iaik.smime

Class EncryptedContent

java.lang.Object

iaik.smime.EncryptedContent

All Implemented Interfaces:

SMimeContentType

public class EncryptedContent
extends java.lang.Object
implements SMimeContentType

This class can be used to create S/MIME encrypted emails in combination with the jakarta.mail package.

S/MIME (Secure/Multipurpose Internet Mail Extensions) provides a consistent way to send and receive secure MIME data. Based on the popular Internet MIME standard, S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin (using digital signatures) and privacy and data security (using encryption) (see S/MIME Version 3 Message Specification).

This class supports the creation and handling of S/MIME encrypted (enveloped) messages in combination with the jakarta.mail architecture. For creating and working with signed S/MIME messages, use the SignedContent class of the iaik.smime package.

S/MIME (Secure/Multipurpose Internet Mail Extensions) specifies the application/pkcs7-mime (smime-type "enveloped-data") type for data enveloping.

The whole (prepared) MIME entity to be enveloped into a CMS object of type EnvelopedData which subsequently is inserted into an application/pkcs7-mime MIME entity. The smime-type parameter for enveloped messages is "enveloped-data", the file extension is ".p7m" (see S/MIME Version 3 Message Specification). The "Content-" headers of a sample message would look like:

 Content-Type: application/pkcs7-mime; smime-type=enveloped-data;
     name="smime.p7m"
 Content-Transfer-Encoding: base64
 Content-Disposition: attachment; filename="smime.p7m"

 rfvbn...

 

For creating a new EncryptedContent to be sent, first use a proper constructor, and subsequently supply the content by means of a setContent, setText, or setDataHandler method. Recipients are added by calling a proper addRecipient method, depending on which CMS key management technique shall be used (key transport or key agreement). When setting the content encryption algorithm by means of the setEncryptionAlgorithm method, optionally the key length may be specified. The S/MIME Version 3 Message Specification recommends DES EDE3 CBC and RC2 CBC to be used as content encryption algorithms. Only for the latter the key length has a meaning and may specify 40, 68, or 128 (default) bits. Before actually sending the Message with the encrypted content, the setHeaders method shall be called for properly updating the message headers.

Typical usage (when using RSA key transport to be compatible to S/MIMEv2):

 MimeMessage msg = new MimeMessage(session);
 ...
 EncryptedContent ec = new EncryptedContent();
 // set the smime-type parameter to "enveloped-data"
 ec.setSMimeType();
 ec.setContent(...);
 ec.addRecipient(recipientCertificate, AlgorithmID.rsaEncryption);
 ec.setEncryptionAlgorithm(algorithm, keyLength);
 // update message headers
 ec.setHeaders(msg);

 msg.setContent(ec, ec.getContentType());
 Transport.send(msg);
 

A recipient uses a proper decryptSymmetricKey method for decrypting the encrypted content encryption key with her/his private key, and subsequently reads the content, e.g.:

 EncryptedContent ec = (EncryptedContent)msg.getContent();
 //recipient at index 0 decrypts the content encryption key:
 ec.decryptSymmetricKey(privateKey, 0);
 // get the content
 Object content = ec.getContent();
 ...
  * 

For more information about the JakartaMail architecture, and how to parsing messages, consult Jakarta Mail specification.

For using the IAIK-JCE S/MIME classes, an application also may need the packages:

• jakarta.mail-api.jar: Get it from Eclipse Foundation.
• jakarta.activation-api.jar: Get it from Eclipse Foundation.
• OPTIONAL: pop3.jar: If you need POP3 access. Get it from eclipse-ee4j.

Furthermore, for telling JAF the data content handlers for the supported S/MIME types, a RFC1524 mailcap file with the following contents has to be put in the lib directory of your JDK (/lib):

 # Default mailcap file for the JakartaMail System
 #
 # for our content-handlers
 #
 text/plain;;   x-java-content-handler=com.sun.mail.handlers.text_plain
 multipart/*;;  x-java-content-handler=com.sun.mail.handlers.multipart_mixed
 message/*;;    x-java-content-handler=com.sun.mail.handlers.message_rfc822
 #
 # IAIK 'mailcap' file
 #
 multipart/signed;;               x-java-content-handler=iaik.smime.signed_content
 application/x-pkcs7-signature;;  x-java-content-handler=iaik.smime.signed_content
 application/x-pkcs7-mime;;       x-java-content-handler=iaik.smime.encrypted_content
 application/x-pkcs10;;           x-java-content-handler=iaik.smime.pkcs10_content
 application/pkcs7-signature;;    x-java-content-handler=iaik.smime.signed_content
 application/pkcs7-mime;;         x-java-content-handler=iaik.smime.encrypted_content
 application/pkcs10;;             x-java-content-handler=iaik.smime.pkcs10_content
 

