Class PKCS7
- java.lang.Object
-
- org.mozilla.jss.netscape.security.pkcs.PKCS7
-
public class PKCS7 extends java.lang.Object
PKCS7 as defined in RSA Laboratories PKCS7 Technical Note. Profile Supports onlySignedData
ContentInfo type, where to the type of data signed is plain Data. For signedData,crls
,attributes
and PKCS#6 Extended Certificates are not supported.
-
-
Constructor Summary
Constructors Constructor Description PKCS7(byte[] bytes)
Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes.PKCS7(java.io.InputStream in)
Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the InputStream.PKCS7(java.lang.String input)
Unmarshals a PKCS7 block from PEM format.PKCS7(java.security.cert.X509Certificate[] certs)
Construct PKCS7 from an array of certificates.PKCS7(DerInputStream derin)
Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the DerInputStream.PKCS7(AlgorithmId[] digestAlgorithmIds, ContentInfo contentInfo, java.security.cert.X509Certificate[] certificates, SignerInfo[] signerInfos)
Construct an initialized PKCS7 block.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
encodeSignedData(java.io.OutputStream out)
Encodes the signed data to an output stream.void
encodeSignedData(java.io.OutputStream out, boolean sort)
Like method above but not sorted.void
encodeSignedData(DerOutputStream out)
encode signed data, sort certs by default.void
encodeSignedData(DerOutputStream out, boolean sort)
Encodes the signed data to a DerOutputStream.byte[]
getBytes()
java.security.cert.X509Certificate
getCertificate(BigInt serial, X500Name name)
Returns the X.509 certificate listed in this PKCS7 block which has a matching serial number and Issuer name, or null if one is not found.java.security.cert.X509Certificate[]
getCertificates()
Returns the X.509 certificates listed in this PKCS7 block.ContentInfo
getContentInfo()
Returns the content information specified in this PKCS7 block.AlgorithmId[]
getDigestAlgorithmIds()
Returns the message digest algorithms specified in this PKCS7 block.SignerInfo[]
getSignerInfos()
Returns the signer's information specified in this PKCS7 block.BigInt
getVersion()
Returns the version number of this PKCS7 block.java.lang.String
toPEMString()
java.lang.String
toString()
Returns the PKCS7 block in a printable string form.SignerInfo[]
verify()
Returns all signerInfos which self-verify.SignerInfo[]
verify(byte[] bytes)
Returns all signerInfos which self-verify.SignerInfo
verify(SignerInfo info, byte[] bytes)
This verifies a given SignerInfo.
-
-
-
Field Detail
-
HEADER
public static final java.lang.String HEADER
- See Also:
- Constant Field Values
-
FOOTER
public static final java.lang.String FOOTER
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
PKCS7
public PKCS7(java.io.InputStream in) throws ParsingException, java.io.IOException
Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the InputStream.- Parameters:
in
- an input stream holding at least one PKCS7 block.- Throws:
ParsingException
- on parsing errors.java.io.IOException
- on other errors.
-
PKCS7
public PKCS7(DerInputStream derin) throws ParsingException
Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the DerInputStream.- Parameters:
derin
- a DerInputStream holding at least one PKCS7 block.- Throws:
ParsingException
- on parsing errors.
-
PKCS7
public PKCS7(byte[] bytes) throws ParsingException
Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes.- Parameters:
bytes
- the encoded bytes.- Throws:
ParsingException
- on parsing errors.
-
PKCS7
public PKCS7(java.lang.String input) throws ParsingException, java.io.IOException
Unmarshals a PKCS7 block from PEM format.- Parameters:
input
- the PKCS7 block in PEM format.- Throws:
ParsingException
- on parsing errors.java.io.IOException
-
PKCS7
public PKCS7(AlgorithmId[] digestAlgorithmIds, ContentInfo contentInfo, java.security.cert.X509Certificate[] certificates, SignerInfo[] signerInfos)
Construct an initialized PKCS7 block.- Parameters:
digestAlgorithmIds
- the message digest algorithm identifiers.contentInfo
- the content information.certificates
- an array of X.509 certificates.signerInfos
- an array of signer information.
-
PKCS7
public PKCS7(java.security.cert.X509Certificate[] certs)
Construct PKCS7 from an array of certificates.- Parameters:
certs
- Array of certificates.
-
-
Method Detail
-
encodeSignedData
public void encodeSignedData(java.io.OutputStream out) throws java.io.IOException
Encodes the signed data to an output stream.- Parameters:
out
- the output stream to write the encoded data to.- Throws:
java.io.IOException
- on encoding errors.
-
encodeSignedData
public void encodeSignedData(java.io.OutputStream out, boolean sort) throws java.io.IOException
Like method above but not sorted.- Throws:
java.io.IOException
-
encodeSignedData
public void encodeSignedData(DerOutputStream out) throws java.io.IOException
encode signed data, sort certs by default.- Throws:
java.io.IOException
-
encodeSignedData
public void encodeSignedData(DerOutputStream out, boolean sort) throws java.io.IOException
Encodes the signed data to a DerOutputStream.- Parameters:
out
- the DerOutputStream to write the encoded data to.- Throws:
java.io.IOException
- on encoding errors.
-
verify
public SignerInfo verify(SignerInfo info, byte[] bytes) throws java.security.NoSuchAlgorithmException, java.security.SignatureException
This verifies a given SignerInfo.- Parameters:
info
- the signer information.bytes
- the DER encoded content information.- Throws:
java.security.NoSuchAlgorithmException
- on unrecognized algorithms.java.security.SignatureException
- on signature handling errors.
-
verify
public SignerInfo[] verify(byte[] bytes) throws java.security.NoSuchAlgorithmException, java.security.SignatureException
Returns all signerInfos which self-verify.- Parameters:
bytes
- the DER encoded content information.- Throws:
java.security.NoSuchAlgorithmException
- on unrecognized algorithms.java.security.SignatureException
- on signature handling errors.
-
verify
public SignerInfo[] verify() throws java.security.NoSuchAlgorithmException, java.security.SignatureException
Returns all signerInfos which self-verify.- Throws:
java.security.NoSuchAlgorithmException
- on unrecognized algorithms.java.security.SignatureException
- on signature handling errors.
-
getVersion
public BigInt getVersion()
Returns the version number of this PKCS7 block.
-
getDigestAlgorithmIds
public AlgorithmId[] getDigestAlgorithmIds()
Returns the message digest algorithms specified in this PKCS7 block.
-
getContentInfo
public ContentInfo getContentInfo()
Returns the content information specified in this PKCS7 block.
-
getCertificates
public java.security.cert.X509Certificate[] getCertificates()
Returns the X.509 certificates listed in this PKCS7 block.
-
getSignerInfos
public SignerInfo[] getSignerInfos()
Returns the signer's information specified in this PKCS7 block.
-
getCertificate
public java.security.cert.X509Certificate getCertificate(BigInt serial, X500Name name)
Returns the X.509 certificate listed in this PKCS7 block which has a matching serial number and Issuer name, or null if one is not found.- Parameters:
serial
- the serial number of the certificate to retrieve.name
- the Distinguished Name of the Issuer.
-
getBytes
public byte[] getBytes() throws java.io.IOException
- Throws:
java.io.IOException
-
toPEMString
public java.lang.String toPEMString() throws java.io.IOException
- Throws:
java.io.IOException
-
toString
public java.lang.String toString()
Returns the PKCS7 block in a printable string form.- Overrides:
toString
in classjava.lang.Object
-
-