|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.ibm.security.pkcsutil.PKCSDerObject | +--com.ibm.security.pkcs7.Content | +--com.ibm.security.pkcs7.AuthenticatedData
Implements the ASN.1 AuthenticatedData type.
This definition reflects PKCS #7 version 1.5 specifications with selected enhancements from the Cryptographic Message Syntax (CMS) RFC 2630 specifications.
Only X509Certificate objects are supported for recipient certificates.
AuthenticatedData objects are not immutable; they can be changed once created. After construction of the AuthenticatedData object, users can add additional recipients of the object as well as remove the contents of this object.
Fields inherited from class com.ibm.security.pkcsutil.PKCSDerObject |
provider |
Constructor Summary | |
AuthenticatedData(byte[] der)
Create an AuthenticatedData object with a DER-encoded byte array. |
|
AuthenticatedData(byte[] der,
String provider)
Create an AuthenticatedData object with a DER-encoded byte array. |
|
AuthenticatedData(javax.crypto.SecretKey secretKey,
OriginatorInfo originator,
Certificate[] recipientCerts,
String macAlgorithm,
String digestAlgorithm,
EncapsulatedContentInfo encapsulatedContent,
PKCSAttributes authAttribs,
PKCSAttributes unauthAttribs)
Create an AuthenticatedData object using recipient certificates instead of RecipientInfo objects. |
|
AuthenticatedData(javax.crypto.SecretKey secretKey,
OriginatorInfo originator,
Certificate[] recipientCerts,
String macAlgorithm,
String digestAlgorithm,
EncapsulatedContentInfo encapsulatedContent,
PKCSAttributes authAttribs,
PKCSAttributes unauthAttribs,
String provider)
Create an AuthenticatedData object using recipient certificates instead of RecipientInfo objects. |
|
AuthenticatedData(javax.crypto.SecretKey secretKey,
OriginatorInfo originator,
RecipientInfo[] recipientInfos,
String macAlgorithm,
String digestAlgorithm,
EncapsulatedContentInfo encapsulatedContent,
PKCSAttributes authAttribs,
PKCSAttributes unauthAttribs)
Create an AuthenticatedData object with the specified values that match the ASN.1 definition of AuthenticatedData. |
|
AuthenticatedData(javax.crypto.SecretKey secretKey,
OriginatorInfo originator,
RecipientInfo[] recipientInfos,
String macAlgorithm,
String digestAlgorithm,
EncapsulatedContentInfo encapsulatedContent,
PKCSAttributes authAttribs,
PKCSAttributes unauthAttribs,
String provider)
|
|
AuthenticatedData(String filename,
boolean base64)
Create an AuthenticatedData with the filename of the DER-encoded or BASE64-encoded object. |
|
AuthenticatedData(String filename,
boolean base64,
String provider)
Create an AuthenticatedData with the filename of the DER-encoded or BASE64-encoded object. |
Method Summary | |
void |
addRecipient(Certificate[] certs)
Adds a group of recipients, as identified by their certificates, to the AuthenticatedData object. |
Object |
clone()
Creates a clone of this AuthenticatedData. |
protected void |
decode(com.ibm.security.pkcs7.DerValue encoding)
Initializes an AuthenticatedData object from a DerValue. |
void |
encode(OutputStream os)
Encodes this object to an OutputStream. |
boolean |
equals(Object other)
Determines if this AuthenticatedData object is equivalent to the input object. |
protected void |
finalize()
Ensures that the contentEncryptionKey bytes are nulled out when there are no more references to this object. |
PKCSAttribute |
getAuthAttribute(ObjectIdentifier oid)
Returns a reference to an authenticated attribute from the authenticated attribute set based on an ObjectIdentifier. |
PKCSAttributes |
getAuthAttributes()
Returns a reference to the PKCSAttributes authenticated attributes for this object. |
AlgorithmId |
getDigestAlgorithm()
Returns a copy of the Message Digest AlgorithmId for this object, or null if the Message Digest algorithm has not been set. |
EncapsulatedContentInfo |
getEncapsulatedContent()
Returns a copy of the EncapsulatedContentInfo for this object, or null if the EncapsulatedContentInfo has not been set. |
byte[] |
getMac()
