gnu.java.security.pkcs

Class PKCS7SignedData


public class PKCS7SignedData
extends Object

The SignedData object in PKCS #7. This is a read-only implementation of this format, and is used to provide signed Jar file support.

Field Summary

static OID
PKCS7_DATA
static OID
PKCS7_SIGNED_DATA

Constructor Summary

PKCS7SignedData(BERReader ber)
Parse an encoded PKCS#7 SignedData object.
PKCS7SignedData(InputStream in)

Method Summary

Certificate[]
getCertificates()
byte[]
getContent()
OID
getContentType()
Set
getDigestAlgorithms()
Set
getSignerInfos()
BigInteger
getVersion()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

PKCS7_DATA

public static final OID PKCS7_DATA

PKCS7_SIGNED_DATA

public static final OID PKCS7_SIGNED_DATA

Constructor Details

PKCS7SignedData

public PKCS7SignedData(BERReader ber)
            throws CRLException,
                   CertificateException,
                   IOException
Parse an encoded PKCS#7 SignedData object. The ASN.1 format of this object is:
 SignedData ::= SEQUENCE {
   version Version,
   digestAlgorithms DigestAlgorithmIdentifiers,
   contentInfo ContentInfo,
   certificates
     [0] IMPLICIT ExtendedCertificatesAndCertificates OPTIONAL,
   crls
     [1] IMPLICIT CertificateRevocationLists OPTIONAL,
   signerInfos SignerInfos }

 Version ::= INTEGER

 DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier

 DigestAlgorithmIdentifier ::= AlgorithmIdentifier

 ContentInfo ::= SEQUENCE {
   contentType ContentType,
   content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }

 ContentType ::= OBJECT IDENTIFIER

 ExtendedCertificatesAndCertificates ::=
   SET OF ExtendedCertificatesAndCertificate

 ExtendedCertificatesAndCertificate ::= CHOICE {
   certificate Certificate, -- from X.509
   extendedCertificate [0] IMPLICIT ExtendedCertificate }

 CertificateRevocationLists ::= SET OF CertificateRevocationList
   -- from X.509

 SignerInfos ::= SET OF SignerInfo

 SignerInfo ::= SEQUENCE {
   version Version,
   issuerAndSerialNumber IssuerAndSerialNumber,
   digestAlgorithm DigestAlgorithmIdentifier,
   authenticatedAttributes
     [0] IMPLICIT Attributes OPTIONAL,
   digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
   encryptedDigest EncryptedDigest,
   unauthenticatedAttributes
     [1] IMPLICIT Attributes OPTIONAL }

 EncryptedDigest ::= OCTET STRING
 

(Readers who are confused as to why it takes 40 levels of indirection to specify "data with a signature", rest assured that the present author is as confused as you are).


PKCS7SignedData

public PKCS7SignedData(InputStream in)
            throws CRLException,
                   CertificateException,
                   IOException

Method Details

getCertificates

public Certificate[] getCertificates()

getContent

public byte[] getContent()

getContentType

public OID getContentType()

getDigestAlgorithms

public Set getDigestAlgorithms()

getSignerInfos

public Set getSignerInfos()

getVersion

public BigInteger getVersion()

PKCS7SignedData.java -- reader for PKCS#7 signedData objects Copyright (C) 2004, 2005 Free Software Foundation, Inc. This file is part of GNU Classpath. GNU Classpath is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. GNU Classpath is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GNU Classpath; see the file COPYING. If not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Linking this library statically or dynamically with other modules is making a combined work based on this library. Thus, the terms and conditions of the GNU General Public License cover the whole combination. As a special exception, the copyright holders of this library give you permission to link this library with independent modules to produce an executable, regardless of the license terms of these independent modules, and to copy and distribute the resulting executable under terms of your choice, provided that you also meet, for each linked independent module, the terms and conditions of the license of that module. An independent module is a module which is not derived from or based on this library. If you modify this library, you may extend this exception to your version of the library, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.