#1794 Initial push for bukka's code

Author: gefeili

pkix/src/main/java/org/bouncycastle/cms/CMSInputAEADDecryptor.java

@@ -0,0 +1,77 @@
+package org.bouncycastle.cms;
+
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import org.bouncycastle.jcajce.io.CipherInputStream;
+import org.bouncycastle.operator.InputAEADDecryptor;
+
+import javax.crypto.Cipher;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+
+public class CMSInputAEADDecryptor
+        implements InputAEADDecryptor
+{
+    final AlgorithmIdentifier contentEncryptionAlgorithm;
+
+    final Cipher dataCipher;
+
+    private InputStream inputStream;
+
+    public CMSInputAEADDecryptor(AlgorithmIdentifier contentEncryptionAlgorithm, Cipher dataCipher)
+    {
+        this.contentEncryptionAlgorithm = contentEncryptionAlgorithm;
+        this.dataCipher = dataCipher;
+    }
+
+    public AlgorithmIdentifier getAlgorithmIdentifier()
+    {
+        return contentEncryptionAlgorithm;
+    }
+
+    public InputStream getInputStream(InputStream dataIn)
+    {
+        inputStream = dataIn;
+        return new CipherInputStream(dataIn, dataCipher);
+    }
+
+    public OutputStream getAADStream()
+    {
+        return new AADStream(dataCipher);
+    }
+
+    public byte[] getMAC()
+    {
+        if (inputStream instanceof InputStreamWithMAC)
+        {
+            return ((InputStreamWithMAC)inputStream).getMAC();
+        }
+        return null;
+    }
+
+    private static class AADStream
+            extends OutputStream
+    {
+        private Cipher cipher;
+        private byte[] oneByte = new byte[1];
+
+        public AADStream(Cipher cipher)
+        {
+            this.cipher = cipher;
+        }
+
+        public void write(byte[] buf, int off, int len)
+                throws IOException
+        {
+            cipher.updateAAD(buf, off, len);
+        }
+
+        public void write(int b)
+                throws IOException
+        {
+            oneByte[0] = (byte)b;
+
+            cipher.updateAAD(oneByte);
+        }
+    }
+}

pkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKAuthEnvelopedRecipient.java

@@ -0,0 +1,29 @@
+package org.bouncycastle.cms.jcajce;
+
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import org.bouncycastle.cms.CMSException;
+import org.bouncycastle.cms.CMSInputAEADDecryptor;
+import org.bouncycastle.cms.RecipientOperator;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import java.security.Key;
+
+public class JceKEKAuthEnvelopedRecipient
+        extends JceKEKRecipient
+{
+    public JceKEKAuthEnvelopedRecipient(SecretKey recipientKey)
+    {
+        super(recipientKey);
+    }
+
+    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
+            throws CMSException
+    {
+        Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
+
+        final Cipher dataCipher = contentHelper.createContentCipher(secretKey, contentEncryptionAlgorithm);
+
+        return new RecipientOperator(new CMSInputAEADDecryptor(contentEncryptionAlgorithm, dataCipher));
+    }
+}

pkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeAuthEnvelopedRecipient.java

@@ -0,0 +1,31 @@
+package org.bouncycastle.cms.jcajce;
+
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import org.bouncycastle.cms.CMSException;
+import org.bouncycastle.cms.CMSInputAEADDecryptor;
+import org.bouncycastle.cms.RecipientOperator;
+
+import javax.crypto.Cipher;
+import java.security.Key;
+import java.security.PrivateKey;
+
+public class JceKeyAgreeAuthEnvelopedRecipient
+        extends JceKeyAgreeRecipient
+{
+    public JceKeyAgreeAuthEnvelopedRecipient(PrivateKey recipientKey)
+    {
+        super(recipientKey);
+    }
+
+    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, SubjectPublicKeyInfo senderPublicKey, ASN1OctetString userKeyingMaterial, byte[] encryptedContentKey)
+            throws CMSException
+    {
+        Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, senderPublicKey, userKeyingMaterial, encryptedContentKey);
+
+        final Cipher dataCipher = contentHelper.createContentCipher(secretKey, contentEncryptionAlgorithm);
+
+        return new RecipientOperator(new CMSInputAEADDecryptor(contentEncryptionAlgorithm, dataCipher));
+    }
+}

pkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransAuthEnvelopedRecipient.java

@@ -1,19 +1,14 @@
 package org.bouncycastle.cms.jcajce;
 
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
 import java.security.Key;
 import java.security.PrivateKey;
 
 import javax.crypto.Cipher;
 
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.InputStreamWithMAC;
+import org.bouncycastle.cms.CMSInputAEADDecryptor;
 import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.CipherInputStream;
-import org.bouncycastle.operator.InputAEADDecryptor;
 
 public class JceKeyTransAuthEnvelopedRecipient
     extends JceKeyTransRecipient
@@ -30,60 +25,6 @@ public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionA
 
         final Cipher dataCipher = contentHelper.createContentCipher(secretKey, contentEncryptionAlgorithm);
 
-        return new RecipientOperator(new InputAEADDecryptor()
-        {
-            private InputStream inputStream;
-
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataIn)
-            {
-                inputStream = dataIn;
-                return new CipherInputStream(dataIn, dataCipher);
-            }
-
-            public OutputStream getAADStream()
-            {
-                return new AADStream(dataCipher);
-            }
-
-            public byte[] getMAC()
-            {
-                if (inputStream instanceof InputStreamWithMAC)
-                {
-                    return ((InputStreamWithMAC)inputStream).getMAC();
-                }
-                return null;
-            }
-        });
-    }
-
-    private static class AADStream
-        extends OutputStream
-    {
-        private Cipher cipher;
-        private byte[] oneByte = new byte[1];
-
-        public AADStream(Cipher cipher)
-        {
-            this.cipher = cipher;
-        }
-
-        public void write(byte[] buf, int off, int len)
-            throws IOException
-        {
-            cipher.updateAAD(buf, off, len);
-        }
-
-        public void write(int b)
-            throws IOException
-        {
-            oneByte[0] = (byte)b;
-
-            cipher.updateAAD(oneByte);
-        }
+        return new RecipientOperator(new CMSInputAEADDecryptor(contentEncryptionAlgorithm, dataCipher));
     }
 }

pkix/src/test/java/org/bouncycastle/cms/test/AllTests.java

@@ -28,6 +28,7 @@ public static Test suite()
         suite.addTest(NewAuthenticatedDataStreamTest.suite());
         suite.addTest(NewCompressedDataStreamTest.suite());
         suite.addTest(NewSignedDataStreamTest.suite());
+        suite.addTest(NewAuthEnvelopedDataStreamTest.suite());
         suite.addTest(NewEnvelopedDataStreamTest.suite());
         suite.addTest(AuthEnvelopedDataTest.suite());