Returns a copy the MAC byte array for this object, or null if the MAC byte array has not been set. |
AlgorithmId |
getMacAlgorithm()
Returns a copy of the MAC algorithm for this object, or null if the MAC algorithm has not been set. |
ObjectIdentifier |
getObjectIdentifier()
Returns a reference to the ObjectIdentifer for the AuthenticateData object. |
OriginatorInfo |
getOriginator()
Returns a copy of the OriginatorInfo for this object, or null if the OriginatorInfo has not been set. |
RecipientInfo[] |
getRecipientInfos()
Returns a copy of the array of recipientInfos for this object, or null if the recipientInfos have not been set. |
PKCSAttribute |
getUnauthAttribute(ObjectIdentifier oid)
Returns a reference to an unauthenticated attribute from the unauthenticated attribute set based on an ObjectIdentifier. |
PKCSAttributes |
getUnauthAttributes()
Returns a reference to the PKCSAttributes unauthenticated attributes for this object. |
BigInteger |
getVersion()
Returns a reference to the version for this object. |
boolean |
hasAuthenticatedAttribute(ObjectIdentifier oid)
Determine if this AuthenticatedData has the authenticated attribute specified by the ObjectIdentifier. |
boolean |
hasUnauthenticatedAttribute(ObjectIdentifier oid)
Determine if this AuthenticatedData has the unauthenticated attribute specified by the ObjectIdentifier. |
void |
removeContent()
Removes the content from the EncapsulatedContentInfo. |
String |
toString()
Returns a string representation of this AuthenticatedData object. |
boolean |
verify(javax.crypto.SecretKey secretKey)
Verify the stored Message Authentication Code (MAC) based on the AuthenticateData values and the specified secret key. |
boolean |
verify(javax.crypto.SecretKey secretKey,
byte[] msg)
Verify the stored Message Authentication Code (MAC) based on the AuthenticateData values and the specified secret key and message byte array. |
Methods inherited from class com.ibm.security.pkcsutil.PKCSDerObject |
decode,
decode,
encode,
hashCode,
read,
readBASE64,
write,
write,
writeBASE64 |
Methods inherited from class java.lang.Object |
getClass,
notify,
notifyAll,
wait,
wait,
wait |
Constructor Detail |
public AuthenticatedData(byte[] der) throws IOException
der
- a DER-encoded byte array of an AuthenticatedData object.public AuthenticatedData(byte[] der, String provider) throws IOException
der
- a DER-encoded byte array of an AuthenticatedData object.provname
- a string containing the name of the provider to usepublic AuthenticatedData(javax.crypto.SecretKey secretKey, OriginatorInfo originator, RecipientInfo[] recipientInfos, String macAlgorithm, String digestAlgorithm, EncapsulatedContentInfo encapsulatedContent, PKCSAttributes authAttribs, PKCSAttributes unauthAttribs) throws IOException, PKCSException, NoSuchAlgorithmException
secretKey
- used in the MAC calculation.originator
- the originator of the AuthenticatedData.recipientInfos
- an array of all the recipients of this
AuthenticatedData.macAlgorithm
- MAC algorithm string.digestAlgorithm
- Message Digest algorithm string.encapsulatedContent
- EncapsulatedContentInfo on which to apply
the MAC.authAttrs
- authenticated attribute set.unauthAttrs
- unauthenticated attribute set.public AuthenticatedData(javax.crypto.SecretKey secretKey, OriginatorInfo originator, RecipientInfo[] recipientInfos, String macAlgorithm, String digestAlgorithm, EncapsulatedContentInfo encapsulatedContent, PKCSAttributes authAttribs, PKCSAttributes unauthAttribs, String provider) throws IOException, PKCSException, NoSuchAlgorithmException
secretKey
- used in the MAC calculation.originator
- the originator of the AuthenticatedData.recipientInfos
- an array of all the recipients of this
AuthenticatedData.macAlgorithm
- MAC algorithm string.digestAlgorithm
- Message Digest algorithm string.encapsulatedContent
- EncapsulatedContentInfo on which to apply
the MAC.authAttrs
- authenticated attribute set.unauthAttrs
- unauthenticated attribute set.provname
