org.mozilla.jss.pkix.cms

Class SignedData

java.lang.Object

org.mozilla.jss.pkix.cms.SignedData

All Implemented Interfaces:

ASN1Value

public class SignedData
extends java.lang.Object
implements ASN1Value

A CMS SignedData structure.

The certificates field should only contain X.509 certificates. PKCS #6 extended certificates will fail to decode properly.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	SignedData.Template A template file for decoding a SignedData blob

Constructor Summary

Constructors

Constructor and Description
SignedData(SET digestAlgorithms, EncapsulatedContentInfo contentInfo, SET certificates, SET crls, SET signerInfos) Create a SignedData ASN1 object.

Method Summary

Methods

Modifier and Type	Method and Description
void	encode(java.io.OutputStream ostream) Write this value's DER encoding to an output stream using its own base tag.
void	encode(Tag tag, java.io.OutputStream ostream) Write this value's DER encoding to an output stream using an implicit tag.
SET	getCertificates() Returns the certificates field, which is a SET of X.509 certificates (org.mozilla.jss.pkix.cert.Certificate).
EncapsulatedContentInfo	getContentInfo() Returns the EncapsulatedContentInfo containing the signed content.
SET	getCrls() Returns the crls field, which contains a SET of certificate revocation lists represented by ANYs (org.mozilla.jss.asn1.ANY).
SET	getDigestAlgorithmIdentifiers() Returns the digest algorithms used by the signers to digest the signed content.
SET	getSignerInfos() Returns the signerInfos field, which is a SET of org.mozilla.jss.pkcs7.SignerInfo.
Tag	getTag() Returns the base tag for this type, not counting any tags that may be imposed on it by its context.
static SignedData.Template	getTemplate()
INTEGER	getVersion() Returns the version of this SignedData.
boolean	hasCertificates() Returns true if the certificates field is present.
boolean	hasCrls() Returns true if the crls field is present.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SignedData

public SignedData(SET digestAlgorithms,
          EncapsulatedContentInfo contentInfo,
          SET certificates,
          SET crls,
          SET signerInfos)

Create a SignedData ASN1 object. Both certificates and crls are optional. If you pass in a null for either value, that parameter will not get written in the sequence.

Parameters:

digestAlgorithms - A SET of zero or more algorithm identifiers. The purpose of this item is to list the digest algorithms used by the various signers to digest the signed content. This field will also be updated by the addSigner method. If all the signers are added with addSigner, it is not necessary to list the digest algorithms here.

If null is passed in, the digestAlgorithms field will be initialized with an empty SET.

contentInfo - The content that is being signed. This parameter may not be null. However, the content field of the contentInfo may be omitted, in which case the signatures contained in the SignerInfo structures are presumed to be on externally-supplied data.

certificates - A SET of org.mozilla.jss.pkix.cert.Certificate, the certificates containing the public keys used to sign the content. It may also contain elements of the CA chain extending from the leaf certificates. It is not necessary to include the CA chain, or indeed to include any certificates, if the certificates are expected to already be possessed by the recipient. The recipient can use the issuer and serial number in the SignerInfo structure to search for the necessary certificates. If this parameter is null, the certificates field will be omitted.

crls - A SET of ASN1Values, which should encode to the ASN1 type CertificateRevocationList. This implementation does not interpret crls. If this parameter is null, the crls field will be omitted.

signerInfos - SignerInfo structures containing signatures of the content. Additional signerInfos can be added with the addSigner method. If this parameter is null, the field will be initialized with an empty SET.

Method Detail

getVersion

public INTEGER getVersion()

Returns the version of this SignedData. The current version of the spec is version 3.

getDigestAlgorithmIdentifiers

public SET getDigestAlgorithmIdentifiers()

Returns the digest algorithms used by the signers to digest the signed content. There may be more than one, if different signers use different digesting algorithms.

getContentInfo

public EncapsulatedContentInfo getContentInfo()

Returns the EncapsulatedContentInfo containing the signed content. The simple case is for the content to be of type data, although any content type can be signed.

getCertificates

public SET getCertificates()

Returns the certificates field, which is a SET of X.509 certificates (org.mozilla.jss.pkix.cert.Certificate). PKCS #6 Extended Certificates are not supported by this implementation. Returns null if this optional field is not present.

hasCertificates

public boolean hasCertificates()

Returns true if the certificates field is present.

getCrls

public SET getCrls()

Returns the crls field, which contains a SET of certificate revocation lists represented by ANYs (org.mozilla.jss.asn1.ANY).

hasCrls

public boolean hasCrls()

Returns true if the crls field is present.

getSignerInfos

public SET getSignerInfos()

Returns the signerInfos field, which is a SET of org.mozilla.jss.pkcs7.SignerInfo.

getTag

public Tag getTag()

Description copied from interface: ASN1Value

Returns the base tag for this type, not counting any tags that may be imposed on it by its context.

Specified by:

getTag in interface ASN1Value

encode

public void encode(java.io.OutputStream ostream)
            throws java.io.IOException

Description copied from interface: ASN1Value

Write this value's DER encoding to an output stream using its own base tag.

Specified by:

encode in interface ASN1Value

Throws:

java.io.IOException

encode

public void encode(Tag tag,
          java.io.OutputStream ostream)
            throws java.io.IOException

Description copied from interface: ASN1Value

Write this value's DER encoding to an output stream using an implicit tag.

Specified by:

encode in interface ASN1Value

Throws:

java.io.IOException

getTemplate

public static SignedData.Template getTemplate()