When creating a new EncryptedContent to be sent per default the new S/MIME content types (application/x-pkcs7-mime, application/x-pkcs7-signature) are used. For using the old types call the static useNewContentTypes method of the SMimeParameters class before creating a new EncryptedContent object, e.g.:

 //switch to old content types
 SMimeParameters.useNewContentTypes(false);
 //create a SignedContent
 EncryptedContent sc = new EncryptedContent();
 ...
 

See Also:

SMimeEncrypted

Field Summary

Fields inherited from interface iaik.smime.SMimeContentType

LOG

Constructor Summary

Constructors

Constructor and Description
EncryptedContent() Creates a new EncryptedContent object.
EncryptedContent(jakarta.activation.DataSource dataSource) Constructs a EncryptedContent object from the given data source.
EncryptedContent(SignedContent signedContent) Creates a new S/MIME encrypted and signed content.
EncryptedContent(SMimeContentType smimeCT)

Method Summary

Modifier and Type	Method and Description
void	addRecipient(RecipientInfo recipientInfo) Adds one recipient.
void	addRecipient(X509Certificate recipientCertificate, AlgorithmID keyEncAlg) Adds one recipient.
void	decryptSymmetricKey(KeyAndCertificateSource keyAndCertificateSource) Locates one of user's decryption keys that is appropriate for decrypting one of the content-encryption keys, decrypts the content-encryption key, and prepares the cipher for decrypting the encrypted content.
void	decryptSymmetricKey(java.security.Key recipientKey, int recipientInfoIndex) Uses the specified key for decrypting the content-encryption key to setup the cipher for decrypting the encrypted content of this EncryptedContent object for the requesting recipient, specified by its recipientInfoIndex.
void	decryptSymmetricKey(java.security.Key recipientKey, KeyIdentifier recipientIdentifier) Uses the specified key for decrypting the content-encryption key to setup the cipher for decrypting the encrypted content of this EncryptedContent object for the requesting recipient, specified by the given recipient identifier.
void	decryptSymmetricKey(java.security.Key recipientKey, X509Certificate recipientCertificate) Uses the specified key for decrypting the content-encryption key to setup the cipher for decrypting the encrypted content of this EncryptedContent object for the requesting recipient, specified by the given recipient certificate.
void	decryptSymmetricKey(SecureStringBuffer password, int recipientInfoIndex) Uses the specified password to derive a key for decrypting the content-encryption key to setup the cipher for decrypting the encrypted content of this EncryptedContent object for the requesting recipient, specified by its recipientInfoIndex.
int	decryptSymmetricKey(User user) Locates one of user's decryption keys that is appropriate for decrypting one of the content-encryption keys, decrypts the content-encryption key, and prepares the cipher for decrypting the encrypted content.
java.lang.Object	getContent() Returns the content as a Java object.
java.io.InputStream	getContentInputStream() Returns an InputStream for this part's unparsed content.
java.lang.String	getContentType() Returns the ContentType and any attached parameters of this EncryptedObject.
jakarta.activation.DataHandler	getDataHandler() Return a DataHandler for the content within this part.
AlgorithmID	getEncryptionAlgorithm() Returns the content-encryption algorithm (including any associated parameters) of this EncryptedContent.
java.io.InputStream	getInputStream() Returns an InputStream for this part's content.
int	getRecipientInfoIndex(X509Certificate recipientCertificate) Returns the recipient info index matching to the supplied recipient certificate.
RecipientInfo[]	getRecipientInfos() Returns information about all recipients of this message.
java.lang.String	getSMimeType() Returns the smime-type parameter to "enveloped-data".
void	setBlockSize(int blockSize) Sets the block size to use when encoding the content.
void	setContent(jakarta.mail.Multipart multipart) This method sets the given Multipart object as this EncryptedObject's content.
void	setContent(java.lang.Object content, java.lang.String type) A convenience method for setting this EncryptedObject's content.
void	setContentContentHeaders(jakarta.mail.Header[] headers) Set some headers for the entity to be encrypted.
void	setContentContentTransferEncoding(java.lang.String cte) Sets the content transfer encoding of the entity to be encrypted.
void	setDataHandler(jakarta.activation.DataHandler dataHandler) Sets the content wrapped by a jakarta.activation.DataHandler.
void	setEncryptionAlgorithm(AlgorithmID contentEncAlg, int keyLength) Sets the symmetric algorithm for encrypting the message.
void	setHeaders(jakarta.mail.Part part) Sets additional headers of the message containing this EncryptedContent.
void	setSession(jakarta.mail.Session session) Set the mail session to use when sending this message.
void	setSMimeType() Sets the smime-type parameter to "enveloped-data".
void	setText(java.lang.String text) A convenience method that sets the given String as this EncryptedObject's content with a MIME type of "text/plain".
void	writeTo(java.io.OutputStream os) Writes this EncryptedContent DER encoded to the given output stream.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

