org.mozilla.jss.pkix.cms
Class SignedData
java.lang.Object
org.mozilla.jss.pkix.cms.SignedData
- ASN1Value
public class SignedData
extends java.lang.Object
A CMS
SignedData structure.
The certificates field should only contain X.509 certificates.
PKCS #6 extended certificates will fail to decode properly.
SignedData
public SignedData(SET digestAlgorithms,
EncapsulatedContentInfo contentInfo,
SET certificates,
SET crls,
SET signerInfos)
Create a SignedData ASN1 object. Both certificates and crls
are optional. If you pass in a null for either value, that
parameter will not get written in the sequence.
digestAlgorithms
- A SET of zero or more
algorithm identifiers. The purpose of this item is to list
the digest algorithms used by the various signers to digest
the signed content. This field will also be updated by
the addSigner
method. If all the signers are added
with addSigner
, it is not necessary to list
the digest algorithms here.
If null
is passed in, the
digestAlgorithms
field will be initialized
with an empty SET
.contentInfo
- The content that is being signed. This parameter
may not be null
. However, the content
field of the contentInfo may be omitted, in which case the
signatures contained in the SignerInfo
structures
are presumed to be on externally-supplied data.certificates
- A SET of org.mozilla.jss.pkix.cert.Certificate,
the certificates
containing the public keys used to sign the content. It may
also contain elements of the CA chain extending from the leaf
certificates. It is not necessary to include the CA chain, or
indeed to include any certificates, if the certificates are
expected to already be possessed by the recipient. The recipient
can use the issuer and serial number in the SignerInfo structure
to search for the necessary certificates. If this parameter is
null
, the certificates
field will be
omitted.crls
- A SET of ASN1Values, which should encode to the ASN1 type
CertificateRevocationList. This implementation does
not interpret crls. If this parameter is null
,
the crls
field will be omitted.signerInfos
- SignerInfo structures containing signatures
of the content. Additional signerInfos can be added with
the addSigner
method. If this parameter is
null
, the field will be initialized with an
empty SET
.
encode
public void encode(OutputStream ostream)
throws IOException
- encode in interface ASN1Value
encode
public void encode(Tag tag,
OutputStream ostream)
throws IOException
- encode in interface ASN1Value
getCertificates
public SET getCertificates()
Returns the certificates field, which is a SET of
X.509 certificates (org.mozilla.jss.pkix.cert.Certificate).
PKCS #6 Extended Certificates are not supported by this implementation.
Returns null
if this optional field is not present.
getContentInfo
public EncapsulatedContentInfo getContentInfo()
Returns the EncapsulatedContentInfo containing the signed content. The simple
case is for the content to be of type data, although any
content type can be signed.
getCrls
public SET getCrls()
Returns the crls field, which contains a SET of certificate
revocation lists represented by ANYs (org.mozilla.jss.asn1.ANY).
getDigestAlgorithmIdentifiers
public SET getDigestAlgorithmIdentifiers()
Returns the digest algorithms used by the signers to digest the
signed content. There may be more than one, if different signers
use different digesting algorithms.
getSignerInfos
public SET getSignerInfos()
Returns the signerInfos field, which is a SET of
org.mozilla.jss.pkcs7.SignerInfo.
getVersion
public INTEGER getVersion()
Returns the version of this SignedData. The current version of the
spec is version 3.
hasCertificates
public boolean hasCertificates()
Returns true if the certificates
field is present.
hasCrls
public boolean hasCrls()
Returns true if the crls
field is present.