com.ibm.security.pkcs7
Class SignedAndEnvelopedData

java.lang.Object
  |
  +--com.ibm.security.pkcsutil.PKCSDerObject
        |
        +--com.ibm.security.pkcs7.Content
              |
              +--com.ibm.security.pkcs7.SignedAndEnvelopedData

public final class SignedAndEnvelopedData
extends Content
implements Cloneable

Implements the ASN.1 SignedAndEnvelopedData type.

SignedAndEnvelopedData ::= SEQUENCE { version Version, recipientInfos RecipientInfos, digestAlgorithms DigestAlgorithmIdentifiers, encryptedContentInfo EncryptedContentInfo, certificates [0] IMPLICIT ExtendedCertificatesAndCertificates OPTIONAL, crls [1] IMPLICIT CertificateRevocationLists OPTIONAL, signerInfos SignerInfos }

Only X509Certificate and X509CRL objects are supported for certificates and crls respectively.

SignedAndEnvelopedData is no longer part of the RFC 2630 specifications. This class is included in this package for backwards compatibility. The PKCS #7 version 1.5 specifications indicate that the sequential combination of the SignedData and EnvelopedData content types is generally preferred over the use of the SignedAndEnvelopedData content type.

SignedAndEnvelopedData objects are immutable; they cannot be changed once created.

See Also:
SignedData, EnvelopedData

Fields inherited from class com.ibm.security.pkcsutil.PKCSDerObject
provider
 
Constructor Summary
SignedAndEnvelopedData(byte[] der)
          Create a SignedAndEnvelopedData object with a DER-encoded byte array.
SignedAndEnvelopedData(byte[] der, String provider)
          Create a SignedAndEnvelopedData object with a DER-encoded byte array.
SignedAndEnvelopedData(RecipientInfo[] recipientInfos, AlgorithmId[] digestAlgorithms, EncryptedContentInfo encryptedContentInfo, X509Certificate[] certsIn, X509CRL[] crlsIn, SignerInfo[] signersIn)
          Create a SignedAndEnvelopedData object with specified values.
SignedAndEnvelopedData(RecipientInfo[] recipientInfos, AlgorithmId[] digestAlgorithms, EncryptedContentInfo encryptedContentInfo, X509Certificate[] certsIn, X509CRL[] crlsIn, SignerInfo[] signersIn, String provider)
          Create a SignedAndEnvelopedData object with specified values.
SignedAndEnvelopedData(String filename, boolean base64)
          Create a SignedAndEnvelopedData with the filename of the DER-encoded or BASE64-encoded object.
SignedAndEnvelopedData(String filename, boolean base64, String provider)
          Create a SignedAndEnvelopedData with the filename of the DER-encoded or BASE64-encoded object.
 
Method Summary
 Object clone()
          Creates a clone of this SignedAndEnvelopedData object.
protected  void decode(com.ibm.security.pkcs7.DerValue encoding)
          Initializes a SignedAndEnvelopedData object from a DerValue.
 void encode(OutputStream os)
          DER encode this object to an OutputStream.
 boolean equals(Object other)
          Determines if this SignedAndEnvelopedData object is equivalent to the input object.
 Certificate getCertificate(IssuerAndSerialNumber issuer)
          Retrieve a copy of the Certificate object that matches the specified IssuerAndSerialNumber.
 Certificate[] getCertificates()
          Returns a copy of the set of signing certificates in an array of certificates.
 CRL[] getCRLs()
          Returns a copy of the set of CRLs in an array of CRLs.
 AlgorithmId[] getDigestAlgorithms()
          Returns a copy of the array of message digest algorithms.
 EncryptedContentInfo getEncryptedContentInfo()
          Returns a copy of the EncryptedContentInfo.
 ObjectIdentifier getObjectIdentifier()
          Returns a reference to the ObjectIdentifer for the SignedAndEnvelopedData object.
 RecipientInfo[] getRecipientInfos()
          Returns a copy of the array of RecipientInfo objects.
 SignerInfo getSignerInfo(Certificate cert)
          Retrieve a copy of the SignerInfo object that matches the specified certificate.
 SignerInfo[] getSignerInfos()
          Returns a copy of the array of SignerInfo objects.
 BigInteger getVersion()
          Returns a reference to the version for this object.
 boolean hasCertificate(Certificate cert)
          Determine if this SignedAndEnvelopedData object has the specified certificate.
 String toString()
          Returns a string representation of this SignedAndEnvelopedData object.
 
Methods inherited from class com.ibm.security.pkcsutil.PKCSDerObject
decode, decode, encode, hashCode, read, readBASE64, write, write, writeBASE64
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

SignedAndEnvelopedData

public SignedAndEnvelopedData(byte[] der)
                       throws IOException
Create a SignedAndEnvelopedData object with a DER-encoded byte array.
Parameters:
der - a DER-encoded byte array of a SignerInfo object.
Throws:
IOException - on decoding errors.

SignedAndEnvelopedData

public SignedAndEnvelopedData(byte[] der,
                              String provider)
                       throws IOException
Create a SignedAndEnvelopedData object with a DER-encoded byte array.
Parameters:
der - a DER-encoded byte array of a SignerInfo object.
provider - the name of the java security provider to use.
Throws:
IOException - on decoding errors.

