|
Oracle Fusion Middleware CMS Java API Reference for Oracle Security Developer Tools 11g Release 1 (11.1.1) E10667-03 |
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object
oracle.security.crypto.cms.CMSSignerInfo
public final class CMSSignerInfo
The CMSSignerInfo
represents one signature.
CMSSignerInfo
objects are signed at the time they are instantiated. Once created, the only modification that can be made is to add unsigned attributes (which includes countersignatures).
Constructor Summary | |
---|---|
CMSSignerInfo(CMSContentInfo contentInfo, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes) Creates a CMSSignerInfo object by the computing a signature on the given CMS object together with its attributes. |
|
CMSSignerInfo(CMSContentInfo contentInfo, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes, boolean use64BitSPKI) Creates a CMSSignerInfo using the Subject Key Identifier as the signer identifier. |
|
CMSSignerInfo(java.io.InputStream is) Creates a CMSSignerInfo by reading from the specified input stream. |
|
CMSSignerInfo(oracle.security.crypto.cert.X500Name issuer, java.math.BigInteger serialNo, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes, byte[] encryptedDigest) Creates a CMSSignerInfo using an already computed signature. |
|
CMSSignerInfo(java.security.cert.X509Certificate cert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes, byte[] encryptedDigest) Creates a CMSSignerInfo using an already computed signature. |
Method Summary | |
---|---|
void |
addUnsignedAttribute(oracle.security.crypto.cert.Attribute attr) Add a unsigned attribute. |
boolean |
equals(java.lang.Object obj) Indicates whether some other object is "equal to" this one. |
oracle.security.crypto.cert.AttributeSet |
getAuthenticatedAttributes() Deprecated. As of Phaos CMS 2.0.1, replaced by getSignedAttributes() |
oracle.security.crypto.core.AlgorithmIdentifier |
getDigestAlgID() Returns the digest algorithm. |
oracle.security.crypto.core.AlgorithmIdentifier |
getDigestEncryptionAlgID() Returns the signature algorithm. |
byte[] |
getEncryptedDigest() Returns the encrypted digest. |
oracle.security.crypto.cert.X500Name |
getIssuer() Returns the distinguished name of the CA which issued the signer's certificate. |
java.math.BigInteger |
getSerialNo() Returns the serial number of the signer's certificate. |
oracle.security.crypto.cert.AttributeSet |
getSignedAttributes() Returns the set of signed attributes. |
oracle.security.crypto.cert.AttributeSet |
getUnauthenticatedAttributes() Deprecated. As of Phaos CMS 2.0.1, replaced by getUnsignedAttributes() |
oracle.security.crypto.cert.AttributeSet |
getUnsignedAttributes() Returns set of the unsigned attributes. |
oracle.security.crypto.asn1.ASN1Integer |
getVersion() Deprecated. As of Phaos CMS 2.0.1, replaced by getVersionNumber() |
java.math.BigInteger |
getVersionNumber() Returns the version number. |
int |
hashCode() Returns a hash code value for this object. |
void |
input(java.io.InputStream is) Initializes this object by reading the BER encoding of a CMS signed-data structure from the specified input stream. |
boolean |
isSPKI() Checks if the subject key identifier (SPKI) is being used as the signer identifier. |
int |
length() Returns the length of this object's encoding. |
void |
output(java.io.OutputStream os) Output this object's encoding to the specified output stream. |
java.lang.String |
toString() Print some information about this object. |
void |
verifySignature(CMSContentInfo contentInfo, java.security.PublicKey publicKey) Verifies that this signature matches the given document. |
Methods inherited from class java.lang.Object |
---|
clone, finalize, getClass, notify, notifyAll, wait, wait, wait |
Constructor Detail |
---|
public CMSSignerInfo(CMSContentInfo contentInfo, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes) throws java.security.InvalidKeyException, java.security.SignatureException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateEncodingException, java.io.IOException
CMSSignerInfo
object by the computing a signature on the given CMS object together with its attributes.
The authenticatedAttributes
must not contain the messageDigest
or contentType
attributes as these will be generated automatically.
Note the changes in the Method signature
Previouslypublic CMSSignerInfo (CMSContentInfo , AttributeSet , oracle.security.crypto.core.PrivateKey , X509, AlgorithmIdentifier ,AlgorithmIdentifier , AttributeSet )
Nowpublic CMSSignerInfo (CMSContentInfo , AttributeSet , java.security.PrivateKey , X509Certificate, AlgorithmIdentifier ,AlgorithmIdentifier , AttributeSet )
Note the changes in the exceptions
Exceptions not thrown -- AlgorithmIdentifierException
Exceptions included -- NoSuchAlgorithmException ,CertificateEncodingException, IOException
contentInfo
- The document to be signed.authenticatedAttributes
- The set of authenticated attributes.signerKey
- The private key to sign with.signerCert
- The signer's X.509 certificate.digestAlgID
- The message digest algorithm.digestEncryptAlgID
- The cipher algorithm.unauthenticatedAttributes
- The set of unauthenticated attributes.java.security.InvalidKeyException
- The signing key is invalid.java.security.SignatureException
- An error occurred while generating the signature.java.security.cert.CertificateEncodingException
- Error while encoding the certificatejava.security.NoSuchAlgorithmException
- Algorithm not supportedjava.io.IOException
- IO error when creating a certificate from the input streampublic CMSSignerInfo(oracle.security.crypto.cert.X500Name issuer, java.math.BigInteger serialNo, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes, byte[] encryptedDigest)
CMSSignerInfo
using an already computed signature.
issuer
- The X500Name of the issuer of the signing certificate.serialNo
- The serial number of the signing certificate.digestAlgID
- The message digest algorithm.digestEncryptAlgID
- The cipher algorithm.authenticatedAttributes
- The set of authenticated attributes.unauthenticatedAttributes
- The set of unauthenticated attributes.encryptedDigest
- The signature.public CMSSignerInfo(java.security.cert.X509Certificate cert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes, byte[] encryptedDigest) throws java.security.cert.CertificateEncodingException, java.io.IOException
CMSSignerInfo
using an already computed signature.
Note the changes in the Method signature
Previouslypublic CMSSignerInfo (X509, AlgorithmIdentifier , AlgorithmIdentifier , AttributeSet , AttributeSet, byte[] )
Nowpublic CMSSignerInfo (X509Certificate, AlgorithmIdentifier , AlgorithmIdentifier , AttributeSet , AttributeSet, byte[] )
Note the changes in the exceptions
Exceptions included -- CertificateEncodingException, IOException
cert
- The signing certificate.digestAlgID
- The message digest algorithm.digestEncryptAlgID
- The cipher algorithm.authenticatedAttributes
- The set of authenticated attributes.unauthenticatedAttributes
- The set of unauthenticated attributes.encryptedDigest
- The signature.java.security.cert.CertificateEncodingException
- Error while encoding the certificatejava.io.IOException
- IO error when creating a certificate from the input streampublic CMSSignerInfo(java.io.InputStream is) throws java.io.IOException
CMSSignerInfo
by reading from the specified input stream.
is
- The input stream.java.io.IOException
- If the input is not correctly formatted or an I/O exception occurs.public CMSSignerInfo(CMSContentInfo contentInfo, oracle.security.crypto.cert.AttributeSet authenticatedAttributes, java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, oracle.security.crypto.core.AlgorithmIdentifier digestEncryptionAlgID, oracle.security.crypto.cert.AttributeSet unauthenticatedAttributes, boolean use64BitSPKI) throws java.security.InvalidKeyException, java.security.SignatureException, java.security.NoSuchAlgorithmException
CMSSignerInfo
using the Subject Key Identifier as the signer identifier.
