|
JSS 3.1.1 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--org.mozilla.jss.pkcs7.SignerInfo
A PKCS #7 SignerInfo.
Inner Class Summary | |
static class |
SignerInfo.Template
A template for decoding a SignerInfo blob |
Field Summary | |
private SET |
authenticatedAttributes
|
private static OBJECT_IDENTIFIER |
CONTENT_TYPE
|
private AlgorithmIdentifier |
digestAlgorithm
|
private AlgorithmIdentifier |
digestEncryptionAlgorithm
|
private OCTET_STRING |
encryptedDigest
|
private IssuerAndSerialNumber |
issuerAndSerialNumber
|
private static OBJECT_IDENTIFIER |
MESSAGE_DIGEST
|
private static Tag |
TAG
|
private static SignerInfo.Template |
templateInstance
|
private SET |
unauthenticatedAttributes
|
private INTEGER |
version
|
private static INTEGER |
VERSION
|
Constructor Summary | |
(package private) |
SignerInfo(INTEGER version,
IssuerAndSerialNumber issuerAndSerialNumber,
AlgorithmIdentifier digestAlgorithm,
SET authenticatedAttributes,
AlgorithmIdentifier digestEncryptionAlgorithm,
byte[] encryptedDigest,
SET unauthenticatedAttributes)
A constructor for creating a new SignerInfo from its decoding. |
|
SignerInfo(IssuerAndSerialNumber issuerAndSerialNumber,
SET authenticatedAttributes,
SET unauthenticatedAttributes,
OBJECT_IDENTIFIER contentType,
byte[] messageDigest,
SignatureAlgorithm signingAlg,
PrivateKey signingKey)
A constructor for creating a new SignerInfo from scratch. |
Method Summary | |
private static boolean |
byteArraysAreSame(byte[] left,
byte[] right)
Compares two non-null byte arrays. |
void |
encode(java.io.OutputStream ostream)
Write this value's DER encoding to an output stream using its own base tag. |
void |
encode(Tag tag,
java.io.OutputStream ostream)
Write this value's DER encoding to an output stream using an implicit tag. |
SET |
getAuthenticatedAttributes()
Retrieves the authenticated attributes, if they exist. |
DigestAlgorithm |
getDigestAlgorithm()
Retrieves the DigestAlgorithm used in this SignerInfo. |
AlgorithmIdentifier |
getDigestAlgorithmIdentifer()
Retrieves the DigestAlgorithmIdentifier used in this SignerInfo. |
SignatureAlgorithm |
getDigestEncryptionAlgorithm()
Returns the raw signature (digest encryption) algorithm used in this SignerInfo. |
AlgorithmIdentifier |
getDigestEncryptionAlgorithmIdentifier()
Returns the DigestEncryptionAlgorithmIdentifier used in this SignerInfo. |
byte[] |
getEncryptedDigest()
Retrieves the encrypted digest. |
IssuerAndSerialNumber |
getIssuerAndSerialNumber()
Retrieves the issuer and serial number of the certificate whose private key was used to sign the SignerInfo. |
Tag |
getTag()
Returns the base tag for this type, not counting any tags that may be imposed on it by its context. |
static SignerInfo.Template |
getTemplate()
|
SET |
getUnauthenticatedAttributes()
Retrieves the unauthenticated attributes, if they exist. |
INTEGER |
getVersion()
Retrieves the version number of this SignerInfo. |
boolean |
hasAuthenticatedAttributes()
Returns true if the authenticatedAttributes field is present. |
boolean |
hasUnauthenticatedAttributes()
Returns true if the unauthenticatedAttributes field is present. |
void |
verify(byte[] messageDigest,
OBJECT_IDENTIFIER contentType)
Verifies that this SignerInfo contains a valid signature of the given message digest. |
void |
verify(byte[] messageDigest,
OBJECT_IDENTIFIER contentType,
java.security.PublicKey pubkey)
Verifies that this SignerInfo contains a valid signature of the given message digest. |
private void |
verifyWithAuthenticatedAttributes(byte[] messageDigest,
OBJECT_IDENTIFIER contentType,
java.security.PublicKey pubkey)
Verifies a SignerInfo with authenticated attributes. |
private void |
verifyWithoutAuthenticatedAttributes(byte[] messageDigest,
OBJECT_IDENTIFIER contentType,
java.security.PublicKey pubkey)
Verifies that the message digest passed in, when encrypted with the given public key, matches the encrypted digest in the SignerInfo. |
Methods inherited from class java.lang.Object |
|
Field Detail |
private static final OBJECT_IDENTIFIER CONTENT_TYPE
private static final OBJECT_IDENTIFIER MESSAGE_DIGEST
private INTEGER version
private IssuerAndSerialNumber issuerAndSerialNumber
private AlgorithmIdentifier digestAlgorithm
private SET authenticatedAttributes
private AlgorithmIdentifier digestEncryptionAlgorithm
private OCTET_STRING encryptedDigest
private SET unauthenticatedAttributes
private static final INTEGER VERSION
private static final Tag TAG
private static SignerInfo.Template templateInstance
Constructor Detail |
public SignerInfo(IssuerAndSerialNumber issuerAndSerialNumber, SET authenticatedAttributes, SET unauthenticatedAttributes, OBJECT_IDENTIFIER contentType, byte[] messageDigest, SignatureAlgorithm signingAlg, PrivateKey signingKey) throws java.security.InvalidKeyException, java.security.NoSuchAlgorithmException, CryptoManager.NotInitializedException, java.security.SignatureException, TokenException
issuerAndSerialNumber
- The issuer and serial number of the
certificate from which the public key was extracted to create
this SignerInfo.signingAlg
- The algorithm to be used to sign the content.
This should be a composite algorithm, such as
RSASignatureWithMD5Digest, instead of a raw algorithm, such as
RSASignature.
Note that the digest portion of this algorithm must be the same
algorithm as was used to digest the message content.authenticatedAttributes
- An optional set of Attributes, which
will be signed along with the message content. This parameter may
be null, or the SET may be empty. DO NOT insert
the PKCS #9 content-type or message-digest attributes. They will
be added automatically if they are necessary.unauthenticatedAttributes
- An optional set of Attributes, which
will be included in the SignerInfo but not signed. This parameter
may be null, or the SET may be empty.messageDigest
- The digest of the message contents. The digest
must have been created with the digest algorithm specified by
the signingAlg parameter.contentType
- The type of the ContentInfo that is being signed.
If it is not data
, then the PKCS #9 attributes
content-type and message-digest will be automatically computed and
added to the authenticated attributes.SignerInfo(INTEGER version, IssuerAndSerialNumber issuerAndSerialNumber, AlgorithmIdentifier digestAlgorithm, SET authenticatedAttributes, AlgorithmIdentifier digestEncryptionAlgorithm, byte[] encryptedDigest, SET unauthenticatedAttributes)
Method Detail |
public INTEGER getVersion()
public IssuerAndSerialNumber getIssuerAndSerialNumber()
public DigestAlgorithm getDigestAlgorithm() throws java.security.NoSuchAlgorithmException
NoSuchAlgorithm
- If the algorithm is not recognized by JSS.public AlgorithmIdentifier getDigestAlgorithmIdentifer()
public SET getAuthenticatedAttributes()
public boolean hasAuthenticatedAttributes()
public SignatureAlgorithm getDigestEncryptionAlgorithm() throws java.security.NoSuchAlgorithmException
java.security.NoSuchAlgorithmException
- If the algorithm is not recognized
by JSS.public AlgorithmIdentifier getDigestEncryptionAlgorithmIdentifier()
public byte[] getEncryptedDigest()
public SET getUnauthenticatedAttributes()
public boolean hasUnauthenticatedAttributes()
public void verify(byte[] messageDigest, OBJECT_IDENTIFIER contentType) throws CryptoManager.NotInitializedException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, TokenException, java.security.SignatureException, ObjectNotFoundException
Note that this does not verify the validity of the the certificate itself, only the signature.
messageDigest
- The hash of the content that is signed by this
SignerInfo.contentType
- The type of the content that is signed by this
SignerInfo.pubkey
- The public key to use to verify the signature.NoSuchObjectException
- If no certificate matching the
the issuer name and serial number can be found.public void verify(byte[] messageDigest, OBJECT_IDENTIFIER contentType, java.security.PublicKey pubkey) throws CryptoManager.NotInitializedException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, TokenException, java.security.SignatureException
messageDigest
- The hash of the content that is signed by this
SignerInfo.contentType
- The type of the content that is signed by this
SignerInfo.pubkey
- The public key to use to verify the signature.private void verifyWithoutAuthenticatedAttributes(byte[] messageDigest, OBJECT_IDENTIFIER contentType, java.security.PublicKey pubkey) throws CryptoManager.NotInitializedException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, TokenException, java.security.SignatureException
private void verifyWithAuthenticatedAttributes(byte[] messageDigest, OBJECT_IDENTIFIER contentType, java.security.PublicKey pubkey) throws CryptoManager.NotInitializedException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, TokenException, java.security.SignatureException
private static boolean byteArraysAreSame(byte[] left, byte[] right)
public Tag getTag()
ASN1Value
getTag
in interface ASN1Value
public void encode(java.io.OutputStream ostream) throws java.io.IOException
ASN1Value
encode
in interface ASN1Value
public void encode(Tag tag, java.io.OutputStream ostream) throws java.io.IOException
ASN1Value
encode
in interface ASN1Value
public static SignerInfo.Template getTemplate()
|
JSS 3.1.1 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |