1
package org.bouncycastle.cert.crmf;
3
import java.io.ByteArrayInputStream;
4
import java.io.IOException;
5
import java.io.InputStream;
7
import org.bouncycastle.asn1.crmf.EncryptedValue;
8
import org.bouncycastle.asn1.x509.X509CertificateStructure;
9
import org.bouncycastle.cert.X509CertificateHolder;
10
import org.bouncycastle.operator.InputDecryptor;
11
import org.bouncycastle.util.Strings;
12
import org.bouncycastle.util.io.Streams;
15
* Parser for EncryptedValue structures.
17
public class EncryptedValueParser
19
private EncryptedValue value;
20
private EncryptedValuePadder padder;
23
* Basic constructor - create a parser to read the passed in value.
25
* @param value the value to be parsed.
27
public EncryptedValueParser(EncryptedValue value)
33
* Create a parser to read the passed in value, assuming the padder was
34
* applied to the data prior to encryption.
36
* @param value the value to be parsed.
37
* @param padder the padder to be used to remove padding from the decrypted value..
39
public EncryptedValueParser(EncryptedValue value, EncryptedValuePadder padder)
45
private byte[] decryptValue(ValueDecryptorGenerator decGen)
48
if (value.getIntendedAlg() != null)
50
throw new UnsupportedOperationException();
52
if (value.getValueHint() != null)
54
throw new UnsupportedOperationException();
57
InputDecryptor decryptor = decGen.getValueDecryptor(value.getKeyAlg(),
58
value.getSymmAlg(), value.getEncSymmKey().getBytes());
59
InputStream dataIn = decryptor.getInputStream(new ByteArrayInputStream(
60
value.getEncValue().getBytes()));
63
byte[] data = Streams.readAll(dataIn);
67
return padder.getUnpaddedData(data);
74
throw new CRMFException("Cannot parse decrypted data: " + e.getMessage(), e);
79
* Read a X.509 certificate.
81
* @param decGen the decryptor generator to decrypt the encrypted value.
82
* @return an X509CertificateHolder containing the certificate read.
83
* @throws CRMFException if the decrypted data cannot be parsed, or a decryptor cannot be generated.
85
public X509CertificateHolder readCertificateHolder(ValueDecryptorGenerator decGen)
88
return new X509CertificateHolder(X509CertificateStructure.getInstance(decryptValue(decGen)));
94
* @param decGen the decryptor generator to decrypt the encrypted value.
95
* @return a pass phrase as recovered from the encrypted value.
96
* @throws CRMFException if the decrypted data cannot be parsed, or a decryptor cannot be generated.
98
public char[] readPassphrase(ValueDecryptorGenerator decGen)
101
return Strings.fromUTF8ByteArray(decryptValue(decGen)).toCharArray();