Note the changes in the Method signature
Previouslypublic CMSSignerInfo (CMSContentInfo , AttributeSet,oracle.security.crypto.core.PrivateKey , X509 , AlgorithmIdentifier , AlgorithmIdentifier , AttributeSet ,boolean)
Now(CMSContentInfo , AttributeSet,java.security.PrivateKey , X509Certificate , AlgorithmIdentifier , AlgorithmIdentifier , AttributeSet ,boolean)
Note the changes in the exceptions
Exception no longer throwns -- AlgorithmIdentifierException
Exceptions included -- NoSuchAlgorithmException
contentInfo
-authenticatedAttributes
- Set of Attributes that are not signed.signerKey
- X509 Signing Certificate.signerCert
- Signer's Private Key.digestAlgID
- Digest Algorithm to use.digestEncryptionAlgID
- Signature Algorithm to use.unauthenticatedAttributes
- Set of Attributes that are not signed.use64BitSPKI
- If true
the 64 bit Identifier will be used; If false
the 160 bit Identifier will be used.java.security.InvalidKeyException
- The private key is not valid.java.security.SignatureException
- The signature could not be verified.java.security.NoSuchAlgorithmException
- The digest or signature algorithm is not supported.Method Detail |
---|
public oracle.security.crypto.cert.X500Name getIssuer()
public java.math.BigInteger getSerialNo()
public oracle.security.crypto.cert.AttributeSet getSignedAttributes()
null
otherwise.public oracle.security.crypto.cert.AttributeSet getUnsignedAttributes()
null
otherwise.public oracle.security.crypto.cert.AttributeSet getAuthenticatedAttributes()
getSignedAttributes()
null
otherwise.public oracle.security.crypto.cert.AttributeSet getUnauthenticatedAttributes()
getUnsignedAttributes()
null
otherwise.public void addUnsignedAttribute(oracle.security.crypto.cert.Attribute attr)
attr
- The unsigned attribute.public oracle.security.crypto.core.AlgorithmIdentifier getDigestAlgID()
public oracle.security.crypto.core.AlgorithmIdentifier getDigestEncryptionAlgID()
public byte[] getEncryptedDigest()
public boolean isSPKI()
true
if SPKI is being used; false
if IASN is being used.public java.math.BigInteger getVersionNumber()
public oracle.security.crypto.asn1.ASN1Integer getVersion()
getVersionNumber()
public java.lang.String toString()
toString
in class java.lang.Object
public int hashCode()
hashCode
in class java.lang.Object
public boolean equals(java.lang.Object obj)
equals
in class java.lang.Object
true
if this object is the same as the obj argument; false
otherwise.public void verifySignature(CMSContentInfo contentInfo, java.security.PublicKey publicKey) throws oracle.security.crypto.core.AuthenticationException, java.security.SignatureException
This method will return only if the signature is valid.
Note the changes in the Method signature
Previouslypublic void verifySignature (CMSContentInfo , oracle.security.crypto.core.PublicKey )
Nowpublic void verifySignature (CMSContentInfo , java.security.PublicKey )
Note the changes in the exceptions
Exceptions included -- SignatureException
contentInfo
- The document (a CMS object) to verify.publicKey
- Public key with which to verify signature.oracle.security.crypto.core.AuthenticationException
- If the signature is not valid, or could not be verified for some reason (e.g., the algorithm identifier is unrecognized)java.security.SignatureException
- Signature algorithm not supportedpublic void input(java.io.InputStream is) throws java.io.IOException
input
in interface oracle.security.crypto.util.Streamable
is
- The input stream.java.io.IOException
- If the input is not correctly formatted or an I/O error occurs.public void output(java.io.OutputStream os) throws java.io.IOException
output
in interface oracle.security.crypto.util.Streamable
output
- The specified output stream.java.io.IOException
- If an I/O error occurs.public int length()
length
in interface oracle.security.crypto.util.Streamable
|
Oracle Fusion Middleware CMS Java API Reference for Oracle Security Developer Tools 11g Release 1 (11.1.1) E10667-03 |
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |