Skip navigation links

oracle.security.crypto.cert
Class PKCS7

java.lang.Object
oracle.security.crypto.cert.PKCS7

All Implemented Interfaces:

java.io.Externalizable, java.io.Serializable, oracle.security.crypto.asn1.ASN1Object, oracle.security.crypto.util.Streamable

public class PKCS7

extends java.lang.Object

implements oracle.security.crypto.asn1.ASN1Object, java.io.Externalizable

This class implements a subset of PKCS #7. Two modes are implemented: wrapping X.509 certificates and CRLs (SignedData with empty signerInfos), and making a detached RSA/MD5 or RSA/SHA signature with one signer.

See Also:

Serialized Form

Field Summary

protected static int[]

pkcs7 The pkcs-7 OBJECT-IDENTIFIER, as defined in PKCS #7.

Constructor Summary

PKCS7()
Creates a new empty instance.

PKCS7(oracle.security.crypto.asn1.ASN1Sequence s)

PKCS7(CRL crl)
Make a wrapper for a CRL.

PKCS7(java.io.InputStream is)

PKCS7(java.util.Vector certificates, java.util.Vector crls)
Make a wrapper for a list of certificates and CRL's.

PKCS7(X509 cert)
Make a wrapper for a certificate.

PKCS7(X509 signer, oracle.security.crypto.core.RSAPrivateKey k, byte[] doc)
Make a detached signature.

Method Summary

void	addCertificate(X509 cert) Add certificate to the vector of certificates.
void	addCRL(CRL crl) Add CRL to the vector of CRLs.
java.util.Vector	getCertificates() Returns vector of certificates to be wrapped.
java.util.Vector	getCRLs() Returns vector of CRLs to be wrapped.
byte[]	getEncoded() Returns the ASN.1 encoding.
X500Name	getIssuer() If this object is a detached signature, returns the issuer of the signer's certificate.
java.math.BigInteger	getSerialNo() If this object is a detached signature, returns the serial number of the signer's certificate.
void	input(oracle.security.crypto.asn1.ASN1Sequence s) Read in ASN.1 form.
void	input(java.io.InputStream is) Read from the specified input stream.
int	length() Returns length of ASN.1 encoding.
void	output(java.io.OutputStream os) Output contents to the specified output stream.
void	readExternal(java.io.ObjectInput is)
void	setDocument(byte[] doc) Specify the document for verification.
void	setPublicKey(oracle.security.crypto.core.RSAPublicKey pk) Sets the public key which will be used to verify the signature.
void	setSigner(X509 signer) Set the signer certificate.
void	sign(X509 signer, oracle.security.crypto.core.RSAPrivateKey privKey, oracle.security.crypto.core.AlgorithmIdentifier sigAlg, byte[] doc) Make a detached signature using the given signature algorithm.
void	sign(X509 signer, oracle.security.crypto.core.RSAPrivateKey privKey, byte[] doc) Make a detached signature, using the default signature algorithm oracle.security.crypto.core.AlgID#md5WithRSAEncryption.
boolean	verify() If this object is a detached signature, verify the signature.
void	writeExternal(java.io.ObjectOutput os)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

pkcs7

protected static final int[] pkcs7

The pkcs-7 OBJECT-IDENTIFIER, as defined in PKCS #7.

Constructor Detail

PKCS7

public PKCS7()

Creates a new empty instance. This constructor is to be used with serialization or with the input method.

PKCS7

public PKCS7(java.util.Vector certificates,
             java.util.Vector crls)

Make a wrapper for a list of certificates and CRL's. Either of the arguments may be null, in which case the corresponding field will be left out.

PKCS7

public PKCS7(X509 cert)

Make a wrapper for a certificate.

PKCS7

public PKCS7(CRL crl)

Make a wrapper for a CRL.

PKCS7

public PKCS7(X509 signer,
             oracle.security.crypto.core.RSAPrivateKey k,
             byte[] doc)
      throws oracle.security.crypto.core.SignatureException

Make a detached signature.

Throws:

oracle.security.crypto.core.SignatureException

PKCS7

public PKCS7(java.io.InputStream is)
      throws java.io.IOException

Throws:

java.io.IOException

PKCS7

public PKCS7(oracle.security.crypto.asn1.ASN1Sequence s)
      throws java.io.IOException

Throws:

java.io.IOException

Method Detail

getCertificates

public java.util.Vector getCertificates()

Returns vector of certificates to be wrapped.

getCRLs

public java.util.Vector getCRLs()

Returns vector of CRLs to be wrapped.

addCertificate

public void addCertificate(X509 cert)

Add certificate to the vector of certificates.

addCRL

public void addCRL(CRL crl)

Add CRL to the vector of CRLs.

getIssuer

public X500Name getIssuer()

If this object is a detached signature, returns the issuer of the signer's certificate.

getSerialNo

public java.math.BigInteger getSerialNo()

If this object is a detached signature, returns the serial number of the signer's certificate.

setPublicKey

public void setPublicKey(oracle.security.crypto.core.RSAPublicKey pk)

Sets the public key which will be used to verify the signature.

setSigner

public void setSigner(X509 signer)

Set the signer certificate.

setDocument

public void setDocument(byte[] doc)

Specify the document for verification. This call must be made after the object is input and the public key is set.

Throws:

java.lang.IllegalStateException - if Message Digest algorithm is bad.

sign

public void sign(X509 signer,
                 oracle.security.crypto.core.RSAPrivateKey privKey,
                 byte[] doc)
          throws oracle.security.crypto.core.SignatureException

Make a detached signature, using the default signature algorithm oracle.security.crypto.core.AlgID#md5WithRSAEncryption.

Throws:

oracle.security.crypto.core.SignatureException

sign

public void sign(X509 signer,
                 oracle.security.crypto.core.RSAPrivateKey privKey,
                 oracle.security.crypto.core.AlgorithmIdentifier sigAlg,
                 byte[] doc)
          throws oracle.security.crypto.core.SignatureException

Make a detached signature using the given signature algorithm.

Throws:

oracle.security.crypto.core.SignatureException

verify

public boolean verify()
               throws oracle.security.crypto.core.AuthenticationException

If this object is a detached signature, verify the signature. This call must be made after the object is input and the public key and the document are set.

Throws:

oracle.security.crypto.core.AuthenticationException - if there is an error during verification

output

public void output(java.io.OutputStream os)
            throws java.io.IOException

Output contents to the specified output stream.

Specified by:

output in interface oracle.security.crypto.util.Streamable

Throws:

java.io.IOException

input

public void input(java.io.InputStream is)
           throws java.io.IOException

Read from the specified input stream.

Specified by:

input in interface oracle.security.crypto.util.Streamable

Throws:

java.io.IOException

input

public void input(oracle.security.crypto.asn1.ASN1Sequence s)
           throws java.io.IOException

Read in ASN.1 form.

Throws:

java.io.IOException

length

public int length()

Returns length of ASN.1 encoding.

Specified by:

length in interface oracle.security.crypto.util.Streamable

getEncoded

public byte[] getEncoded()

Returns the ASN.1 encoding.

writeExternal

public void writeExternal(java.io.ObjectOutput os)
                   throws java.io.IOException

Specified by:

writeExternal in interface java.io.Externalizable

Throws:

java.io.IOException

readExternal

public void readExternal(java.io.ObjectInput is)
                  throws java.io.IOException,
                         java.lang.ClassNotFoundException

Specified by:

readExternal in interface java.io.Externalizable

Throws:

java.io.IOException

java.lang.ClassNotFoundException

Skip navigation links