EncryptedContent

public EncryptedContent()

Creates a new EncryptedContent object.

Use a proper setContent, setText, or setDataHandler method for supplying the content to be enveloped. Recipients are added by calling a proper addRecipient method thereby specifying the recipient´s certificate, and the key management algorithm to be used. When setting the content encryption algorithm by means of the setEncryptionAlgorithm method, optionally the key length may be specified. The S/MIME Version 3 Message Specification recommends DES EDE3 CBC and RC2 CBC to be used as content encryption algorithms. Only for the latter the key length has a meaning and may specify 40, 68, or 128 (default) bits. Before actually sending the Message with the encrypted content, the setHeaders method shall be called for properly updating the message headers. Typical usage (for RSA key transport):

 MimeMessage msg = new MimeMessage(session);
 ...
 EncryptedContent ec = new EncryptedContent();
 ec.setContent(...);
 ec.addRecipient(recipientCertificate, AlgorithmID.rsaEncryption);
 ec.setEncryptionAlgorithm(algorithm, keyLength);
 ec.setHeaders(msg);

 msg.setContent(ec, ec.getContentType());
 Transport.send(msg);
 

When using this constructor the smime-type parameter will not be set. Use the setSMimeType parameter for setting the "enveloped-data" smime-type parameter.

EncryptedContent

public EncryptedContent(SignedContent signedContent)

Creates a new S/MIME encrypted and signed content. When using this constructor the smime-type parameter will not be set. Use the setSMimeType parameter for setting the "enveloped-data" smime-type parameter.

Parameters:

signedContent - the SignedContent as content of this EncryptedContent

EncryptedContent

public EncryptedContent(SMimeContentType smimeCT)
                 throws jakarta.mail.MessagingException

Throws:

jakarta.mail.MessagingException

EncryptedContent

public EncryptedContent(jakarta.activation.DataSource dataSource)
                 throws java.io.IOException

Constructs a EncryptedContent object from the given data source. The given data source is expected to supply an DER encoded CMS ContentInfo object holding the enveloped data. During a mail session this constructor usually will not be called directly. Rather it is called by a proper data content handler encrypted_content supplying the data source.

For more information on data handling using the jakarta.activation.DataSource for "MIME type based" data access, see Jakarta EE´s Jakarta Activation Framework (JAF) sepecification.

Parameters:

dataSource - the DataSource supplying the enveloped data

Throws:

java.io.IOException - if an I/O error occurs during reading the object

Method Detail

setSMimeType

public void setSMimeType()

Sets the smime-type parameter to "enveloped-data".

getSMimeType

public java.lang.String getSMimeType()

Returns the smime-type parameter to "enveloped-data". This method is required by the SMimeContentType Interface

Specified by:

getSMimeType in interface SMimeContentType

Returns:

the SMimeType as a String

getContentType

public java.lang.String getContentType()

Returns the ContentType and any attached parameters of this EncryptedObject. This method shall be used when setting an EncryptedContent object as the content of a Message.

 Message msg = ...;
 EncryptedContent ec = new EncryptedContent();
 msg.setContent(ec, ec.getContentType());
 ...
 

Specified by:

getContentType in interface SMimeContentType

Returns:

the content type of this Encrypted object

setDataHandler

public void setDataHandler(jakarta.activation.DataHandler dataHandler)

Sets the content wrapped by a jakarta.activation.DataHandler. This method provides the mechanism to set this EncryptedContent's content, e.g:

 DataHandler dataHandler = new DataHandler(...);
 EncryptedContent sc = new EncryptedContent();
 ec.setDataHandler(dataHandler);
 

The DataHandler wraps around the actual content. It allows clients to discover the operations available on the content, and to instantiate the appropriate component to perform those operations. For more information consult Sun´s Jakarta Activation Framework (JAF) sepecification.

Parameters:

dataHandler - the DataHandler for the content

setContent

public void setContent(java.lang.Object content,
                       java.lang.String type)

A convenience method for setting this EncryptedObject's content. The part internally wraps the content in a DataHandler.

Note that a DataContentHandler class for the specified type should be available to the JakartaMail implementation for this to work right; i.e., to do setContent(foobar, "application/x-foobar"), a DataContentHandler for "application/x-foobar" should be installed. Refer to the Jakarta Activation Framework for more information.

Parameters:

content - a java object

type - MIME type of this object

setText

public void setText(java.lang.String text)

A convenience method that sets the given String as this EncryptedObject's content with a MIME type of "text/plain".

Parameters:

text - the text that is the EncryptedObject's content

setContent

public void setContent(jakarta.mail.Multipart multipart)

This method sets the given Multipart object as this EncryptedObject's content.

Parameters:

multipart - the multipart object that is the EncryptedObject's content

getRecipientInfos

public RecipientInfo[] getRecipientInfos()

Returns information about all recipients of this message. You will need at least the private key of one recipient specified in this array to decrypt the message.

Returns:

all recipients who can decrypt this message

getRecipientInfoIndex

public int getRecipientInfoIndex(X509Certificate recipientCertificate)

Returns the recipient info index matching to the supplied recipient certificate. This method may be used by a recipient for querying for the recipient info that holds the content encryption key encrypted with the public key of the given certificate.

Parameters:

recipientCertificate - the certificate of the recipient

Returns:

the recipient info index matching to the supplied recipient certificate, or -1 if no recipient info belonging to the given certificate can be found

decryptSymmetricKey

public void decryptSymmetricKey(java.security.Key recipientKey,
                                int recipientInfoIndex)
                         throws SMimeException,
                                java.security.InvalidKeyException

Uses the specified key for decrypting the content-encryption key to setup the cipher for decrypting the encrypted content of this EncryptedContent object for the requesting recipient, specified by its recipientInfoIndex.

This method first uses the given key for decrypting the encrypted temporary symmetric key obtained from the corresponding RecipientInfo structure, and subsequently uses this key to initialize a CipherInputStream for decrypting the inherent encrypted content.

Note that the cipher will be only initialized for decrypting in this class. The encrypted-content decryption actually is done during reading the data obtained by calling the getInputStream, getContent, or getDataHandler method. So don´t call any of these methods before decrypting the encrypted content-encryption key!

Note that you have to know the right index into the recipientInfos field when using this method for decrypting the encrypted content-encryption key and setting up the cipher for decryption. You may search for the index by using the getRecipientInfoIndex method.
However, when having some recipient using a key agreement protocol the corresponding RecipientInfo is of type KeyAgreeRecipientInfo which may hold encrypted content-encryption keys for more than only one recipients using the same key agreement algorithm with same domain parameters. Since this decryptSymmetricKey method only can get the KeyAgreeRecipientInfo with the given index (but not search for the right recipient in the KeyAgreeRecipientInfo), it will step through any recipient included in the KeyAgreeRecipientInfo trying to decrypt the encrypted content-encryption key with the supplied key. This may give some overhead so it might be appropriate to use another decryptSymmetric method allowing to immediately identify the particular recipient in mind by its #decryptSymmetricKey(Key, KeyIdentifier) keyIdentifier} or certificate.

Parameters:

recipientKey - the key of the recipient to be used for decrypting the encrypted content-encryption key for setting up the cipher for decrypting the encrypted content-encryption key.

recipientInfoIndex - the index into the recipientInfos field

Throws:

SMIMEException - if there occurs an error while decrypting the content-encryption key or setting up the cipher for decrypting the content

java.security.InvalidKeyException - if the specified key is not valid

SMimeException

decryptSymmetricKey

public void decryptSymmetricKey(SecureStringBuffer password,
                                int recipientInfoIndex)
                         throws SMimeException,
                                java.security.InvalidKeyException

Uses the specified password to derive a key for decrypting the content-encryption key to setup the cipher for decrypting the encrypted content of this EncryptedContent object for the requesting recipient, specified by its recipientInfoIndex.

This method first uses the given password to derive a key for decrypting the encrypted temporary symmetric key obtained from the corresponding RecipientInfo structure, and subsequently uses this key to initialize a CipherInputStream for decrypting the inherent encrypted content.

Note that the cipher will be only initialized for decrypting in this class. The encrypted-content decryption actually is done during reading the data obtained by calling the getInputStream, getContent, or getDataHandler method. So don´t call any of these methods before decrypting the encrypted content-encryption key!

Note that you have to know the right index into the recipientInfos field when using this method for decrypting the encrypted content-encryption key and setting up the cipher for decryption. You may search for the index by using the getRecipientInfoIndex method.

Parameters:

password - the password used to derive the key to be used for decrypting the encrypted content-encryption key.

recipientInfoIndex - the index into the recipientInfos field

Throws:

SMIMEException - if there occurs an error while decrypting the content-encryption key or setting up the cipher for decrypting the content

java.security.InvalidKeyException - if the specified key is not valid

SMimeException

decryptSymmetricKey

public void decryptSymmetricKey(java.security.Key recipientKey,
                                KeyIdentifier recipientIdentifier)
                         throws SMimeException,
                                java.security.InvalidKeyException

Uses the specified key for decrypting the content-encryption key to setup the cipher for decrypting the encrypted content of this EncryptedContent object for the requesting recipient, specified by the given recipient identifier.

This method first uses the given key for decrypting the encrypted temporary symmetric key obtained from the corresponding RecipientInfo structure, and subsequently uses this key to initialize a CipherInputStream for decrypting the inherent encrypted content.

Note that the cipher will be only initialized for decrypting in this class. The encrypted-content decryption actually is done during reading the data obtained by calling the getInputStream, getContent, or getDataHandler method. So don´t call any of these methods before decrypting the encrypted content-encryption key!

This decryptSymmetricKey method can be used to decrypt the encrypted content-encryption key and setup the cipher for decryption for any type of RecipientInfo. The supplied recipient identifier will be used for searching for the right RecipientInfo in the recipientInfos field.

Parameters:

recipientKey - the key of the recipient to be used for decrypting the encrypted content-encryption key for setting up the cipher for decrypting the encrypted content-encryption key.

recipientIdentifier - specifies which RecipientInfo the given key belongs to

Throws:

SMIMEException - if there occurs an error while decrypting the content-encryption key or setting up the cipher for decrypting the content, or no RecipientInfo for the requested recipient is included

java.security.InvalidKeyException - if the specified key is not valid

SMimeException

decryptSymmetricKey

public void decryptSymmetricKey(java.security.Key recipientKey,
                                X509Certificate recipientCertificate)
                         throws SMimeException,
                                java.security.InvalidKeyException

Uses the specified key for decrypting the content-encryption key to setup the cipher for decrypting the encrypted content of this EncryptedContent object for the requesting recipient, specified by the given recipient certificate.

This method first uses the given key for decrypting the encrypted temporary symmetric key obtained from the corresponding RecipientInfo structure, and subsequently uses this key to initialize a CipherInputStream for decrypting the inherent encrypted content.

Note that the cipher will be only initialized for decrypting in this class. The encrypted-content decryption actually is done during during reading the data obtained by calling the getInputStream, getContent, or getDataHandler method. So don´t call any of these methods before decrypting the encrypted content-encryption key!

Note that this method only can be used for decrypting the encrypted content encyrption key and setting up the cipher for content decryption if the recipient in mind has a RecipientInfo of type KeyTransRecipientInfo or KeyAgreeRecipientInfo using a public key from a certificate for its key management protocol. However, this should be no problem since S/MIME generally only uses certificate based RecipientInfos.