- the name of the provider to usepublic AuthenticatedData(javax.crypto.SecretKey secretKey, OriginatorInfo originator, Certificate[] recipientCerts, String macAlgorithm, String digestAlgorithm, EncapsulatedContentInfo encapsulatedContent, PKCSAttributes authAttribs, PKCSAttributes unauthAttribs) throws IOException, PKCSException, NoSuchAlgorithmException
secretKey
- used in the MAC calculation.originator
- the originator of the AuthenticatedData.recipientCerts
- array of all the recipient certificates of this
AuthenticatedData.macAlgorithm
- MAC algorithm string.digestAlgorithm
- Message Digest algorithm string.encapsulatedContent
- EncapsulatedContentInfo on which to apply
the MAC.authAttrs
- authenticated attribute set.unauthAttrs
- unauthenticated attribute set.public AuthenticatedData(javax.crypto.SecretKey secretKey, OriginatorInfo originator, Certificate[] recipientCerts, String macAlgorithm, String digestAlgorithm, EncapsulatedContentInfo encapsulatedContent, PKCSAttributes authAttribs, PKCSAttributes unauthAttribs, String provider) throws IOException, PKCSException, NoSuchAlgorithmException
secretKey
- used in the MAC calculation.originator
- the originator of the AuthenticatedData.recipientCerts
- array of all the recipient certificates of this
AuthenticatedData.macAlgorithm
- MAC algorithm string.digestAlgorithm
- Message Digest algorithm string.encapsulatedContent
- EncapsulatedContentInfo on which to apply
the MAC.authAttrs
- authenticated attribute set.unauthAttrs
- unauthenticated attribute set.provname
- the name of the java security provider to usepublic AuthenticatedData(String filename, boolean base64) throws IOException
filename
- name of the DER-encoded or base64-encoded objectbase64
- true if BASE64-encoded, false if DER-encodedpublic AuthenticatedData(String filename, boolean base64, String provider) throws IOException
filename
- name of the DER-encoded or base64-encoded objectbase64
- true if BASE64-encoded, false if DER-encodedprovname
- the name of the java security provider to useMethod Detail |
public Object clone()
public void addRecipient(Certificate[] certs) throws PKCSException, IOException
certs
- the X509Certificates representing the recipients to add.public boolean verify(javax.crypto.SecretKey secretKey) throws PKCSException, IOException
secretKey
- used in the MAC calculation.public boolean verify(javax.crypto.SecretKey secretKey, byte[] msg) throws IOException, PKCSException
This method allows callers to verify a detached mac, where the contents is not part of the AuthenticatedData object.
secretKey
- used in the MAC calculation.msg
- byte array to compute the message digest comparision.
If not specified, this method will use the content stored
in the EncapsulatedContentInfo to independently compute
the message digest.public void removeContent() throws IOException
public ObjectIdentifier getObjectIdentifier()
public BigInteger getVersion()
public OriginatorInfo getOriginator()
public RecipientInfo[] getRecipientInfos()
public AlgorithmId getMacAlgorithm() throws IOException
public AlgorithmId getDigestAlgorithm() throws IOException
public EncapsulatedContentInfo getEncapsulatedContent()
public byte[] getMac()
public PKCSAttributes getAuthAttributes()
public PKCSAttributes getUnauthAttributes()
public void encode(OutputStream os) throws IOException
os
- the OutputStream to write the encoded data to.protected void decode(com.ibm.security.pkcs7.DerValue encoding) throws IOException
encoding
- a DER-encoded AuthenticatedData object.public boolean equals(Object other)
other
- the object to compare this one to.public PKCSAttribute getAuthAttribute(ObjectIdentifier oid)
oid
- ObjectIdentifier to matchpublic PKCSAttribute getUnauthAttribute(ObjectIdentifier oid)
oid
- ObjectIdentifier to matchpublic boolean hasAuthenticatedAttribute(ObjectIdentifier oid)
oid
- ObjectIdentifier to matchpublic boolean hasUnauthenticatedAttribute(ObjectIdentifier oid)
oid
- ObjectIdentifier to matchpublic String toString()
protected void finalize()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |