added use of IKeyWrapper for managing CMS KeyTransRecipient

2 files changed, 106 insertions, 74 deletions

diff --git a/crypto/src/cms/EnvelopedDataHelper.cs b/crypto/src/cms/EnvelopedDataHelper.cs
index 89ec79691..fe5bc2a97 100644
--- a/crypto/src/cms/EnvelopedDataHelper.cs
+++ b/crypto/src/cms/EnvelopedDataHelper.cs
@@ -12,10 +12,11 @@ using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Crypto.Utilities;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Crypto.Utilites;
 
 namespace Org.BouncyCastle.Cms
 {
-    public class EnvelopedDataHelper
+    internal class EnvelopedDataHelper
     {
         private static readonly IDictionary BaseCipherNames = Platform.CreateHashtable();
         private static readonly IDictionary MacAlgNames = Platform.CreateHashtable();
@@ -90,7 +91,6 @@ namespace Org.BouncyCastle.Cms
 
 
         public AlgorithmIdentifier GenerateEncryptionAlgID(DerObjectIdentifier encryptionOID, KeyParameter encKey, SecureRandom random)
-
         {
             return AlgorithmIdentifierFactory.GenerateEncryptionAlgID(encryptionOID, encKey.GetKey().Length * 8, random);
         }
@@ -120,4 +120,4 @@ namespace Org.BouncyCastle.Cms
             return creator.Invoke();
         }
     }
-}
\ No newline at end of file
+}
diff --git a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
index a1d8fbfa8..b18d18153 100644
--- a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
@@ -11,77 +11,109 @@ using Org.BouncyCastle.X509;
 
 namespace Org.BouncyCastle.Cms
 {
-	internal class KeyTransRecipientInfoGenerator : RecipientInfoGenerator
-	{
-		private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance;
-
-		private TbsCertificateStructure	recipientTbsCert;
-		private AsymmetricKeyParameter	recipientPublicKey;
-		private Asn1OctetString			subjectKeyIdentifier;
-
-		// Derived fields
-		private SubjectPublicKeyInfo info;
-
-		internal KeyTransRecipientInfoGenerator()
-		{
-		}
-
-		internal X509Certificate RecipientCert
-		{
-			set
-			{
-				this.recipientTbsCert = CmsUtilities.GetTbsCertificateStructure(value);
-				this.recipientPublicKey = value.GetPublicKey();
-				this.info = recipientTbsCert.SubjectPublicKeyInfo;
-			}
-		}
-		
-		internal AsymmetricKeyParameter RecipientPublicKey
-		{
-			set
-			{
-				this.recipientPublicKey = value;
-
-				try
-				{
-					info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(
-						recipientPublicKey);
-				}
-				catch (IOException)
-				{
-					throw new ArgumentException("can't extract key algorithm from this key");
-				}
-			}
-		}
-		
-		internal Asn1OctetString SubjectKeyIdentifier
-		{
-			set { this.subjectKeyIdentifier = value; }
-		}
-
-		public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
-		{
-			byte[] keyBytes = contentEncryptionKey.GetKey();
-			AlgorithmIdentifier keyEncryptionAlgorithm = info.AlgorithmID;
+    public class KeyTransRecipientInfoGenerator : RecipientInfoGenerator
+    {
+        private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance;
+
+        private TbsCertificateStructure recipientTbsCert;
+        private AsymmetricKeyParameter recipientPublicKey;
+        private Asn1OctetString subjectKeyIdentifier;
+
+        // Derived fields
+        private SubjectPublicKeyInfo info;
+        private IssuerAndSerialNumber issuerAndSerialNumber;
+        private SecureRandom random;
+
+        internal KeyTransRecipientInfoGenerator()
+        {
+        }
+
+        protected KeyTransRecipientInfoGenerator(IssuerAndSerialNumber issuerAndSerialNumber)
+        {
+            this.issuerAndSerialNumber = issuerAndSerialNumber;
+        }
+
+        protected KeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier)
+        {
+            this.subjectKeyIdentifier = new DerOctetString(subjectKeyIdentifier);
+        }
+
+        internal X509Certificate RecipientCert
+        {
+            set
+            {
+                this.recipientTbsCert = CmsUtilities.GetTbsCertificateStructure(value);
+                this.recipientPublicKey = value.GetPublicKey();
+                this.info = recipientTbsCert.SubjectPublicKeyInfo;
+            }
+        }
+
+        internal AsymmetricKeyParameter RecipientPublicKey
+        {
+            set
+            {
+                this.recipientPublicKey = value;
+
+                try
+                {
+                    info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(
+                        recipientPublicKey);
+                }
+                catch (IOException)
+                {
+                    throw new ArgumentException("can't extract key algorithm from this key");
+                }
+            }
+        }
+
+        internal Asn1OctetString SubjectKeyIdentifier
+        {
+            set { this.subjectKeyIdentifier = value; }
+        }
+
+        public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
+        {
+            byte[] keyBytes = contentEncryptionKey.GetKey();
+            AlgorithmIdentifier keyEncryptionAlgorithm = this.AlgorithmDetails;
+
+            this.random = random;
+
+            IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id);
+            keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random));
+            byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
+
+            RecipientIdentifier recipId;
+            if (recipientTbsCert != null)
+            {
+                IssuerAndSerialNumber issuerAndSerial = new IssuerAndSerialNumber(
+                    recipientTbsCert.Issuer, recipientTbsCert.SerialNumber.Value);
+                recipId = new RecipientIdentifier(issuerAndSerial);
+            }
+            else
+            {
+                recipId = new RecipientIdentifier(subjectKeyIdentifier);
+            }
+
+            return new RecipientInfo(new KeyTransRecipientInfo(recipId, keyEncryptionAlgorithm,
+                new DerOctetString(encryptedKeyBytes)));
+        }
+
+        protected virtual AlgorithmIdentifier AlgorithmDetails
+        {
+            get
+            {
+                return info.AlgorithmID;
+            }
+        }
+
+        protected virtual byte[] GenerateWrappedKey(KeyParameter contentEncryptionKey)
+        {
+            byte[] keyBytes = contentEncryptionKey.GetKey();
+            AlgorithmIdentifier keyEncryptionAlgorithm = info.AlgorithmID;
 
             IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id);
-			keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random));
-			byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
-
-			RecipientIdentifier recipId;
-			if (recipientTbsCert != null)
-			{
-				IssuerAndSerialNumber issuerAndSerial = new IssuerAndSerialNumber(
-					recipientTbsCert.Issuer, recipientTbsCert.SerialNumber.Value);
-				recipId = new RecipientIdentifier(issuerAndSerial);
-			}
-			else
-			{
-				recipId = new RecipientIdentifier(subjectKeyIdentifier);
-			}
-
-			return new RecipientInfo(new KeyTransRecipientInfo(recipId, keyEncryptionAlgorithm,
-				new DerOctetString(encryptedKeyBytes)));
-		}
-	}
+            keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random));
+            return keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
+        }
+    }
 }