|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.dstc.security.smime.SMIMECipher
A class for encrypting and decrypting MIME messages according to S/MIME v3.
Constructor Summary | |
SMIMECipher()
|
Method Summary | |
DecryptionResult |
decrypt()
Decrypts the previously set MimeMessage, and if successful returns a DecryptionResult through which the decrypted MimeMessage can be retrieved. |
MimeMessage |
encrypt()
Encrypts the previously set MimeMessage, and if successful returns a MimeMessage encapsulating a representation of the encrypted message. |
void |
initDecrypt(PrivateKey priv,
X509Certificate cert)
Initializes for decryption of one or more encrypted MimeMessages with a PrivateKey and corresponding X.509 certificate |
void |
initEncrypt(SecureRandom rand,
String algName,
X509Certificate[] certs)
Initializes for encryption of one or more MimeMessages with a SecureRandom instance, a content encryption algorithm, and an array of X509Certificates for intended recipients. |
void |
setMessage(MimeMessage origMsg)
Sets the MimeMessage to encrypt or decrypt. |
Methods inherited from class java.lang.Object |
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
Constructor Detail |
public SMIMECipher()
Method Detail |
public void initEncrypt(SecureRandom rand, String algName, X509Certificate[] certs) throws SMIMEException
The SecureRandom instance is used to generate content encryption keys and should be seeded properly. The content encryption algorithms supported are "DESede", "RC2" and "RC2/40" (40-bit RC2).
Encrypted content keys are constructed for each of the certificates in a subsequent encrypt() call. It is up to the caller to ensure that this list of certificates includes at least one for each recipient of the MimeMessage to be encrypted (and set in a subsequent setMessage() call). Otherwise, some recipients of the encrypted message will not be able to decrypt the message.
Each certificate must have its key usage set for key encipherment, if a key usage extension exists.
rand
- random number generatoralgName
- content encryption algorithm name, and must be one of
"DESede", "RC2" and "RC2/40"certs
- X509Certificates for intended recipients of encrypted
MimeMessagespublic void initDecrypt(PrivateKey priv, X509Certificate cert) throws SMIMEException
priv
- PrivateKey to decrypt encrypted MimeMessagescert
- X509Certificate corresponding to the PrivateKeypublic void setMessage(MimeMessage origMsg) throws MessagingException, IOException, SMIMEException
If encrypting, encrypted content encryption keys are constructed for recipients as denoted by the array of certificates set in initEncrypt(). It is up to the caller to ensure that all recipients as denoted by address headers in the MimeMessage each correspond to at least one certificate passed in initEncrypt(). Otherwise some recipients will not be able to decrypt the subsequently encrypted message.
origMsg
- a MimeMessage to encrypt or decryptpublic DecryptionResult decrypt() throws IOException, MessagingException, SMIMEException
NB: If the previously set MimeMessage is not a signed message, a CMSException will be thrown.
After this call, the state is reset to what it was in right after the previous call to initDecrypt().
public MimeMessage encrypt() throws SMIMEException, MessagingException, IOException
After this call, the state is reset to what it was in right after the previous call to initEncrypt().
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |