Class PKCS7
java.lang.Object
org.mozilla.jss.netscape.security.pkcs.PKCS7
PKCS7 as defined in RSA Laboratories PKCS7 Technical Note. Profile
Supports only
SignedData
ContentInfo
type, where to the type of data signed is plain Data.
For signedData, crls
, attributes
and
PKCS#6 Extended Certificates are not supported.- Version:
- 1.33 97/12/10
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate X509Certificate[]
private ContentInfo
private ObjectIdentifier
private AlgorithmId[]
static final String
static final String
private SignerInfo[]
private BigInt
-
Constructor Summary
ConstructorsConstructorDescriptionPKCS7
(byte[] bytes) Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes.PKCS7
(InputStream in) Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the InputStream.Unmarshals a PKCS7 block from PEM format.PKCS7
(X509Certificate[] certs) Construct PKCS7 from an array of certificates.PKCS7
(DerInputStream derin) Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the DerInputStream.PKCS7
(AlgorithmId[] digestAlgorithmIds, ContentInfo contentInfo, X509Certificate[] certificates, SignerInfo[] signerInfos) Construct an initialized PKCS7 block. -
Method Summary
Modifier and TypeMethodDescriptionvoid
Encodes the signed data to an output stream.void
encodeSignedData
(OutputStream out, boolean sort) Like method above but not sorted.void
encode signed data, sort certs by default.void
encodeSignedData
(DerOutputStream out, boolean sort) Encodes the signed data to a DerOutputStream.byte[]
getBytes()
getCertificate
(BigInt serial, X500Name name) Returns the X.509 certificate listed in this PKCS7 block which has a matching serial number and Issuer name, or null if one is not found.Returns the X.509 certificates listed in this PKCS7 block.Returns the content information specified in this PKCS7 block.Returns the message digest algorithms specified in this PKCS7 block.Returns the signer's information specified in this PKCS7 block.Returns the version number of this PKCS7 block.private void
parse
(DerInputStream derin) private void
parseSignedData
(DerValue val) toString()
Returns the PKCS7 block in a printable string form.verify()
Returns all signerInfos which self-verify.verify
(byte[] bytes) Returns all signerInfos which self-verify.verify
(SignerInfo info, byte[] bytes) This verifies a given SignerInfo.
-
Field Details
-
HEADER
- See Also:
-
FOOTER
- See Also:
-
contentType
-
version
-
digestAlgorithmIds
-
contentInfo
-
certificates
-
signerInfos
-
-
Constructor Details
-
PKCS7
Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the InputStream.- Parameters:
in
- an input stream holding at least one PKCS7 block.- Throws:
ParsingException
- on parsing errors.IOException
- on other errors.
-
PKCS7
Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the DerInputStream.- Parameters:
derin
- a DerInputStream holding at least one PKCS7 block.- Throws:
ParsingException
- on parsing errors.
-
PKCS7
Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes.- Parameters:
bytes
- the encoded bytes.- Throws:
ParsingException
- on parsing errors.
-
PKCS7
Unmarshals a PKCS7 block from PEM format.- Parameters:
input
- the PKCS7 block in PEM format.- Throws:
ParsingException
- on parsing errors.IOException
-
PKCS7
public PKCS7(AlgorithmId[] digestAlgorithmIds, ContentInfo contentInfo, X509Certificate[] certificates, SignerInfo[] signerInfos) Construct an initialized PKCS7 block.- Parameters:
digestAlgorithmIds
- the message digest algorithm identifiers.contentInfo
- the content information.certificates
- an array of X.509 certificates.signerInfos
- an array of signer information.
-
PKCS7
Construct PKCS7 from an array of certificates.- Parameters:
certs
- Array of certificates.
-
-
Method Details
-
parse
- Throws:
ParsingException
-
parseSignedData
- Throws:
ParsingException
IOException
-
encodeSignedData
Encodes the signed data to an output stream.- Parameters:
out
- the output stream to write the encoded data to.- Throws:
IOException
- on encoding errors.
-
encodeSignedData
Like method above but not sorted.- Throws:
IOException
-
encodeSignedData
encode signed data, sort certs by default.- Throws:
IOException
-
encodeSignedData
Encodes the signed data to a DerOutputStream.- Parameters:
out
- the DerOutputStream to write the encoded data to.- Throws:
IOException
- on encoding errors.
-
verify
public SignerInfo verify(SignerInfo info, byte[] bytes) throws NoSuchAlgorithmException, SignatureException This verifies a given SignerInfo.- Parameters:
info
- the signer information.bytes
- the DER encoded content information.- Throws:
NoSuchAlgorithmException
- on unrecognized algorithms.SignatureException
- on signature handling errors.
-
verify
Returns all signerInfos which self-verify.- Parameters:
bytes
- the DER encoded content information.- Throws:
NoSuchAlgorithmException
- on unrecognized algorithms.SignatureException
- on signature handling errors.
-
verify
Returns all signerInfos which self-verify.- Throws:
NoSuchAlgorithmException
- on unrecognized algorithms.SignatureException
- on signature handling errors.
-
getVersion
Returns the version number of this PKCS7 block. -
getDigestAlgorithmIds
Returns the message digest algorithms specified in this PKCS7 block. -
getContentInfo
Returns the content information specified in this PKCS7 block. -
getCertificates
Returns the X.509 certificates listed in this PKCS7 block. -
getSignerInfos
Returns the signer's information specified in this PKCS7 block. -
getCertificate
Returns the X.509 certificate listed in this PKCS7 block which has a matching serial number and Issuer name, or null if one is not found.- Parameters:
serial
- the serial number of the certificate to retrieve.name
- the Distinguished Name of the Issuer.
-
getBytes
- Throws:
IOException
-
toPEMString
- Throws:
IOException
-
toString
Returns the PKCS7 block in a printable string form.
-