|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
com.ibm.security.pkcs7.SignerInfo
Implements the ASN.1 SignerInfo type. This class contains the signer's certificate information, for example, the issuer ID and serial number assigned to the certificate issuer, the hash algorithm ID and the signature. It is mainly used in SignedData to encapsulate information for a particular signer.
If SignerInfo is created by the SignedData object without a signature only specification, the SignerInfo object will include the following signed attributes:
This definition reflects PKCS #7 version 1.5 specifications with selected enhancements from the Cryptographic Message Syntax (CMS) RFC 2630 specifications.
SignerInfo objects are immutable; they cannot be changed once created.
Constructor Summary | |
SignerInfo(byte[] der)
Create a SignerInfo object with a DER-encoded byte array. |
|
SignerInfo(byte[] der,
String provider)
Create a SignerInfo object with a DER-encoded byte array. |
|
SignerInfo(Certificate cert,
ContentInfo contentInfo,
String digestSignatureAlgorithm,
PrivateKey privateKey,
PKCSAttributes signedAttrs,
PKCSAttributes unsignedAttrs)
Create a SignerInfo object with the specified certificate, contentInfo, message digest algorithm, signature algorithm, and private key and derive a signature value from the contentInfo. |
|
SignerInfo(Certificate cert,
ContentInfo contentInfo,
String digestSignatureAlgorithm,
PrivateKey privateKey,
PKCSAttributes signedAttrs,
PKCSAttributes unsignedAttrs,
String provider)
Create a SignerInfo object with the specified certificate, contentInfo, message digest algorithm, signature algorithm, and private key and derive a signature value from the contentInfo. |
|
SignerInfo(SignerIdentifier sid,
ContentInfo contentInfo,
String digestSignatureAlgorithm,
PrivateKey privateKey,
PKCSAttributes signedAttrs,
PKCSAttributes unsignedAttrs)
Create a SignerInfo object with the specified certificate, contentInfo, message digest algorithm, signature algorithm, and private key and derive a signature value from the contentInfo. |
|
SignerInfo(SignerIdentifier sid,
ContentInfo contentInfo,
String digestSignatureAlgorithm,
PrivateKey privateKey,
PKCSAttributes signedAttrs,
PKCSAttributes unsignedAttrs,
String provider)
Create a SignerInfo object with the specified certificate, contentInfo, message digest algorithm, signature algorithm, and private key and derive a signature value from the contentInfo. |
|
SignerInfo(String filename,
boolean base64)
Create a SignerInfo with the filename of the DER-encoded or BASE64-encoded object. |
|
SignerInfo(String filename,
boolean base64,
String provider)
Create a SignerInfo with the filename of the DER-encoded or BASE64-encoded object. |
Method Summary | |
Object |
clone()
Creates a clone of this SignerInfo object. |
boolean |
compareDigest(byte[] msg)
Compares the message digest computed from the message byte array with the message digest stored with the SignerInfo object. |
protected void |
decode(com.ibm.security.pkcs7.DerValue encoding)
Initializes an SignerInfo object from a DerValue. |
void |
derEncode(OutputStream out)
DER encode this object onto an output stream. |
void |
encode(OutputStream os)
Encodes this object to an OutputStream. |
boolean |
equals(Object other)
Determines if this SignerInfo object is equivalent to the input object. |
AlgorithmId |
getDigestAlgorithm()
Returns a copy of the message digest AlgorithmId for this object. |
byte[] |
getMessageDigest()
Returns a copy of the message digest byte array stored with the MessageDigest signed attribute. |
byte[] |
getSignature()
Returns a copy of the signature byte array for this object. |
AlgorithmId |
getSignatureAlgorithm()
Returns a copy of the signature algorithm for this object. |
PKCSAttribute |
getSignedAttribute(ObjectIdentifier oid)
Returns a reference to the signed attribute from the signed attribute set based on an ObjectIdentifier. |
PKCSAttributes |
getSignedAttributes()
Returns a reference to the PKCSAttributes signed attributes for this object. |
SignerIdentifier |
getSignerIdentifier()
Returns a copy of the SignerIdentifier for this object. |
SigningTime |
getSigningTime()
Retrieve the SigningTime attribute from the set of signed attributes. |
PKCSAttribute |
getUnsignedAttribute(ObjectIdentifier oid)
Returns a reference to the unsigned attribute from the unsigned attribute set based on an ObjectIdentifier. |
PKCSAttributes |
getUnsignedAttributes()
Returns a reference to the PKCSAttributes unsigned attributes for this object. |
BigInteger |
getVersion()
Returns a reference to the version for this object. |
boolean |
hasCertificate(Certificate cert)
Determine if the SignerInfo object contains the specified certificate. |
boolean |
hasIssuer(IssuerAndSerialNumber issuer)
Determine if the SignerInfo object contains the specified IssuerAndSerialNumber. |
boolean |
hasSignedAttribute(ObjectIdentifier oid)
Determine if SignerInfo has the signed attribute specified by the ObjectIdentifier. |
boolean |
hasSignedAttributes()
Check if SignerInfo has any signed attributes. |
boolean |
hasUnsignedAttributes()
Check if SignerInfo has any unsigned attributes. |
String |
toString()
Returns a string representation of this SignerInfo object. |
boolean |
verify(Certificate cert,
byte[] msg)