Parameters:

recipientKey - the key of the recipient to be used for decrypting the encrypted content-encryption key for setting up the cipher for decrypting the encrypted content-encryption key.

recipientCertificate - the certificate of the recipient specifying which RecipientInfo the recipient´s private key belongs to

Throws:

SMimeException - if there occurs an error while decrypting the content-encryption key or setting up the cipher for decrypting the content, or no RecipientInfo for the requested recipient is included

java.security.InvalidKeyException - if the specified recipient key is not valid

decryptSymmetricKey

public int decryptSymmetricKey(User user)
                        throws UserNotLoggedInException,
                               NotARecipientException,
                               SMimeException

Locates one of user's decryption keys that is appropriate for decrypting one of the content-encryption keys, decrypts the content-encryption key, and prepares the cipher for decrypting the encrypted content.

The cipher will be only initialized for decrypting with this call; The encrypted-content decryption actually is done when the data is read by calling the getInputStream, getContent, or getDataHandler method. So don´t call any of these methods before decrypting the encrypted content-encryption key!

Note:

This method is only capable of searching recipient information that is in 'key transport' (KeyTransRecipientInfo) format and contains the key identifier in 'issuerAndSerialNumber' (IssuerAndSerialNumber) format; all other formats of recipient information are ignored.

Parameters:

user - the user

Returns:

the index of the recipient information from which the symmetric content-encryption key was decrypted

Throws:

UserNotLoggedInException - if the user is not logged in

NotARecipientException - if the user is not listed as a recipient (unable to decrypt the content)

SMimeException - if an error occurs while decrypting the content-encryption key or setting up the cipher for decrypting the content

Since:

7.1

decryptSymmetricKey

public void decryptSymmetricKey(KeyAndCertificateSource keyAndCertificateSource)
                         throws NotARecipientException,
                                SMimeException

Locates one of user's decryption keys that is appropriate for decrypting one of the content-encryption keys, decrypts the content-encryption key, and prepares the cipher for decrypting the encrypted content.

The cipher will be only initialized for decrypting with this call; The encrypted-content decryption actually is done when the data is read by calling the getInputStream, getContent, or getDataHandler method. So don´t call any of these methods before decrypting the encrypted content-encryption key!

Note:

This method is only capable of searching recipient information that is in 'key transport' (KeyTransRecipientInfo) format and contains the key identifier in 'issuerAndSerialNumber' (IssuerAndSerialNumber) format; all other formats of recipient information are ignored.

Parameters:

keyAndCertificateSource - a user's keys and certificates

Throws:

NotARecipientException - if the user is not listed as a recipient (unable to decrypt the content)

SMimeException - if an error occurs while decrypting the content-encryption key or setting up the cipher for decrypting the content

Since:

7.1

setHeaders

public void setHeaders(jakarta.mail.Part part)

Sets additional headers of the message containing this EncryptedContent. This function is identical to the previous setHeaders(Message message) but is more Generic by taking Part as the parameter. (jakarta.mail.Part is an interface which is implemented by Message. This method adds one header with one parameter to the specified message:

 Content-Disposition: attachment";
     filename="smime.p7m"
 Content-Transfer-Encoding: base64
 

Specified by:

setHeaders in interface SMimeContentType

Parameters:

part - message to add the headers

setBlockSize

public void setBlockSize(int blockSize)

Sets the block size to use when encoding the content. Setting to 0 causes definite length ASN.1 encoding to be used, setting to a positive number causes indefinite length encoding to be used, with blocks split up to the given size.

The default block size is 2048.

Note

Setting the block size to 0 causes all data to be buffered internally before being written, and is only suitable when encrypting small messages.

Parameters:

blockSize - the block size to use when encoding the content.

Since:

Entrust 7.0

getContent

public java.lang.Object getContent()
                            throws java.io.IOException,
                                   jakarta.mail.MessagingException

Returns the content as a Java object. The type of the returned object of course depends on the content itself. For example, the object returned for "text/plain" content is usually a String object. For content-types that are unknown to the DataHandler system, an input stream is returned as the content.

Returns:

an Object representing the content of the decrypted message

Throws:

java.io.IOException - if an I/O error occurs when getting the content from the inherent data handler

jakarta.mail.MessagingException - if an error occurs when fetching the inherent data handler

getDataHandler

public jakarta.activation.DataHandler getDataHandler()
                                              throws jakarta.mail.MessagingException

Return a DataHandler for the content within this part. The DataHandler allows clients to operate on as well as retrieve the content.

