oracle.security.crypto.cms
Class CMSAuthenticatedDataOutputStream

java.lang.Object
java.io.OutputStream
java.io.FilterOutputStream
oracle.security.crypto.cms.CMSOutputStream
oracle.security.crypto.cms.CMSAuthenticatedDataOutputStream

public class CMSAuthenticatedDataOutputStream

extends CMSOutputStream

A CMSAuthenticatedDataOutputStream writes its output in the form of a CMS authenticated-data structure, generating the message authentication code in the process.

Specifically, the effect of using this class is as if the following process took place:

• All of the data written to this stream is accumulated into a EncapsulatedContentInfo structure of the specified content-type.
• The resulting EncapsulatedContentInfo structure is then provided as the input to a ContentInfo structure of type authenticated-data.
• A BER encoding of the resulting ContentInfo structure is written to the underlying output stream;

except that the actual process is done in one pass, eliminating the necessity to accumulate all of the input data before writing any output.

In the case where a <ocde>CMSConnector is provided instead of a CMSOutputStream, only the exposed content i.e. the Content field of the ContentInfo structure minus the explicit [0] tag is written to the underlying output stream.

Please be aware that the HMAC key is stored in a RecipientInfo structure. If you decide to use the Key Encryption (CMSKEKRecipientInfo) key management mechanism, the HMAC key used must be a TripleDES or RC2 key.

IMPORTANT: This class generates large CMS authenticated-data Objects more efficiently (Java VM memory usage) than the CMSAuthenticatedDataContentInfo class.

See Also:

CMSOutputStream, CMSAuthenticatedDataContentInfo, CMSAuthenticatedDataOutputConnector

Field Summary

Fields inherited from class java.io.FilterOutputStream

out

Constructor Summary

CMSAuthenticatedDataOutputStream(CMSOutputConnector conn, OriginatorInfo origInfo, java.util.Vector recipients, AlgorithmIdentifier macAlgorithm, AlgorithmIdentifier digestAlgID, ASN1ObjectID encapContentType, oracle.security.crypto.cert.AttributeSet authenticatedAttribs, oracle.security.crypto.cert.AttributeSet unauthenticatedAttribs, SymmetricKey hmacKey, AlgorithmIdentifier hmacKeyAlgID, boolean detachEncapContent)
Creates a CMSAuthenticatedDataOutputStream.

CMSAuthenticatedDataOutputStream(CMSOutputConnector conn, OriginatorInfo origInfo, java.util.Vector recipients, AlgorithmIdentifier macAlgorithm, AlgorithmIdentifier digestAlgID, ASN1ObjectID encapContentType, oracle.security.crypto.cert.AttributeSet authenticatedAttribs, oracle.security.crypto.cert.AttributeSet unauthenticatedAttribs, SymmetricKey hmacKey, boolean detachEncapContent)
Creates a CMSAuthenticatedDataOutputStream.

CMSAuthenticatedDataOutputStream(CMSOutputConnector conn, java.util.Vector recipients, AlgorithmIdentifier macAlgorithm, ASN1ObjectID encapContentType, SymmetricKey hmacKey, boolean detachEncapContent)
Creates a CMSAuthenticatedDataOutputStream.

CMSAuthenticatedDataOutputStream(java.io.OutputStream out, OriginatorInfo origInfo, java.util.Vector recipients, AlgorithmIdentifier macAlgorithm, AlgorithmIdentifier digestAlgID, ASN1ObjectID encapContentType, oracle.security.crypto.cert.AttributeSet authenticatedAttribs, oracle.security.crypto.cert.AttributeSet unauthenticatedAttribs, SymmetricKey hmacKey, AlgorithmIdentifier hmacKeyAlgID, boolean detachEncapContent)
Creates a CMSAuthenticatedDataOutputStream.

CMSAuthenticatedDataOutputStream(java.io.OutputStream out, OriginatorInfo origInfo, java.util.Vector recipients, AlgorithmIdentifier macAlgorithm, AlgorithmIdentifier digestAlgID, ASN1ObjectID encapContentType, oracle.security.crypto.cert.AttributeSet authenticatedAttribs, oracle.security.crypto.cert.AttributeSet unauthenticatedAttribs, SymmetricKey hmacKey, boolean detachEncapContent)
Creates a CMSAuthenticatedDataOutputStream.

CMSAuthenticatedDataOutputStream(java.io.OutputStream out, java.util.Vector recipients, AlgorithmIdentifier macAlgorithm, ASN1ObjectID encapContentType, SymmetricKey hmacKey, AlgorithmIdentifier hmacKeyAlgID, boolean detachEncapContent)
Creates a CMSAuthenticatedDataOutputStream.

CMSAuthenticatedDataOutputStream(java.io.OutputStream out, java.util.Vector recipients, AlgorithmIdentifier macAlgorithm, ASN1ObjectID encapContentType, SymmetricKey hmacKey, boolean detachEncapContent)
Creates a CMSAuthenticatedDataOutputStream.

