SmimeSignedObject (Oracle Security Developer Tools S/MIME Java API Reference)

Overview

Package

Class

Tree

Deprecated

Index

Help

Oracle Security Developer Tools S/MIME Java API Reference
10g Release 3 (10.1.3)
B25379-01

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.security.crypto.smime
Interface SmimeSignedObject

All Superinterfaces:: SmimeObject

All Known Implementing Classes:: SmimeMultipartSigned, SmimeSigned, SmimeSignedReceipt

public interface SmimeSignedObject
extends SmimeObject

An interface that represents a signed message.

Method Summary
`java.util.Vector`	`getCertificates()` Returns the list of X509 certificates included with this signed data object.
`java.util.Vector`	`getCRLs()` Returns the list of CRLs included with this signed data object.
`javax.mail.internet.MimeBodyPart`	`getEnclosedBodyPart()` Returns the message content that was signed.
`EquivalentLabels`	`getEquivalentLabels(oracle.security.crypto.cert.X509 signerCert)` Returns the `EquivalentLabels` if present or `null`.
`ESSSecurityLabel`	`getESSSecurityLabel(oracle.security.crypto.cert.X509 signerCert)` Returns the `ESSSecurityLabel` if present or `null`.
`MLExpansionHistory`	`getMLExpansionHistory(oracle.security.crypto.cert.X509 signerCert)` Returns the `MLExpansionHistory` Attribute if present or `null`.
`ReceiptRequest`	`getReceiptRequest(oracle.security.crypto.cert.X509 signerCert)` Returns the `ReceiptRequest` Attribute if present or `null`.
`SigningCertificate`	`getSigningCertificate(oracle.security.crypto.cert.X509 signerCert)` Returns the `SigningCertificate` Attribute if present or `null`.
`java.util.Enumeration`	`signers()` Returns the list of signers.
`void`	`verify(oracle.security.crypto.cert.CertificateTrustPolicy trustPolicy)` Returns normally if this CMS signed data object contains at least one valid signature, according to the given trust policy; otherwise throws an `AuthenticationException`.
`void`	`verify(oracle.security.crypto.cert.CertificateTrustPolicy trustPolicy, javax.mail.Address[] senderAddresses)` Does the same thing as `verify(CertificateTrustPolicy)`, except that in addition, it checks to make sure that the terminating certificate of the validating certificate chain contains an email address which is present in the specified list of sender addresses.
`void`	`verifySignature(oracle.security.crypto.cert.X509 signerCert)` Returns successfully if this CMS signed data object contains a signature which is validated by the given certificate; otherwise throws an `AuthenticationException`.
`void`	`verifySignature(oracle.security.crypto.cert.X509 signerCert, javax.mail.Address[] senderAddresses)` Does the same thing as `verifySignature(X509)`, except that in addition, it checks to make sure that the email address in the given certificate is present in the specified list of sender addresses.

Methods inherited from interface oracle.security.crypto.smime.SmimeObject

generateContentType, generateContentType, writeTo

Method Detail

signers

public java.util.Enumeration signers()

Returns the list of signers.

Returns:: A Vector containing CMSSignerInfo objects.

getCertificates

public java.util.Vector getCertificates()

Returns the list of X509 certificates included with this signed data object.

Returns:: A Vector containing X509 objects or null if no list of certificates is present.

getCRLs

public java.util.Vector getCRLs()

Returns the list of CRLs included with this signed data object.

Returns:: A Vector containing CRL objects or null if no list of CRLs is present.

getEnclosedBodyPart

public javax.mail.internet.MimeBodyPart getEnclosedBodyPart()
                                                     throws oracle.security.crypto.util.InvalidInputException,
                                                            javax.mail.MessagingException

Returns the message content that was signed.

Returns:: The message content as a MimeBodyPart.
Throws:: oracle.security.crypto.util.InvalidInputException - The message content type is not correct.; javax.mail.MessagingException - An error occurred while initializing the content.

verifySignature

public void verifySignature(oracle.security.crypto.cert.X509 signerCert)
                     throws oracle.security.crypto.core.AuthenticationException,
                            oracle.security.crypto.cms.UnknownSignerException

Returns successfully if this CMS signed data object contains a signature which is validated by the given certificate; otherwise throws an AuthenticationException.

This method verifies the specified signature directly and ignores any certificates or CRLs which may be contained in this CMS object. A more complex verification process, which does make use of attached certificates and CRLs, is provided by the verify method.

Throws:: oracle.security.crypto.cms.UnknownSignerException - if no signature corresponding to the given certificate exists; oracle.security.crypto.core.AuthenticationException - if the signature is not valid, or could not be verified for some reason (e.g., the algorithm identifier is unrecognized)

verifySignature

public void verifySignature(oracle.security.crypto.cert.X509 signerCert,
                            javax.mail.Address[] senderAddresses)
                     throws oracle.security.crypto.core.AuthenticationException,
                            oracle.security.crypto.cms.UnknownSignerException

Does the same thing as verifySignature(X509), except that in addition, it checks to make sure that the email address in the given certificate is present in the specified list of sender addresses.

