Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Security Developer Tools Security Engine Java API Reference
10g Release 3 (10.1.3)
B25381-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.security.crypto.cert
Class PKCS7

java.lang.Object
  extended byoracle.security.crypto.cert.PKCS7

All Implemented Interfaces:
oracle.security.crypto.asn1.ASN1Object, oracle.security.crypto.util.Streamable
public class PKCS7
extends java.lang.Object
implements oracle.security.crypto.asn1.ASN1Object

This class implements a subset of PKCS #7. Two modes are implemented: wrapping X.509 certificates and CRLs (SignedData with empty signerInfos), and making a detached RSA/MD5 or RSA/SHA signature with one signer.

Warning: The serialization capability of this class should only be used for short-term storage and RMI between applications running the same version of this product. It should not be relied on for long-term perisistence, as future versions of this class may use an incompatible serialization format. For now, applications requiring long-term persistence should use the ASN.1 encodings provided by the input(InputStream) and output(OutputStream) methods directly, instead of serialization.

Field Summary
protected static int[] pkcs7
          The pkcs-7 OBJECT-IDENTIFIER, as defined in PKCS #7.

 

Constructor Summary
PKCS7()
           
PKCS7(oracle.security.crypto.asn1.ASN1Sequence s)
           
PKCS7(CRL crl)
          Make a wrapper for a CRL.
PKCS7(java.io.InputStream is)
           
PKCS7(java.util.Vector certificates, java.util.Vector crls)
          Make a wrapper for a list of certificates and CRL's.
PKCS7(X509 cert)
          Make a wrapper for a certificate.
PKCS7(X509 signer, oracle.security.crypto.core.RSAPrivateKey k, byte[] doc)
          Make a detached signature.

 

Method Summary
 void addCertificate(X509 cert)
          Add certificate to the vector of certificates.
 void addCRL(CRL crl)
          Add CRL to the vector of CRLs.
 java.util.Vector getCertificates()
          Returns vector of certificates to be wrapped.
 java.util.Vector getCRLs()
          Returns vector of CRLs to be wrapped.
 byte[] getEncoded()
          Returns the ASN.1 encoding.
 X500Name getIssuer()
          If this object is a detached signature, returns the issuer of the signer's certificate.
 java.math.BigInteger getSerialNo()
          If this object is a detached signature, returns the serial number of the signer's certificate.
 void input(oracle.security.crypto.asn1.ASN1Sequence s)
          Read in ASN.1 form.
 void input(java.io.InputStream is)
          Read from the specified input stream.
 int length()
          Returns length of ASN.1 encoding.
 void output(java.io.OutputStream os)
          Output contents to the specified output stream.
 void setDocument(byte[] doc)
          Specify the document for verification.
 void setPublicKey(oracle.security.crypto.core.RSAPublicKey pk)
          Sets the public key which will be used to verify the signature.
 void setSigner(X509 signer)
          Set the signer certificate.
 void sign(X509 signer, oracle.security.crypto.core.RSAPrivateKey privKey, oracle.security.crypto.core.AlgorithmIdentifier sigAlg, byte[] doc)
          Make a detached signature using the given signature algorithm.
 void sign(X509 signer, oracle.security.crypto.core.RSAPrivateKey privKey, byte[] doc)
          Make a detached signature, using the default signature algorithm AlgID.md5WithRSAEncryption.
 boolean verify()
          If this object is a detached signature, verify the signature.

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Field Detail

pkcs7

protected static final int[] pkcs7
The pkcs-7 OBJECT-IDENTIFIER, as defined in PKCS #7.

Constructor Detail

PKCS7

public PKCS7()

PKCS7

public PKCS7(java.util.Vector certificates,
             java.util.Vector crls)
Make a wrapper for a list of certificates and CRL's. Either of the arguments may be null, in which case the corresponding field will be left out.

PKCS7

public PKCS7(X509 cert)
Make a wrapper for a certificate.

PKCS7

public PKCS7(CRL crl)
Make a wrapper for a CRL.

PKCS7

public PKCS7(X509 signer,
             oracle.security.crypto.core.RSAPrivateKey k,
             byte[] doc)
      throws oracle.security.crypto.core.SignatureException
Make a detached signature.

PKCS7

public PKCS7(java.io.InputStream is)
      throws java.io.IOException

PKCS7

public PKCS7(oracle.security.crypto.asn1.ASN1Sequence s)
      throws java.io.IOException

Method Detail

getCertificates

public java.util.Vector getCertificates()
Returns vector of certificates to be wrapped.

getCRLs

public java.util.Vector getCRLs()
Returns vector of CRLs to be wrapped.

addCertificate

public void addCertificate(X509 cert)
Add certificate to the vector of certificates.

addCRL

public void addCRL(CRL crl)
Add CRL to the vector of CRLs.

getIssuer

public X500Name getIssuer()
If this object is a detached signature, returns the issuer of the signer's certificate.

getSerialNo

public java.math.BigInteger getSerialNo()
If this object is a detached signature, returns the serial number of the signer's certificate.

setPublicKey

public void setPublicKey(oracle.security.crypto.core.RSAPublicKey pk)
Sets the public key which will be used to verify the signature.

setSigner

public void setSigner(X509 signer)
Set the signer certificate.

setDocument

public void setDocument(byte[] doc)
Specify the document for verification. This call must be made after the object is input and the public key is set.
Throws:
java.lang.IllegalStateException - if Message Digest algorithm is bad.

sign

public void sign(X509 signer,
                 oracle.security.crypto.core.RSAPrivateKey privKey,
                 byte[] doc)
          throws oracle.security.crypto.core.SignatureException
Make a detached signature, using the default signature algorithm AlgID.md5WithRSAEncryption.
Throws:
oracle.security.crypto.core.SignatureException

sign

public void sign(X509 signer,
                 oracle.security.crypto.core.RSAPrivateKey privKey,
                 oracle.security.crypto.core.AlgorithmIdentifier sigAlg,
                 byte[] doc)
          throws oracle.security.crypto.core.SignatureException
Make a detached signature using the given signature algorithm.
Throws:
oracle.security.crypto.core.SignatureException

verify

public boolean verify()
               throws oracle.security.crypto.core.AuthenticationException
If this object is a detached signature, verify the signature. This call must be made after the object is input and the public key and the document are set.
Throws:
oracle.security.crypto.core.AuthenticationException - if there is an error during verification

output

public void output(java.io.OutputStream os)
            throws java.io.IOException
Output contents to the specified output stream.
Specified by:
output in interface oracle.security.crypto.util.Streamable
Throws:
java.io.IOException

input

public void input(java.io.InputStream is)
           throws java.io.IOException
Read from the specified input stream.
Specified by:
input in interface oracle.security.crypto.util.Streamable
Throws:
java.io.IOException

input

public void input(oracle.security.crypto.asn1.ASN1Sequence s)
           throws java.io.IOException
Read in ASN.1 form.
Throws:
java.io.IOException

length

public int length()
Returns length of ASN.1 encoding.
Specified by:
length in interface oracle.security.crypto.util.Streamable

getEncoded

public byte[] getEncoded()
Returns the ASN.1 encoding.

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Security Developer Tools Security Engine Java API Reference
10g Release 3 (10.1.3)
B25381-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2005, 2006 , Oracle. All rights reserved.