Method Summary

void	close()
ASN1ObjectID	getExposedContentType() Returns the content type of the data that is output to the underlying output stream.
void	terminate() Finish writing the authenticated-data structure.
void	write(byte[] b, int off, int len)
void	write(int ch)

Methods inherited from class java.io.FilterOutputStream

flush, write

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CMSAuthenticatedDataOutputStream

public CMSAuthenticatedDataOutputStream(java.io.OutputStream out,
                                        java.util.Vector recipients,
                                        AlgorithmIdentifier macAlgorithm,
                                        ASN1ObjectID encapContentType,
                                        SymmetricKey hmacKey,
                                        boolean detachEncapContent)
                                 throws InvalidInputException,
                                        AlgorithmIdentifierException

Creates a CMSAuthenticatedDataOutputStream.

Parameters:

out - The underlying output stream.

recipients - The recipients (each element must be an instance of CMSRecipientInfoSpec).

macAlgorithm - The HMAC Algorithm.

encapContentType - The content type of data being authenticated.

hmacKey - The HMAC key.

detachEncapContent - If true the authenticated content is not written to the underlying output stream; false otherwise.

Throws:

AlgorithmIdentifierException - Algorithm is not supported.

InvalidInputException - Input appears to be invalid.

CMSAuthenticatedDataOutputStream

public CMSAuthenticatedDataOutputStream(java.io.OutputStream out,
                                        java.util.Vector recipients,
                                        AlgorithmIdentifier macAlgorithm,
                                        ASN1ObjectID encapContentType,
                                        SymmetricKey hmacKey,
                                        AlgorithmIdentifier hmacKeyAlgID,
                                        boolean detachEncapContent)
                                 throws InvalidInputException,
                                        AlgorithmIdentifierException

Creates a CMSAuthenticatedDataOutputStream.

Parameters:

out - The underlying output stream.

recipients - The recipients (each element must be an instance of CMSRecipientInfoSpec).

macAlgorithm - The HMAC Algorithm.

encapContentType - The content type of data being authenticated.

hmacKey - The HMAC key.

detachEncapContent - If true the authenticated content is not written to the underlying output stream; false otherwise.

Throws:

AlgorithmIdentifierException - Algorithm is not supported.

InvalidInputException - Input appears to be invalid.

CMSAuthenticatedDataOutputStream

public CMSAuthenticatedDataOutputStream(java.io.OutputStream out,
                                        OriginatorInfo origInfo,
                                        java.util.Vector recipients,
                                        AlgorithmIdentifier macAlgorithm,
                                        AlgorithmIdentifier digestAlgID,
                                        ASN1ObjectID encapContentType,
                                        oracle.security.crypto.cert.AttributeSet authenticatedAttribs,
                                        oracle.security.crypto.cert.AttributeSet unauthenticatedAttribs,
                                        SymmetricKey hmacKey,
                                        boolean detachEncapContent)
                                 throws InvalidInputException,
                                        AlgorithmIdentifierException

Creates a CMSAuthenticatedDataOutputStream.

Parameters:

out - The underlying output stream.

origInfo - The Originator Info.

recipients - The recipients (each element must be an instance of CMSRecipientInfoSpec).

macAlgorithm - The HMAC Algorithm.

digestAlgID - The digest algorithm.

encapContentType - The content type of data being authenticated.

authenticatedAttribs - The set of Authenticated Attributes.

unauthenticatedAttribs - The set of Unauthenticated Attributes.

hmacKey - The HMAC key.

detachEncapContent - If true the authenticated content is not written to the underlying output stream; false otherwise.

Throws:

AlgorithmIdentifierException - Algorithm is not supported.

InvalidInputException - Input appears to be invalid.

CMSAuthenticatedDataOutputStream

public CMSAuthenticatedDataOutputStream(java.io.OutputStream out,
                                        OriginatorInfo origInfo,
                                        java.util.Vector recipients,
                                        AlgorithmIdentifier macAlgorithm,
                                        AlgorithmIdentifier digestAlgID,
                                        ASN1ObjectID encapContentType,
                                        oracle.security.crypto.cert.AttributeSet authenticatedAttribs,
                                        oracle.security.crypto.cert.AttributeSet unauthenticatedAttribs,
                                        SymmetricKey hmacKey,
                                        AlgorithmIdentifier hmacKeyAlgID,
                                        boolean detachEncapContent)
                                 throws InvalidInputException,
                                        AlgorithmIdentifierException

Creates a CMSAuthenticatedDataOutputStream.

Parameters:

out - The underlying output stream.

origInfo - The Originator Info.

recipients - The recipients (each element must be an instance of CMSRecipientInfoSpec).

macAlgorithm - The HMAC Algorithm.

digestAlgID - The digest algorithm.

encapContentType - The content type of data being authenticated.

authenticatedAttribs - The set of Authenticated Attributes.

unauthenticatedAttribs - The set of Unauthenticated Attributes.

hmacKey - The HMAC key.

hmacKeyAlgID - The HMAC key algorithm.

detachEncapContent - If true the authenticated content is not written to the underlying output stream; false otherwise.

