public KekRecipientInfo(Asn1Sequence seq)
{
this.version = (DerInteger)seq[0];
this.kekID = KekIdentifier.GetInstance(seq[1]);
this.keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[2]);
this.encryptedKey = (Asn1OctetString)seq[3];
}
public KekRecipientInfo(KekIdentifier kekID, AlgorithmIdentifier keyEncryptionAlgorithm, Asn1OctetString encryptedKey)
{
this.version = new DerInteger(4);
this.kekID = kekID;
this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
this.encryptedKey = encryptedKey;
}
public KekRecipientInfo(
Asn1Sequence seq)
{
version = (DerInteger) seq[0];
kekID = KekIdentifier.GetInstance(seq[1]);
keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[2]);
encryptedKey = (Asn1OctetString) seq[3];
}
public KekRecipientInfo(
KekIdentifier kekID,
AlgorithmIdentifier keyEncryptionAlgorithm,
Asn1OctetString encryptedKey)
{
this.version = new DerInteger(4);
this.kekID = kekID;
this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
this.encryptedKey = encryptedKey;
}
/**
* add a KEK recipient.
* @param key the secret key to use for wrapping
* @param keyIdentifier the byte string that identifies the key
*/
public void AddKekRecipient(
string keyAlgorithm, // TODO Remove need for this parameter
KeyParameter key,
KekIdentifier kekIdentifier)
{
KekRecipientInfoGenerator kekrig = new KekRecipientInfoGenerator();
kekrig.KekIdentifier = kekIdentifier;
kekrig.KeyEncryptionKeyOID = keyAlgorithm;
kekrig.KeyEncryptionKey = key;
recipientInfoGenerators.Add(kekrig);
}
internal RecipientInf(
string secKeyAlgorithm, // TODO Can get this from secKey?
KeyParameter secKey,
KekIdentifier secKeyId)
{
this.secKeyAlgorithm = secKeyAlgorithm;
this.secKey = secKey;
this.secKeyId = secKeyId;
if (secKeyAlgorithm.StartsWith("DES"))
{
keyEncAlg = new AlgorithmIdentifier(
PkcsObjectIdentifiers.IdAlgCms3DesWrap,
DerNull.Instance);
}
else if (secKeyAlgorithm.StartsWith("RC2"))
{
keyEncAlg = new AlgorithmIdentifier(
PkcsObjectIdentifiers.IdAlgCmsRC2Wrap,
new DerInteger(58));
}
else if (secKeyAlgorithm.StartsWith("AES"))
{
int length = secKey.GetKey().Length * 8;
DerObjectIdentifier wrapOid;
if (length == 128)
{
wrapOid = NistObjectIdentifiers.IdAes128Wrap;
}
else if (length == 192)
{
wrapOid = NistObjectIdentifiers.IdAes192Wrap;
}
else if (length == 256)
{
wrapOid = NistObjectIdentifiers.IdAes256Wrap;
}
else
{
throw new ArgumentException("illegal keysize in AES");
}
keyEncAlg = new AlgorithmIdentifier(wrapOid); // parameters absent
}
else if (secKeyAlgorithm.StartsWith("SEED"))
{
// parameters absent
keyEncAlg = new AlgorithmIdentifier(KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap);
}
else if (secKeyAlgorithm.StartsWith("CAMELLIA"))
{
int length = secKey.GetKey().Length * 8;
DerObjectIdentifier wrapOid;
if (length == 128)
{
wrapOid = NttObjectIdentifiers.IdCamellia128Wrap;
}
else if (length == 192)
{
wrapOid = NttObjectIdentifiers.IdCamellia192Wrap;
}
else if (length == 256)
{
wrapOid = NttObjectIdentifiers.IdCamellia256Wrap;
}
else
{
throw new ArgumentException("illegal keysize in Camellia");
}
keyEncAlg = new AlgorithmIdentifier(wrapOid); // parameters must be absent
}
else
{
throw new ArgumentException("unknown algorithm");
}
}
public static KekIdentifier GetInstance(Asn1TaggedObject obj, bool explicitly)
{
return(KekIdentifier.GetInstance(Asn1Sequence.GetInstance(obj, explicitly)));
}
