Oracle Security Developer Tools CMS Java API Reference
10g (10.1.4.0.1)

B28170-01


oracle.security.crypto.cms
Class CMSSignerInfo

java.lang.Object
  extended byoracle.security.crypto.cms.CMSSignerInfo

All Implemented Interfaces:
oracle.security.crypto.asn1.ASN1Object, oracle.security.crypto.util.Streamable

public final class CMSSignerInfo
extends java.lang.Object
implements oracle.security.crypto.asn1.ASN1Object

The CMSSignerInfo represents one signature.

CMSSignerInfo objects are signed at the time they are instantiated. Once created, the only modification that can be made is to add unsigned attributes (which includes countersignatures).


Constructor Summary
CMSSignerInfo(CMSContentInfo contentInfo, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, oracle.security.crypto.core.PrivateKey signerKey, oracle.security.crypto.cert.X509 signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes)
          Creates a CMSSignerInfo object by the computing a signature on the given CMS object together with its attributes.
CMSSignerInfo(CMSContentInfo contentInfo, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, oracle.security.crypto.core.PrivateKey signerKey, oracle.security.crypto.cert.X509 signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes, boolean use64BitSPKI)
          Creates a CMSSignerInfo using the Subject Key Identifier as the signer identifier.
CMSSignerInfo(java.io.InputStream is)
          Creates a CMSSignerInfo by reading from the specified input stream.
CMSSignerInfo(oracle.security.crypto.cert.X500Name issuer, java.math.BigInteger serialNo, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes, byte[] encryptedDigest)
          Creates a CMSSignerInfo using an already computed signature.
CMSSignerInfo(oracle.security.crypto.cert.X509 cert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes, byte[] encryptedDigest)
          Creates a CMSSignerInfo using an already computed signature.

 

Method Summary
 void addUnsignedAttribute(oracle.security.crypto.cert.Attribute attr)
          Add a unsigned attribute.
 boolean equals(java.lang.Object obj)
          Indicates whether some other object is "equal to" this one.
 oracle.security.crypto.cert.AttributeSet getAuthenticatedAttributes()
          Deprecated. As of Phaos CMS 2.0.1, replaced by getSignedAttributes()
 oracle.security.crypto.core.AlgorithmIdentifier getDigestAlgID()
          Returns the digest algorithm.
 oracle.security.crypto.core.AlgorithmIdentifier getDigestEncryptionAlgID()
          Returns the signature algorithm.
 byte[] getEncryptedDigest()
          Returns the encrypted digest.
 oracle.security.crypto.cert.X500Name getIssuer()
          Returns the distinguished name of the CA which issued the signer's certificate.
 java.math.BigInteger getSerialNo()
          Returns the serial number of the signer's certificate.
 oracle.security.crypto.cert.AttributeSet getSignedAttributes()
          Returns the set of signed attributes.
 oracle.security.crypto.cert.AttributeSet getUnauthenticatedAttributes()
          Deprecated. As of Phaos CMS 2.0.1, replaced by getUnsignedAttributes()
 oracle.security.crypto.cert.AttributeSet getUnsignedAttributes()
          Returns set of the unsigned attributes.
 oracle.security.crypto.asn1.ASN1Integer getVersion()
          Deprecated. As of Phaos CMS 2.0.1, replaced by getVersionNumber()
 java.math.BigInteger getVersionNumber()
          Returns the version number.
 int hashCode()
          Returns a hash code value for this object.
 void input(java.io.InputStream is)
          Initializes this object by reading the BER encoding of a CMS signed-data structure from the specified input stream.
 boolean isSPKI()
          Checks if the subject key identifier (SPKI) is being used as the signer identifier.
 int length()
          Returns the length of this object's encoding.
 void output(java.io.OutputStream os)
          Output this object's encoding to the specified output stream.
 java.lang.String toString()
          Print some information about this object.
 void verifySignature(CMSContentInfo contentInfo, oracle.security.crypto.core.PublicKey publicKey)
          Verifies that this signature matches the given document.

 

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

 

Constructor Detail

CMSSignerInfo

public CMSSignerInfo(CMSContentInfo contentInfo,
                     oracle.security.crypto.cert.AttributeSet authenticatedAttributes,
                     oracle.security.crypto.core.PrivateKey signerKey,
                     oracle.security.crypto.cert.X509 signerCert,
                     oracle.security.crypto.core.AlgorithmIdentifier digestAlgID,
                     oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID,
                     oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes)
              throws oracle.security.crypto.core.InvalidKeyException,
                     oracle.security.crypto.core.SignatureException,
                     oracle.security.crypto.core.AlgorithmIdentifierException
Creates a CMSSignerInfo object by the computing a signature on the given CMS object together with its attributes.

The authenticatedAttributes must not contain the messageDigest or contentType attributes as these will be generated automatically.

Parameters:
contentInfo - The document to be signed.
authenticatedAttributes - The set of authenticated attributes.
signerKey - The private key to sign with.
signerCert - The signer's X.509 certificate.
digestAlgID - The message digest algorithm.
unauthenticatedAttributes - The set of unauthenticated attributes.
Throws:
oracle.security.crypto.core.InvalidKeyException - The signing key is invalid.
oracle.security.crypto.core.SignatureException - An error occurred while generating the signature.
oracle.security.crypto.core.AlgorithmIdentifierException - The algorithm is not recognized.

CMSSignerInfo

public CMSSignerInfo(oracle.security.crypto.cert.X500Name issuer,
                     java.math.BigInteger serialNo,
                     oracle.security.crypto.core.AlgorithmIdentifier digestAlgID,
                     oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID,
                     oracle.security.crypto.cert.AttributeSet authenticatedAttributes,
                     oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes,
                     byte[] encryptedDigest)
Creates a CMSSignerInfo using an already computed signature.
Parameters:
issuer - The X500Name of the issuer of the signing certificate.
serialNo - The serial number of the signing certificate.
digestAlgID - The message digest algorithm.
authenticatedAttributes - The set of authenticated attributes.
unauthenticatedAttributes - The set of unauthenticated attributes.
encryptedDigest - The signature.

CMSSignerInfo

public CMSSignerInfo(oracle.security.crypto.cert.X509 cert,
                     oracle.security.crypto.core.AlgorithmIdentifier digestAlgID,
                     oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID,
                     oracle.security.crypto.cert.AttributeSet authenticatedAttributes,
                     oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes,
                     byte[] encryptedDigest)
Creates a CMSSignerInfo using an already computed signature.
Parameters:
cert - The signing certificate.
digestAlgID - The message digest algorithm.
authenticatedAttributes - The set of authenticated attributes.
unauthenticatedAttributes - The set of unauthenticated attributes.
encryptedDigest - The signature.

CMSSignerInfo

public CMSSignerInfo(java.io.InputStream is)
              throws java.io.IOException
Creates a CMSSignerInfo by reading from the specified input stream.
Parameters:
is - The input stream.
Throws:
java.io.IOException - If the input is not correctly formatted or an I/O exception occurs.

CMSSignerInfo

public CMSSignerInfo(CMSContentInfo contentInfo,
                     oracle.security.crypto.cert.AttributeSet authenticatedAttributes,
                     oracle.security.crypto.core.PrivateKey signerKey,
                     oracle.security.crypto.cert.X509 signerCert,
                     oracle.security.crypto.core.AlgorithmIdentifier digestAlgID,
                     oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID,
                     oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes,
                     boolean use64BitSPKI)
              throws oracle.security.crypto.core.InvalidKeyException,
                     oracle.security.crypto.core.SignatureException,
                     oracle.security.crypto.core.AlgorithmIdentifierException
Creates a CMSSignerInfo using the Subject Key Identifier as the signer identifier.
Parameters:
contentInfo -
authenticatedAttributes - Set of Attributes that are not signed.
signerKey - X509 Signing Certificate.
signerCert - Signer's Private Key.
digestAlgID - Digest Algorithm to use.
digestEncryptionAlgID - Signature Algorithm to use.
unauthenticatedAttributes - Set of Attributes that are not signed.
use64BitSPKI - If true the 64 bit Identifier will be used; If false the 160 bit Identifier will be used.
Throws:
oracle.security.crypto.core.InvalidKeyException - The private key is not valid.
oracle.security.crypto.core.SignatureException - The signature could not be verified.
oracle.security.crypto.core.AlgorithmIdentifierException - The digest or signature algorithm is not supported.

Method Detail

getIssuer

public oracle.security.crypto.cert.X500Name getIssuer()
Returns the distinguished name of the CA which issued the signer's certificate.
Returns:
The signing certificate issuer's DN.

getSerialNo

public java.math.BigInteger getSerialNo()
Returns the serial number of the signer's certificate.
Returns:
The serial number of the signing certificate.

getSignedAttributes

public oracle.security.crypto.cert.AttributeSet getSignedAttributes()
Returns the set of signed attributes.
Returns:
The signed attributes if present or null otherwise.

getUnsignedAttributes

public oracle.security.crypto.cert.AttributeSet getUnsignedAttributes()
Returns set of the unsigned attributes.
Returns:
The unsigned attributes if present or null otherwise.

getAuthenticatedAttributes

public oracle.security.crypto.cert.AttributeSet getAuthenticatedAttributes()
Deprecated. As of Phaos CMS 2.0.1, replaced by getSignedAttributes()
Returns the set of signed attributes.
Returns:
The signed attributes if present or null otherwise.

getUnauthenticatedAttributes

public oracle.security.crypto.cert.AttributeSet getUnauthenticatedAttributes()
Deprecated. As of Phaos CMS 2.0.1, replaced by getUnsignedAttributes()
Returns set of the unsigned attributes.
Returns:
The unsigned attributes if present or null otherwise.

addUnsignedAttribute

public void addUnsignedAttribute(oracle.security.crypto.cert.Attribute attr)
Add a unsigned attribute.
Parameters:
attr - The unsigned attribute.
Since:
2.0.1

getDigestAlgID

public oracle.security.crypto.core.AlgorithmIdentifier getDigestAlgID()
Returns the digest algorithm.
Returns:
The digest algorithm Identifier.

getDigestEncryptionAlgID

public oracle.security.crypto.core.AlgorithmIdentifier getDigestEncryptionAlgID()
Returns the signature algorithm.
Returns:
The signature algorithm identifier.

getEncryptedDigest

public byte[] getEncryptedDigest()
Returns the encrypted digest.
Returns:
A byte array containing the encrypted digest.

isSPKI

public boolean isSPKI()
Checks if the subject key identifier (SPKI) is being used as the signer identifier.
Returns:
true if SPKI is being used; false if IASN is being used.

getVersionNumber

public java.math.BigInteger getVersionNumber()
Returns the version number.
Returns:
The version number.

getVersion

public oracle.security.crypto.asn1.ASN1Integer getVersion()
Deprecated. As of Phaos CMS 2.0.1, replaced by getVersionNumber()
Returns the version number.
Returns:
The version number.

toString

public java.lang.String toString()
Print some information about this object.
Returns:
A string description of this Object.

hashCode

public int hashCode()
Returns a hash code value for this object.
Returns:
The hash code value.

equals

public boolean equals(java.lang.Object obj)
Indicates whether some other object is "equal to" this one.
Returns:
true if this object is the same as the obj argument; false otherwise.

verifySignature

public void verifySignature(CMSContentInfo contentInfo,
                            oracle.security.crypto.core.PublicKey publicKey)
                     throws oracle.security.crypto.core.AuthenticationException
Verifies that this signature matches the given document.

This method will return only if the signature is valid.

Parameters:
contentInfo - The document (a CMS object) to verify.
publicKey - Public key with which to verify signature.
Throws:
oracle.security.crypto.core.AuthenticationException - If the signature is not valid, or could not be verified for some reason (e.g., the algorithm identifier is unrecognized)

input

public void input(java.io.InputStream is)
           throws java.io.IOException
Initializes this object by reading the BER encoding of a CMS signed-data structure from the specified input stream.
Specified by:
input in interface oracle.security.crypto.util.Streamable
Parameters:
is - The input stream.
Throws:
java.io.IOException - If the input is not correctly formatted or an I/O error occurs.

output

public void output(java.io.OutputStream os)
            throws java.io.IOException
Output this object's encoding to the specified output stream.
Specified by:
output in interface oracle.security.crypto.util.Streamable
Throws:
java.io.IOException - If an I/O error occurs.

length

public int length()
Returns the length of this object's encoding.
Specified by:
length in interface oracle.security.crypto.util.Streamable
Returns:
The length in bytes.

Oracle Security Developer Tools CMS Java API Reference
10g (10.1.4.0.1)

B28170-01


Copyright © 2005 ,2006 , Oracle. All rights reserved.