Verify the message digest stored in the SignerInfo object with the specified original byte array and the public key contained in the specified certificate. |
boolean |
verify(PublicKey publicKey,
byte[] msg)
Verify the message digest stored in the SignerInfo object with the specified original byte array and the public key. |
Constructor Detail |
public SignerInfo(byte[] der) throws IOException
der
- a DER-encoded byte array of a SignerInfo object.public SignerInfo(byte[] der, String provider) throws IOException
der
- a DER-encoded byte array of a SignerInfo object.provider
- the name of the java security provider to usepublic SignerInfo(SignerIdentifier sid, ContentInfo contentInfo, String digestSignatureAlgorithm, PrivateKey privateKey, PKCSAttributes signedAttrs, PKCSAttributes unsignedAttrs) throws PKCSException, IOException, NoSuchAlgorithmException, NoSuchProviderException
sid
- - SignerIdentifiercontentInfo
- ContentInfo to signdigestSignatureAlgorithm
- signature algorithm, such as "SHA1withRSA"privateKey
- signer private keysignedAttrs
- PKCSAttributesunsignedAttrs
- PKCSAttributespublic SignerInfo(SignerIdentifier sid, ContentInfo contentInfo, String digestSignatureAlgorithm, PrivateKey privateKey, PKCSAttributes signedAttrs, PKCSAttributes unsignedAttrs, String provider) throws PKCSException, IOException, NoSuchAlgorithmException, NoSuchProviderException
sid
- - SignerIdentifiercontentInfo
- ContentInfo to signdigestSignatureAlgorithm
- signature algorithm, such as "SHA1withRSA"privateKey
- signer private keysignedAttrs
- PKCSAttributesunsignedAttrs
- PKCSAttributesprovider
- the name of the java security provider to usepublic SignerInfo(Certificate cert, ContentInfo contentInfo, String digestSignatureAlgorithm, PrivateKey privateKey, PKCSAttributes signedAttrs, PKCSAttributes unsignedAttrs) throws PKCSException, IOException, NoSuchAlgorithmException
cert
- signer certificatecontentInfo
- ContentInfo to signdigestSignatureAlgorithm
- message digest and signature algorithm, such as "SHA1withDSA"privateKey
- signer private keypublic SignerInfo(Certificate cert, ContentInfo contentInfo, String digestSignatureAlgorithm, PrivateKey privateKey, PKCSAttributes signedAttrs, PKCSAttributes unsignedAttrs, String provider) throws PKCSException, IOException, NoSuchAlgorithmException
cert
- signer certificatecontentInfo
- ContentInfo to signdigestSignatureAlgorithm
- message digest and signature algorithm, such as "SHA1withDSA"privateKey
- signer private keyprovider
- the name of the java security provider to usepublic SignerInfo(String filename, boolean base64) throws IOException
filename
- name of the DER-encoded or base64-encoded objectbase64
- true if BASE64-encoded, false if DER-encodedpublic SignerInfo(String filename, boolean base64, String provider) throws IOException
filename
- name of the DER-encoded or base64-encoded objectbase64
- true if BASE64-encoded, false if DER-encodedprovider
- the name of the java security provider to useMethod Detail |
public Object clone()
public SigningTime getSigningTime()
public boolean verify(Certificate cert, byte[] msg) throws PKCSException, IOException, NoSuchAlgorithmException
cert
- signer certificatemsg
- byte array to compute the message digest comparisionpublic boolean verify(PublicKey publicKey, byte[] msg) throws PKCSException, IOException, NoSuchAlgorithmException
public
- key signer public keymsg
- byte array to compute the message digest comparisionpublic boolean compareDigest(byte[] msg) throws IOException
msg
- byte array to compute the message digest comparisionpublic byte[] getMessageDigest() throws IOException
public PKCSAttribute getSignedAttribute(ObjectIdentifier oid)
oid
- ObjectIdentifier to matchpublic PKCSAttribute getUnsignedAttribute(ObjectIdentifier oid)
oid
- ObjectIdentifier to matchpublic boolean hasSignedAttribute(ObjectIdentifier oid)
oid
- ObjectIdentifier to matchpublic boolean hasCertificate(Certificate cert) throws IOException
Return true if the certificate X500Name and serial number are equal to the IssuerAndSerialNumber value stored with the SignerIdentifier attribute on this SignerInfo object. Return false, otherwise.
cert
- certificate to matchpublic boolean hasIssuer(IssuerAndSerialNumber issuer) throws IOException
Return true if the specified IssuerAndSerialNumber is equal to the IssuerAndSerialNumber value stored with the SignerInfo. Return false, otherwise.
issuer
- IssuerAndSerialNumber to matchpublic void derEncode(OutputStream out) throws IOException
DerEncoder
interface.out
- the OutputStream on which to write the DER encoding.public void encode(OutputStream os) throws IOException
os
- the OutputStream to write the encoded data to.protected void decode(com.ibm.security.pkcs7.DerValue encoding) throws IOException
encoding
- a DER-encoded SignerInfo object.public boolean equals(Object other)
other
- the object to compare this one to.public String toString()
public boolean hasSignedAttributes()
public boolean hasUnsignedAttributes()
public BigInteger getVersion()
public SignerIdentifier getSignerIdentifier()
public AlgorithmId getDigestAlgorithm() throws IOException
public PKCSAttributes getSignedAttributes()
public PKCSAttributes getUnsignedAttributes()
public AlgorithmId getSignatureAlgorithm() throws IOException
public byte[] getSignature()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |