Refactoring in CMS

Author: peterdettman

pkix/src/main/java/org/bouncycastle/cms/CMSUtils.java

@@ -61,18 +61,16 @@
 
 class CMSUtils
 {
-    private static final Set<String> des = new HashSet<String>();
+    private static final Set desAlgs = new HashSet();
     private static final Set mqvAlgs = new HashSet();
     private static final Set ecAlgs = new HashSet();
     private static final Set gostAlgs = new HashSet();
 
     static
     {
-        des.add("DES");
-        des.add("DESEDE");
-        des.add(OIWObjectIdentifiers.desCBC.getId());
-        des.add(PKCSObjectIdentifiers.des_EDE3_CBC.getId());
-        des.add(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId());
+        desAlgs.add(OIWObjectIdentifiers.desCBC);
+        desAlgs.add(PKCSObjectIdentifiers.des_EDE3_CBC);
+        desAlgs.add(PKCSObjectIdentifiers.id_alg_CMS3DESwrap);
 
         mqvAlgs.add(X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme);
         mqvAlgs.add(SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme);
@@ -113,14 +111,13 @@ static boolean isGOST(ASN1ObjectIdentifier algorithm)
 
     static boolean isRFC2631(ASN1ObjectIdentifier algorithm)
     {
-        return algorithm.equals(PKCSObjectIdentifiers.id_alg_ESDH) || algorithm.equals(PKCSObjectIdentifiers.id_alg_SSDH);
+        return PKCSObjectIdentifiers.id_alg_ESDH.equals(algorithm)
+            || PKCSObjectIdentifiers.id_alg_SSDH.equals(algorithm);
     }
 
-    static boolean isDES(String algorithmID)
+    static boolean isDES(ASN1ObjectIdentifier algorithm)
     {
-        String name = Strings.toUpperCase(algorithmID);
-
-        return des.contains(name);
+        return desAlgs.contains(algorithm);
     }
 
     static boolean isEquivalent(AlgorithmIdentifier algId1, AlgorithmIdentifier algId2)

pkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientInfoGenerator.java

@@ -1,6 +1,8 @@
 package org.bouncycastle.cms;
 
+import org.bouncycastle.asn1.ASN1Encodable;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1OctetString;
 import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.DERNull;
 import org.bouncycastle.asn1.DEROctetString;
@@ -18,64 +20,50 @@
 public abstract class KeyAgreeRecipientInfoGenerator
     implements RecipientInfoGenerator
 {
-    private ASN1ObjectIdentifier keyAgreementOID;
-    private ASN1ObjectIdentifier keyEncryptionOID;
-    private SubjectPublicKeyInfo originatorKeyInfo;
+    private final ASN1ObjectIdentifier keyAgreementOID;
+    private final ASN1ObjectIdentifier keyEncryptionOID;
+    private final SubjectPublicKeyInfo originatorKeyInfo;
 
-    protected KeyAgreeRecipientInfoGenerator(ASN1ObjectIdentifier keyAgreementOID, SubjectPublicKeyInfo originatorKeyInfo, ASN1ObjectIdentifier keyEncryptionOID)
+    protected KeyAgreeRecipientInfoGenerator(ASN1ObjectIdentifier keyAgreementOID,
+        SubjectPublicKeyInfo originatorKeyInfo, ASN1ObjectIdentifier keyEncryptionOID)
     {
         this.originatorKeyInfo = originatorKeyInfo;
         this.keyAgreementOID = keyAgreementOID;
         this.keyEncryptionOID = keyEncryptionOID;
     }
 
-    public RecipientInfo generate(GenericKey contentEncryptionKey)
-        throws CMSException
+    public RecipientInfo generate(GenericKey contentEncryptionKey) throws CMSException
     {
-        OriginatorIdentifierOrKey originator = new OriginatorIdentifierOrKey(
-            createOriginatorPublicKey(originatorKeyInfo));
+        OriginatorPublicKey originatorPublicKey = createOriginatorPublicKey(originatorKeyInfo); 
+        OriginatorIdentifierOrKey originator = new OriginatorIdentifierOrKey(originatorPublicKey);
 
-        AlgorithmIdentifier keyEncAlg;
-        if (CMSUtils.isDES(keyEncryptionOID.getId()) || keyEncryptionOID.equals(PKCSObjectIdentifiers.id_alg_CMSRC2wrap))
+        ASN1Encodable keyEncAlgParams = null;
+        if (CMSUtils.isDES(keyEncryptionOID) || PKCSObjectIdentifiers.id_alg_CMSRC2wrap.equals(keyEncryptionOID))
         {
-            keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID, DERNull.INSTANCE);
+            keyEncAlgParams = DERNull.INSTANCE;
         }
         else if (CMSUtils.isGOST(keyAgreementOID))
         {
-            keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID, new Gost2814789KeyWrapParameters(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet));
-        }
-        else
-        {
-            keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID);
+            keyEncAlgParams = new Gost2814789KeyWrapParameters(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet);
         }
 
-        AlgorithmIdentifier keyAgreeAlg = new AlgorithmIdentifier(keyAgreementOID, keyEncAlg);
+        AlgorithmIdentifier keyEncAlgorithm = new AlgorithmIdentifier(keyEncryptionOID, keyEncAlgParams);
+        AlgorithmIdentifier keyAgreeAlgorithm = new AlgorithmIdentifier(keyAgreementOID, keyEncAlgorithm);
 
-        ASN1Sequence recipients = generateRecipientEncryptedKeys(keyAgreeAlg, keyEncAlg, contentEncryptionKey);
-        byte[] userKeyingMaterial = getUserKeyingMaterial(keyAgreeAlg);
+        ASN1Sequence recipients = generateRecipientEncryptedKeys(keyAgreeAlgorithm, keyEncAlgorithm, contentEncryptionKey);
 
-        if (userKeyingMaterial != null)
-        {
-            return new RecipientInfo(new KeyAgreeRecipientInfo(originator, new DEROctetString(userKeyingMaterial),
-                keyAgreeAlg, recipients));
-        }
-        else
-        {
-            return new RecipientInfo(new KeyAgreeRecipientInfo(originator, null, keyAgreeAlg, recipients));
-        }
+        ASN1OctetString ukm = DEROctetString.fromContentsOptional(getUserKeyingMaterial(keyAgreeAlgorithm));
+
+        return new RecipientInfo(new KeyAgreeRecipientInfo(originator, ukm, keyAgreeAlgorithm, recipients));
     }
 
     protected OriginatorPublicKey createOriginatorPublicKey(SubjectPublicKeyInfo originatorKeyInfo)
     {
-        return new OriginatorPublicKey(
-            originatorKeyInfo.getAlgorithm(),
-            originatorKeyInfo.getPublicKeyData().getBytes());
+        return new OriginatorPublicKey(originatorKeyInfo.getAlgorithm(), originatorKeyInfo.getPublicKeyData());
     }
 
-    protected abstract ASN1Sequence generateRecipientEncryptedKeys(AlgorithmIdentifier keyAgreeAlgorithm, AlgorithmIdentifier keyEncAlgorithm, GenericKey contentEncryptionKey)
-        throws CMSException;
-
-    protected abstract byte[] getUserKeyingMaterial(AlgorithmIdentifier keyAgreeAlgorithm)
-        throws CMSException;
+    protected abstract ASN1Sequence generateRecipientEncryptedKeys(AlgorithmIdentifier keyAgreeAlgorithm,
+        AlgorithmIdentifier keyEncAlgorithm, GenericKey contentEncryptionKey) throws CMSException;
 
-}
+    protected abstract byte[] getUserKeyingMaterial(AlgorithmIdentifier keyAgreeAlgorithm) throws CMSException;
+}

pkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientInfoGenerator.java

@@ -269,18 +269,14 @@ protected byte[] getUserKeyingMaterial(AlgorithmIdentifier keyAgreeAlg)
 
         if (ephemeralKP != null)
         {
-            OriginatorPublicKey originatorPublicKey = createOriginatorPublicKey(SubjectPublicKeyInfo.getInstance(ephemeralKP.getPublic().getEncoded()));
+            OriginatorPublicKey originatorPublicKey = createOriginatorPublicKey(
+                SubjectPublicKeyInfo.getInstance(ephemeralKP.getPublic().getEncoded()));
 
             try
             {
-                if (userKeyingMaterial != null)
-                {
-                    return new MQVuserKeyingMaterial(originatorPublicKey, new DEROctetString(userKeyingMaterial)).getEncoded();
-                }
-                else
-                {
-                    return new MQVuserKeyingMaterial(originatorPublicKey, null).getEncoded();
-                }
+                ASN1OctetString addedukm = DEROctetString.withContentsOptional(userKeyingMaterial);
+
+                return new MQVuserKeyingMaterial(originatorPublicKey, addedukm).getEncoded();
             }
             catch (IOException e)
             {