SignedAndEnvelopedData

public SignedAndEnvelopedData(RecipientInfo[] recipientInfos,
                              AlgorithmId[] digestAlgorithms,
                              EncryptedContentInfo encryptedContentInfo,
                              X509Certificate[] certsIn,
                              X509CRL[] crlsIn,
                              SignerInfo[] signersIn)
Create a SignedAndEnvelopedData object with specified values. The version is calculated after the values are assigned.
Parameters:
recipientInfos - array of RecipientInfo objects.
digestAlgorithms - array of message digest AlgorithmId objects.
encryptedContentInfo - EncryptedContentInfo object.
certsIn - array of X509Certificate objects.
crlsIn - array of X509CRL objects.
signersIn - array of SignerInfo objects.

SignedAndEnvelopedData

public SignedAndEnvelopedData(RecipientInfo[] recipientInfos,
                              AlgorithmId[] digestAlgorithms,
                              EncryptedContentInfo encryptedContentInfo,
                              X509Certificate[] certsIn,
                              X509CRL[] crlsIn,
                              SignerInfo[] signersIn,
                              String provider)
Create a SignedAndEnvelopedData object with specified values. The version is calculated after the values are assigned.
Parameters:
recipientInfos - array of RecipientInfo objects.
digestAlgorithms - array of message digest AlgorithmId objects.
encryptedContentInfo - EncryptedContentInfo object.
certsIn - array of X509Certificate objects.
crlsIn - array of X509CRL objects.
signersIn - array of SignerInfo objects.
provider - the name of the java security provider to use.

SignedAndEnvelopedData

public SignedAndEnvelopedData(String filename,
                              boolean base64)
                       throws IOException
Create a SignedAndEnvelopedData with the filename of the DER-encoded or BASE64-encoded object.
Parameters:
filename - name of the DER-encoded or base64-encoded object
base64 - true if BASE64-encoded, false if DER-encoded
Throws:
IOException - on decoding errors.

SignedAndEnvelopedData

public SignedAndEnvelopedData(String filename,
                              boolean base64,
                              String provider)
                       throws IOException
Create a SignedAndEnvelopedData with the filename of the DER-encoded or BASE64-encoded object.
Parameters:
filename - name of the DER-encoded or base64-encoded object
base64 - true if BASE64-encoded, false if DER-encoded
provider - the name of the java security provider to use
Throws:
IOException - on decoding errors.
Method Detail

clone

public Object clone()
Creates a clone of this SignedAndEnvelopedData object.
Overrides:
clone in class Object
Returns:
clone of this SignedAndEnvelopedData object.

getObjectIdentifier

public ObjectIdentifier getObjectIdentifier()
Returns a reference to the ObjectIdentifer for the SignedAndEnvelopedData object.
Overrides:
getObjectIdentifier in class PKCSDerObject
Returns:
an ObjectIdentifer for the SignedAndEnvelopedData object.

getVersion

public BigInteger getVersion()
Returns a reference to the version for this object. BigInteger is an immutable object.
Returns:
the version for this object.

getRecipientInfos

public RecipientInfo[] getRecipientInfos()
Returns a copy of the array of RecipientInfo objects.
Returns:
the array of RecipientInfo objects.

getDigestAlgorithms

public AlgorithmId[] getDigestAlgorithms()
Returns a copy of the array of message digest algorithms.
Returns:
the array of message digest algorithms.

getEncryptedContentInfo

public EncryptedContentInfo getEncryptedContentInfo()
Returns a copy of the EncryptedContentInfo.
Returns:
the EncryptedContentInfo.

getCertificates

public Certificate[] getCertificates()
Returns a copy of the set of signing certificates in an array of certificates. Since the certificates are stored in a set, they may not be returned in the same order as they were added.
Returns:
the array of signing certificates.

getCRLs

public CRL[] getCRLs()
Returns a copy of the set of CRLs in an array of CRLs. Since the CRLs are stored in a set, they may not be returned in the same order as they were added.
Returns:
the array of CRLs.

getSignerInfos

public SignerInfo[] getSignerInfos()
Returns a copy of the array of SignerInfo objects.
Returns:
the array of SignerInfo objects.

getSignerInfo

public SignerInfo getSignerInfo(Certificate cert)
                         throws IOException
Retrieve a copy of the SignerInfo object that matches the specified certificate.
Parameters:
cert - certificate to match on
Throws:
IOException - on search errors.

getCertificate

public Certificate getCertificate(IssuerAndSerialNumber issuer)
                           throws IOException
Retrieve a copy of the Certificate object that matches the specified IssuerAndSerialNumber.
Parameters:
issuer - IssuerAndSerialNumber to match on
Throws:
IOException - on search errors.

hasCertificate

public boolean hasCertificate(Certificate cert)
                       throws IOException
Determine if this SignedAndEnvelopedData object has the specified certificate.
Parameters:
cert - certificate to match on
Returns:
true if this object has the certificate, false otherwise.

encode

public void encode(OutputStream os)
            throws IOException
DER encode this object to an OutputStream.
Overrides:
encode in class PKCSDerObject
Parameters:
os - the OutputStream to write the encoded data to.
Throws:
IOException - on encoding errors.

decode

protected void decode(com.ibm.security.pkcs7.DerValue encoding)
               throws IOException
Initializes a SignedAndEnvelopedData object from a DerValue. The DER encoding must be in the format specified by the SignedAndEnvelopedData ASN.1 notation.
Parameters:
encoding - a DER-encoded SignedAndEnvelopedData object.
Throws:
IOException - on parsing error.

equals

public boolean equals(Object other)
Determines if this SignedAndEnvelopedData object is equivalent to the input object.
Overrides:
equals in class PKCSDerObject
Parameters:
other - the object to compare this one to.
Returns:
true, if the two objects are equivalent, false otherwise.

toString

public String toString()
Returns a string representation of this SignedAndEnvelopedData object.
Overrides:
toString in class Content
Returns:
a string representation of this object.