public class SmimeSignedReceipt extends java.lang.Object implements SmimeSignedObject
Constructor and Description |
---|
SmimeSignedReceipt(ESSReceipt receipt, byte[] msgSigDigest, Address[] receiptsToAddresses)
Create a
SmimeSignedReceipt . |
SmimeSignedReceipt(java.io.InputStream is)
Create a
SmimeSignedReceipt by reading the BER encoding from the specified input stream. |
SmimeSignedReceipt(SmimeSignedObject smimeObj)
Create a
SmimeSignedReceipt . |
SmimeSignedReceipt(SmimeSignedObject smimeSigned, java.security.cert.X509Certificate signerCert, Address[] messageRecipientAddresses)
Create a
SmimeSignedReceipt using the signed message containing a receipt request. |
SmimeSignedReceipt(SmimeSignedObject smimeSigned, java.security.cert.X509Certificate signerCert, Address[] messageRecipientAddresses, MLExpansionHistory mlExpansionHistory)
Create a
SmimeSignedReceipt using the signed message containing a receipt request. |
Modifier and Type | Method and Description |
---|---|
void |
addCertificate(java.security.cert.X509Certificate cert)
Adds a X509 Certificate
|
void |
addCRL(CRL crl) |
void |
addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID)
Adds a signature object
|
void |
addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, AttributeSet signedAttributes)
Adds a signature object
|
void |
addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, java.util.Date timeStamp)
Adds a signature object
|
void |
addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, java.util.Date timeStamp, SmimeCapabilities smimeCaps)
Adds a signature object
|
void |
addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, SmimeCapabilities smimeCaps)
Adds a signature object
|
java.lang.String |
generateContentType()
Returns the content type of this smime object.
|
java.lang.String |
generateContentType(boolean useStandardContentTypes)
Returns the content type of this smime object.
|
java.util.Vector |
getCertificates()
Returns the list of Certificates included with this signed data object, or
null if no list of Certificates is present. |
java.util.Vector |
getCRLs()
Returns the list of CRLs included with this signed data object, or
null if no list of CRLs is present. |
MimeBodyPart |
getEnclosedBodyPart()
Returns a MimeBodyPart containing a DER encoded ESS Receipt.
|
ESSReceipt |
getEnclosedReceipt()
Returns the ESS Receipt.
|
EquivalentLabels |
getEquivalentLabels(java.security.cert.X509Certificate signerCert)
Returns the
EquivalentLabels if present or null . |
ESSSecurityLabel |
getESSSecurityLabel(java.security.cert.X509Certificate signerCert)
Returns the
ESSSecurityLabel if present or null . |
MLExpansionHistory |
getMLExpansionHistory(java.security.cert.X509Certificate signerCert)
Returns the
MLExpansionHistory if present or null . |
ReceiptRequest |
getReceiptRequest(java.security.cert.X509Certificate signerCert)
Returns the
ReceiptRequest if present or null . |
Address[] |
getReceiptsToAddresses()
Returns the list of recipients to whom the receipt must be sent.
|
SigningCertificate |
getSigningCertificate(java.security.cert.X509Certificate signerCert)
Returns the
SigningCertificate Attribute if present or null . |
java.util.Enumeration |
signers()
Returns the signatures on this signed data object, in the form of an enumeration, each element of which is an instance of
CMSSignerInfo . |
void |
verify(CertificateTrustPolicy trustPolicy)
Returns normally if this CMS signed data object contains at least one valid signature, according to the given trust policy; otherwise throws an
AuthenticationException . |
void |
verify(CertificateTrustPolicy trustPolicy, Address[] senderAddresses)
Does the same thing as
SmimeSignedObject.verify(CertificateTrustPolicy) , except that in addition, it checks to make sure that the terminating certificate of the validating certificate chain contains an email address which is present in the specified list of sender addresses. |
void |
verifyReceipt(SmimeSignedObject originalSmimeSignedObject, java.security.cert.X509Certificate signerCert)
Stores the SignerInfo object that contains the original receipt request that will be used to validate a received receipt
|
void |
verifySignature(java.security.cert.X509Certificate signerCert)
Verify the signature
|
void |
verifySignature(java.security.cert.X509Certificate signerCert, Address[] senderAddresses)
Verify the signature
|
void |
writeTo(java.io.OutputStream os, java.lang.String mimeType)
Writes this
SmimeSigned to the given output stream. |
public SmimeSignedReceipt(SmimeSignedObject smimeSigned, java.security.cert.X509Certificate signerCert, Address[] messageRecipientAddresses) throws oracle.security.crypto.util.InvalidInputException, ESSException
SmimeSignedReceipt
using the signed message containing a receipt request.
