EncryptedValueParser.java

package org.spongycastle.cert.crmf;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;

import org.spongycastle.asn1.crmf.EncryptedValue;
import org.spongycastle.asn1.x509.Certificate;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.operator.InputDecryptor;
import org.spongycastle.util.Strings;
import org.spongycastle.util.io.Streams;

/**
 * Parser for EncryptedValue structures.
 */
public class EncryptedValueParser
{
    private EncryptedValue value;
    private EncryptedValuePadder padder;

    /**
     * Basic constructor - create a parser to read the passed in value.
     *
     * @param value the value to be parsed.
     */
    public EncryptedValueParser(EncryptedValue value)
    {
        this.value = value;
    }

    /**
     * Create a parser to read the passed in value, assuming the padder was
     * applied to the data prior to encryption.
     *
     * @param value  the value to be parsed.
     * @param padder the padder to be used to remove padding from the decrypted value..
     */
    public EncryptedValueParser(EncryptedValue value, EncryptedValuePadder padder)
    {
        this.value = value;
        this.padder = padder;
    }

    private byte[] decryptValue(ValueDecryptorGenerator decGen)
        throws CRMFException
    {
        if (value.getIntendedAlg() != null)
        {
            throw new UnsupportedOperationException();
        }
        if (value.getValueHint() != null)
        {
            throw new UnsupportedOperationException();
        }

        InputDecryptor decryptor = decGen.getValueDecryptor(value.getKeyAlg(),
            value.getSymmAlg(), value.getEncSymmKey().getBytes());
        InputStream dataIn = decryptor.getInputStream(new ByteArrayInputStream(
            value.getEncValue().getBytes()));
        try
        {
            byte[] data = Streams.readAll(dataIn);

            if (padder != null)
            {
                return padder.getUnpaddedData(data);
            }
            
            return data;
        }
        catch (IOException e)
        {
            throw new CRMFException("Cannot parse decrypted data: " + e.getMessage(), e);
        }
    }

    /**
     * Read a X.509 certificate.
     *
     * @param decGen the decryptor generator to decrypt the encrypted value.
     * @return an X509CertificateHolder containing the certificate read.
     * @throws CRMFException if the decrypted data cannot be parsed, or a decryptor cannot be generated.
     */
    public X509CertificateHolder readCertificateHolder(ValueDecryptorGenerator decGen)
        throws CRMFException
    {
        return new X509CertificateHolder(Certificate.getInstance(decryptValue(decGen)));
    }

    /**
     * Read a pass phrase.
     *
     * @param decGen the decryptor generator to decrypt the encrypted value.
     * @return a pass phrase as recovered from the encrypted value.
     * @throws CRMFException if the decrypted data cannot be parsed, or a decryptor cannot be generated.
     */
    public char[] readPassphrase(ValueDecryptorGenerator decGen)
        throws CRMFException
    {
        return Strings.fromUTF8ByteArray(decryptValue(decGen)).toCharArray();
    }
}