The list of sender addresses should be obtained by invoking the getFrom() method on the instance of javax.mail.Message which contains this object as its content.

Throws:: oracle.security.crypto.core.AuthenticationException; oracle.security.crypto.cms.UnknownSignerException

verify

public void verify(oracle.security.crypto.cert.CertificateTrustPolicy trustPolicy)
            throws oracle.security.crypto.core.AuthenticationException

Returns normally if this CMS signed data object contains at least one valid signature, according to the given trust policy; otherwise throws an AuthenticationException.

In order to be considered valid, there must be at least one signature on this CMS message which is validated by one of the certificates included with it; furthermore, the validating certificate must itself be valid according to the given certificate trust policy. This latter validation process may involve examining the other certificates or CRLs included with this object, if called for by the trust policy.

If a signature is encountered for which a certification path can be found, but is invalid, an AuthenticationException will be created, but will not be thrown until all other signatures have been checked. If another signature is found which is valid, then the method simply returns and no exception at all is thrown.

Throws:: oracle.security.crypto.core.AuthenticationException - if there is no valid signature

verify

public void verify(oracle.security.crypto.cert.CertificateTrustPolicy trustPolicy,
                   javax.mail.Address[] senderAddresses)
            throws oracle.security.crypto.core.AuthenticationException

Does the same thing as verify(CertificateTrustPolicy), except that in addition, it checks to make sure that the terminating certificate of the validating certificate chain contains an email address which is present in the specified list of sender addresses.

The list of sender addresses should be obtained by invoking the getFrom() method on the instance of javax.mail.Message which contains this object as its content.

Throws:: oracle.security.crypto.core.AuthenticationException

getESSSecurityLabel

public ESSSecurityLabel getESSSecurityLabel(oracle.security.crypto.cert.X509 signerCert)
                                     throws oracle.security.crypto.core.AuthenticationException,
                                            oracle.security.crypto.cms.UnknownSignerException

Returns the ESSSecurityLabel if present or null.

The signature of the SignerInfo that covers the ESSSecurityLabel is first verified. Then, it verifies that all the ESSSecurityLabel's in the signed message are identical.

Throws:: oracle.security.crypto.core.AuthenticationException; oracle.security.crypto.cms.UnknownSignerException

getEquivalentLabels

public EquivalentLabels getEquivalentLabels(oracle.security.crypto.cert.X509 signerCert)
                                     throws oracle.security.crypto.core.AuthenticationException,
                                            oracle.security.crypto.cms.UnknownSignerException

Returns the EquivalentLabels if present or null.

The signature of the SignerInfo that covers the EquivalentLabels is first verified. Then, it verifies that all the EquivalentLabels in the signed message are identical.

Throws:: oracle.security.crypto.core.AuthenticationException; oracle.security.crypto.cms.UnknownSignerException

getSigningCertificate

public SigningCertificate getSigningCertificate(oracle.security.crypto.cert.X509 signerCert)
                                         throws oracle.security.crypto.core.AuthenticationException,
                                                oracle.security.crypto.cms.UnknownSignerException

Returns the SigningCertificate Attribute if present or null.

The signature of the SignerInfo that covers the SigningCertificate is verified.

Throws:: oracle.security.crypto.core.AuthenticationException; oracle.security.crypto.cms.UnknownSignerException

getMLExpansionHistory

public MLExpansionHistory getMLExpansionHistory(oracle.security.crypto.cert.X509 signerCert)
                                         throws oracle.security.crypto.core.AuthenticationException,
                                                oracle.security.crypto.cms.UnknownSignerException

Returns the MLExpansionHistory Attribute if present or null.

The signature of the SignerInfo that covers the MLExpansionHistory is first verified. Then, it verifies that all the MLExpansionHistory's in the signed message are identical.

Throws:: oracle.security.crypto.core.AuthenticationException; oracle.security.crypto.cms.UnknownSignerException

getReceiptRequest

public ReceiptRequest getReceiptRequest(oracle.security.crypto.cert.X509 signerCert)
                                 throws oracle.security.crypto.core.AuthenticationException,
                                        oracle.security.crypto.cms.UnknownSignerException

Returns the ReceiptRequest Attribute if present or null.

The signature of the SignerInfo that covers the ReceiptRequest is first verified. Then, it verifies that all the ReceiptRequest's in the signed message are identical.

Throws:: oracle.security.crypto.core.AuthenticationException; oracle.security.crypto.cms.UnknownSignerException

Overview

Package

Class

Tree

Deprecated

Index

Help

Oracle Security Developer Tools S/MIME Java API Reference
10g Release 3 (10.1.3)
B25379-01

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.security.crypto.smime Interface SmimeSignedObject

signers

getCertificates

getCRLs

getEnclosedBodyPart

verifySignature

verifySignature

verify

verify

getESSSecurityLabel

getEquivalentLabels

getSigningCertificate

getMLExpansionHistory

getReceiptRequest

oracle.security.crypto.smime
Interface SmimeSignedObject