Package org.mozilla.jss.pkix.cms
Class SignedData
java.lang.Object
org.mozilla.jss.pkix.cms.SignedData
- All Implemented Interfaces:
ASN1Value
A CMS SignedData structure.
The certificates field should only contain X.509 certificates. PKCS #6 extended certificates will fail to decode properly.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
A template file for decoding a SignedData blob -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate SET
private EncapsulatedContentInfo
private SET
private SET
private SET
(package private) static final Tag
private static final SignedData.Template
private INTEGER
private static final INTEGER
-
Constructor Summary
ConstructorsConstructorDescriptionSignedData
(INTEGER version, SET digestAlgorithms, EncapsulatedContentInfo contentInfo, SET certificates, SET crls, SET signerInfos) Constructor for creating a SignedData from its encoding.SignedData
(SET digestAlgorithms, EncapsulatedContentInfo contentInfo, SET certificates, SET crls, SET signerInfos) Create a SignedData ASN1 object. -
Method Summary
Modifier and TypeMethodDescriptionvoid
encode
(OutputStream ostream) Write this value's DER encoding to an output stream using its own base tag.void
encode
(Tag tag, OutputStream ostream) Write this value's DER encoding to an output stream using an implicit tag.Returns the certificates field, which is a SET of X.509 certificates (org.mozilla.jss.pkix.cert.Certificate).Returns the EncapsulatedContentInfo containing the signed content.getCrls()
Returns the crls field, which contains a SET of certificate revocation lists represented by ANYs (org.mozilla.jss.asn1.ANY).Returns the digest algorithms used by the signers to digest the signed content.Returns the signerInfos field, which is a SET of org.mozilla.jss.pkix.cms.SignerInfo.getTag()
Returns the base tag for this type, not counting any tags that may be imposed on it by its context.static SignedData.Template
Returns the version of this SignedData.boolean
Returns true if thecertificates
field is present.boolean
hasCrls()
Returns true if thecrls
field is present.private static void
verifyNotNull
(Object obj)
-
Field Details
-
version
-
digestAlgorithms
-
contentInfo
-
certificates
-
crls
-
signerInfos
-
VERSION
-
TAG
-
templateInstance
-
-
Constructor Details
-
SignedData
public SignedData(SET digestAlgorithms, EncapsulatedContentInfo contentInfo, SET certificates, SET crls, SET signerInfos) Create a SignedData ASN1 object. Both certificates and CRLs are optional. If you pass in a null for either value, that parameter will not get written in the sequence.- Parameters:
digestAlgorithms
- A SET of zero or more algorithm identifiers. The purpose of this item is to list the digest algorithms used by the various signers to digest the signed content. This field will also be updated by theaddSigner
method. If all the signers are added withaddSigner
, it is not necessary to list the digest algorithms here.If
null
is passed in, thedigestAlgorithms
field will be initialized with an emptySET
.contentInfo
- The content that is being signed. This parameter may not benull
. However, thecontent
field of the contentInfo may be omitted, in which case the signatures contained in theSignerInfo
structures are presumed to be on externally-supplied data.certificates
- A SET of org.mozilla.jss.pkix.cert.Certificate, the certificates containing the public keys used to sign the content. It may also contain elements of the CA chain extending from the leaf certificates. It is not necessary to include the CA chain, or indeed to include any certificates, if the certificates are expected to already be possessed by the recipient. The recipient can use the issuer and serial number in the SignerInfo structure to search for the necessary certificates. If this parameter isnull
, thecertificates
field will be omitted.crls
- A SET of ASN1Values, which should encode to the ASN1 type CertificateRevocationList. This implementation does not interpret CRLs. If this parameter isnull
, thecrls
field will be omitted.signerInfos
- SignerInfo structures containing signatures of the content. Additional signerInfos can be added with theaddSigner
method. If this parameter isnull
, the field will be initialized with an emptySET
.
-
SignedData
SignedData(INTEGER version, SET digestAlgorithms, EncapsulatedContentInfo contentInfo, SET certificates, SET crls, SET signerInfos) Constructor for creating a SignedData from its encoding.
-
-
Method Details
-
verifyNotNull
-
getVersion
Returns the version of this SignedData. The current version of the spec is version 3. -
getDigestAlgorithmIdentifiers
Returns the digest algorithms used by the signers to digest the signed content. There may be more than one, if different signers use different digesting algorithms. -
getContentInfo
Returns the EncapsulatedContentInfo containing the signed content. The simple case is for the content to be of type data, although any content type can be signed. -
getCertificates
Returns the certificates field, which is a SET of X.509 certificates (org.mozilla.jss.pkix.cert.Certificate). PKCS #6 Extended Certificates are not supported by this implementation. Returnsnull
if this optional field is not present. -
hasCertificates
public boolean hasCertificates()Returns true if thecertificates
field is present. -
getCrls
Returns the crls field, which contains a SET of certificate revocation lists represented by ANYs (org.mozilla.jss.asn1.ANY). -
hasCrls
public boolean hasCrls()Returns true if thecrls
field is present. -
getSignerInfos
Returns the signerInfos field, which is a SET of org.mozilla.jss.pkix.cms.SignerInfo. -
getTag
Description copied from interface:ASN1Value
Returns the base tag for this type, not counting any tags that may be imposed on it by its context. -
encode
Description copied from interface:ASN1Value
Write this value's DER encoding to an output stream using its own base tag.- Specified by:
encode
in interfaceASN1Value
- Parameters:
ostream
- Output stream.- Throws:
IOException
- If an error occurred.
-
encode
Description copied from interface:ASN1Value
Write this value's DER encoding to an output stream using an implicit tag.- Specified by:
encode
in interfaceASN1Value
- Parameters:
tag
- Implicit tag.ostream
- Output stream.- Throws:
IOException
- If an error occurred.
-
getTemplate
-