Throws:

AlgorithmIdentifierException - Algorithm is not supported.

InvalidInputException - Input appears to be invalid.

CMSAuthenticatedDataOutputStream

public CMSAuthenticatedDataOutputStream(CMSOutputConnector conn,
                                        java.util.Vector recipients,
                                        AlgorithmIdentifier macAlgorithm,
                                        ASN1ObjectID encapContentType,
                                        SymmetricKey hmacKey,
                                        boolean detachEncapContent)
                                 throws InvalidInputException,
                                        AlgorithmIdentifierException

Creates a CMSAuthenticatedDataOutputStream.

Parameters:

recipients - The recipients (each element must be an instance of CMSRecipientInfoSpec).

macAlgorithm - The HMAC Algorithm.

encapContentType - The content type of data being authenticated.

hmacKey - The HMAC key.

detachEncapContent - If true the authenticated content is not written to the underlying output stream; false otherwise.

Throws:

AlgorithmIdentifierException - Algorithm is not supported.

InvalidInputException - Input appears to be invalid.

CMSAuthenticatedDataOutputStream

public CMSAuthenticatedDataOutputStream(CMSOutputConnector conn,
                                        OriginatorInfo origInfo,
                                        java.util.Vector recipients,
                                        AlgorithmIdentifier macAlgorithm,
                                        AlgorithmIdentifier digestAlgID,
                                        ASN1ObjectID encapContentType,
                                        oracle.security.crypto.cert.AttributeSet authenticatedAttribs,
                                        oracle.security.crypto.cert.AttributeSet unauthenticatedAttribs,
                                        SymmetricKey hmacKey,
                                        boolean detachEncapContent)
                                 throws InvalidInputException,
                                        AlgorithmIdentifierException

Creates a CMSAuthenticatedDataOutputStream.

Parameters:

conn - The underlying output connector.

origInfo - The Originator Info.

recipients - The recipients (each element must be an instance of CMSRecipientInfoSpec).

macAlgorithm - The HMAC Algorithm.

digestAlgID - The digest algorithm.

encapContentType - The content type of data being authenticated.

authenticatedAttribs - The set of Authenticated Attributes.

unauthenticatedAttribs - The set of Unauthenticated Attributes.

hmacKey - The HMAC key.

detachEncapContent - If true the authenticated content is not written to the underlying output stream; false otherwise.

Throws:

AlgorithmIdentifierException - Algorithm is not supported.

InvalidInputException - Input appears to be invalid.

CMSAuthenticatedDataOutputStream

public CMSAuthenticatedDataOutputStream(CMSOutputConnector conn,
                                        OriginatorInfo origInfo,
                                        java.util.Vector recipients,
                                        AlgorithmIdentifier macAlgorithm,
                                        AlgorithmIdentifier digestAlgID,
                                        ASN1ObjectID encapContentType,
                                        oracle.security.crypto.cert.AttributeSet authenticatedAttribs,
                                        oracle.security.crypto.cert.AttributeSet unauthenticatedAttribs,
                                        SymmetricKey hmacKey,
                                        AlgorithmIdentifier hmacKeyAlgID,
                                        boolean detachEncapContent)
                                 throws InvalidInputException,
                                        AlgorithmIdentifierException

Creates a CMSAuthenticatedDataOutputStream.

Parameters:

conn - The underlying output connector.

origInfo - The Originator Info.

recipients - The recipients (each element must be an instance of CMSRecipientInfoSpec).

macAlgorithm - The HMAC Algorithm.

digestAlgID - The digest algorithm.

encapContentType - The content type of data being authenticated.

authenticatedAttribs - The set of Authenticated Attributes.

unauthenticatedAttribs - The set of Unauthenticated Attributes.

hmacKey - The HMAC key.

hmacKeyAlgID - The HMAC key algorithm.

detachEncapContent - If true the authenticated content is not written to the underlying output stream; false otherwise.

Throws:

AlgorithmIdentifierException - Algorithm is not supported.

InvalidInputException - Input appears to be invalid.

Method Detail

terminate

public void terminate()
               throws java.io.IOException

Finish writing the authenticated-data structure.

This method must be called only after all the authenticated data has been written.

Specified by:

terminate in class CMSOutputStream

Throws:

java.io.IOException - An I/O error ocuurs.

write

public void write(int ch)
           throws java.io.IOException

Throws:

java.io.IOException

write

public void write(byte[] b,
                  int off,
                  int len)
           throws java.io.IOException

Throws:

java.io.IOException

close

public void close()
           throws java.io.IOException

Throws:

java.io.IOException

getExposedContentType

public ASN1ObjectID getExposedContentType()

Returns the content type of the data that is output to the underlying output stream.

Specified by:

getExposedContentType in class CMSOutputStream

Returns:

The content type identifier.