.util.Strings;
import org.spongycastle.util.io.Streams;
/**
* Parser for EncryptedValue structures.
*/
public class EncryptedValueParser
{
private EncryptedValue value;
private EncryptedValuePadder padder;
/**
* Basic constructor - create a parser to read the passed in value.
*
* @param value the value to be parsed.
*/
public EncryptedValueParser(EncryptedValue value)
{
this.value = value;
}
/**
* Create a parser to read the passed in value, assuming the padder was
* applied to the data prior to encryption.
*
* @param value the value to be parsed.
* @param padder the padder to be used to remove padding from the decrypted value..
*/
public EncryptedValueParser(EncryptedValue value, EncryptedValuePadder padder)
{
this.value = value;
this.padder = padder;
}
private byte[] decryptValue(ValueDecryptorGenerator decGen)
throws CRMFException
{
if (value.getIntendedAlg() != null)
{
throw new IllegalStateException("unsupported operation");
}
if (value.getValueHint() != null)
{
throw new IllegalStateException("unsupported operation");
}
InputDecryptor decryptor = decGen.getValueDecryptor(value.getKeyAlg(),
value.getSymmAlg(), value.getEncSymmKey().getBytes());
InputStream dataIn = decryptor.getInputStream(new ByteArrayInputStream(
value.getEncValue().getBytes()));
try
{
byte[] data = Streams.readAll(dataIn);
if (padder != null)
{
return padder.getUnpaddedData(data);
}
return data;
}
catch (IOException e)
{
throw new CRMFException("Cannot parse decrypted data: " + e.getMessage(), e);
}
}
/**
* Read a X.509 certificate.
*
* @param decGen the decryptor generator to decrypt the encrypted value.
* @return an X509CertificateHolder containing the certificate read.
* @throws CRMFException if the decrypted data cannot be parsed, or a decryptor cannot be generated.
*/
public X509CertificateHolder readCertificateHolder(ValueDecryptorGenerator decGen)
throws CRMFException
{
return new X509CertificateHolder(Certificate.getInstance(decryptValue(decGen)));
}
/**
* Read a pass phrase.
*
* @param decGen the decryptor generator to decrypt the encrypted value.
* @return a pass phrase as recovered from the encrypted value.
* @throws CRMFException if the decrypted data cannot be parsed, or a decryptor cannot be generated.
*/
public char[] readPassphrase(ValueDecryptorGenerator decGen)
throws CRMFException
{
return Strings.fromUTF8ByteArray(decryptValue(decGen)).toCharArray();
}
}
|