Returns:

a DataHandler for the content

Throws:

jakarta.mail.MessagingException - if an error occurs when fetching the data handler

getInputStream

public java.io.InputStream getInputStream()
                                   throws java.io.IOException,
                                          jakarta.mail.MessagingException

Returns an InputStream for this part's content. Any mail-specific transfer encodings will be decoded before the input stream is provided. But this also means that the message is completely parsed and therefore large messages can cause an OutOfMemoryException.

Returns:

an InputStream holding the content of the message

Throws:

java.io.IOException - if an I/O error occurs when getting the input stream from the inherent data handler

jakarta.mail.MessagingException - if an error occurs when fetching the inherent data handler

getContentInputStream

public java.io.InputStream getContentInputStream()
                                          throws java.io.IOException

Returns an InputStream for this part's unparsed content. No mail-specific transfer encodings will be decoded before the input stream is provided. This is typically a convenience method that just invokes the SMimeEncrypted's getInputStream() method.

This method can be used to get the content of large messages.

Returns:

an InputStream holding supplying the unparsed message

Throws:

java.io.IOException

addRecipient

public void addRecipient(X509Certificate recipientCertificate,
                         AlgorithmID keyEncAlg)

Adds one recipient.

When using this method for adding a Recipient, the corresponding RecipientInfo will be the KeyTransRecipientInfo choice and the recipient certificate will be identified by IssuerAndSerialNumber. So use this method with rsaEncyrption as key transport algorithm to be compatible to S/MIMEv2.

Parameters:

recipientCertificate - the certificate of the recipient

keyEncAlg - the algorithm to use for encrypting the symmetric key (e.g. AlgorithmID.rsaEncryption)

addRecipient

public void addRecipient(RecipientInfo recipientInfo)

Adds one recipient.

Parameters:

recipientInfo - the recipientInfo for the recipient to be added

setEncryptionAlgorithm

public void setEncryptionAlgorithm(AlgorithmID contentEncAlg,
                                   int keyLength)

Sets the symmetric algorithm for encrypting the message.

The default value is AlgorithmID.des_EDE3_CBC

Note: The keylength should correspond to the keylength of the selected AlgorithmID. For example, if AlgorithmID.aes_256_CBC is selected, but a keylength of 128 is used, then an AES key of length 128 will be generated. However, the algorithm ID used will contain the Object ID for the incorrect algorithm keysize. So although the message will be generated, this will likely result in a decryption failure at the recipient's end.

Parameters:

contentEncAlg - the algorithm for encrypting the content

keyLength - the key length for RC2

getEncryptionAlgorithm

public AlgorithmID getEncryptionAlgorithm()

Returns the content-encryption algorithm (including any associated parameters) of this EncryptedContent.

Returns:

the content encryption algorithm

setContentContentTransferEncoding

public void setContentContentTransferEncoding(java.lang.String cte)

Sets the content transfer encoding of the entity to be encrypted. This method allows to set the content transfer encoding for the inner entity when method setText or setDataHandler is used for supplying the content. However, the supplied content transfer encoding will be ignored when the inner entity is a structured entity.

Parameters:

cte - the content transfer encoding to be applied to the inner entity to be signed

setContentContentHeaders

public void setContentContentHeaders(jakarta.mail.Header[] headers)

Set some headers for the entity to be encrypted. This method allows to set some headers for the inner entity when method setText or setDataHandler is used for supplying the content, or a SignedContent is being encrypted. However, the supplied header will be ignored when the inner entity is a structured entity. The supplied headers are not cloned.

Parameters:

headers - the headers to be applied to the inner entity to be signed

Since:

Entrust 7.0

setSession

public void setSession(jakarta.mail.Session session)

Set the mail session to use when sending this message. If not set, the default mail session is used.

Parameters:

session -

writeTo

public void writeTo(java.io.OutputStream os)
             throws java.io.IOException,
                    jakarta.mail.MessagingException

Writes this EncryptedContent DER encoded to the given output stream.

Throws:

java.io.IOException - if an error occurs writing to the stream

jakarta.mail.MessagingException - if an error occurs when fetching the data to be written