Note the changes in the method signature
Previouslypublic SmimeSignedReceipt (SmimeSignedObject , X509, Address[] )
Nowpublic SmimeSignedReceipt (SmimeSignedObject , X509Certificate, Address[] )
smimeSigned
- A signed message (must not be a signed receipt).signerCert
- The signer certificate that will be used to verify the signature.messageRecipientAddresses
- Addresses of the message recipient.oracle.security.crypto.util.InvalidInputException
- The receipt request attribute encoding was incorrect or multipe receipt request attribute were present or the input signed object is a receipt.ESSException
- This message does not require a receipt be generated.public SmimeSignedReceipt(SmimeSignedObject smimeSigned, java.security.cert.X509Certificate signerCert, Address[] messageRecipientAddresses, MLExpansionHistory mlExpansionHistory) throws oracle.security.crypto.util.InvalidInputException, ESSException
SmimeSignedReceipt
using the signed message containing a receipt request.
Note the changes in the method signature
Previouslypublic SmimeSignedReceipt (SmimeSignedObject , X509, Address[],MLExpansionHistory )
Nowpublic SmimeSignedReceipt (SmimeSignedObject , X509Certificate, Address[],MLExpansionHistory )
smimeSigned
- A signed message (must not be a signed receipt).signerCert
- The signer certificate that will be used to verify the signature.mlExpansionHistory
- The MLExpansionHistory
attribute present in the outermost signed-data block or null
otherwise.messageRecipientAddresses
- Addresses of the message recipient.oracle.security.crypto.util.InvalidInputException
- The receipt request attribute encoding was incorrect or multipe receipt request attributes were present.ESSException
- This message does not require a receipt be generated.public SmimeSignedReceipt(SmimeSignedObject smimeObj) throws oracle.security.crypto.util.InvalidInputException
SmimeSignedReceipt
.smimeObj
- The SmimeSignedObject containing a receipt.oracle.security.crypto.util.InvalidInputException
- The signed object does not contain a receipt.public SmimeSignedReceipt(ESSReceipt receipt, byte[] msgSigDigest, Address[] receiptsToAddresses)
SmimeSignedReceipt
.receipt
- The pre-computed receipt to send.public SmimeSignedReceipt(java.io.InputStream is) throws java.io.IOException
SmimeSignedReceipt
by reading the BER encoding from the specified input stream.is
- The input stream.java.io.IOException
- The input encoding is not correct or an I/O error occurred.public void addCertificate(java.security.cert.X509Certificate cert)
Note the changes in the method signature
Previouslypublic void addCertificate (X509Certificate cert)
Nowpublic void addCertificate (X509Certificate cert)
cert
- X509Certificate that needs to be addedpublic void addCRL(CRL crl)
public void addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID) throws java.security.NoSuchAlgorithmException, java.security.SignatureException, java.security.InvalidKeyException, java.io.IOException, java.security.cert.CertificateEncodingException
Note the changes in the method signature
Previouslypublic void addSignature (oracle.security.crypto.core.PrivateKey , X509, AlgorithmIdentifier )
Nowpublic void addSignature (java.security.PrivateKey , X509Certificate , AlgorithmIdentifier )
signerKey
- The key used for signingsignerCert
- The signer's certificatedigestAlgID
- The digest Algorithmjava.security.NoSuchAlgorithmException
- Algorithm not supportedjava.security.SignatureException
- Error while signature creationjava.security.InvalidKeyException
- The key is invalidjava.io.IOException
- IOException while creating an X509 certificatejava.security.cert.CertificateEncodingException
- Error when certificate encodingpublic void addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, java.util.Date timeStamp) throws java.security.NoSuchAlgorithmException, java.security.SignatureException, java.security.InvalidKeyException, java.io.IOException, java.security.cert.CertificateEncodingException
Note the changes in the method signature
Previouslypublic void addSignature (oracle.security.crypto.core.PrivateKey , X509, AlgorithmIdentifier,Date )
Nowpublic void addSignature (java.security.PrivateKey , X509Certificate , AlgorithmIdentifier ,Date)
signerKey
- The key used for signingsignerCert
- The signer's certificatedigestAlgID
- The digest Algorithmtimestamp
- Signing timejava.security.NoSuchAlgorithmException
- Algorithm not supportedjava.security.SignatureException
- Error while signature creationjava.security.InvalidKeyException
- The key is invalidjava.io.IOException
- IOException while creating an X509 certificatejava.security.cert.CertificateEncodingException
- Error when certificate encodingpublic void addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, SmimeCapabilities smimeCaps) throws java.security.NoSuchAlgorithmException, java.security.SignatureException, java.security.InvalidKeyException, java.io.IOException, java.security.cert.CertificateEncodingException
Note the changes in the method signature
Previouslypublic void addSignature (oracle.security.crypto.core.PrivateKey , X509, AlgorithmIdentifier,SmimeCapabilities )
Nowpublic void addSignature (java.security.PrivateKey , X509Certificate , AlgorithmIdentifier ,SmimeCapabilities)
signerKey
- The key used for signingsignerCert
- The signer's certificatedigestAlgID
- The digest AlgorithmsmimeCaps
- The smime capabilitiesjava.security.NoSuchAlgorithmException
- Algorithm not supportedjava.security.SignatureException
- Error while signature creationjava.security.InvalidKeyException
- The key is invalidjava.io.IOException
- IOException while creating an X509 certificatejava.security.cert.CertificateEncodingException
- Error when certificate encodingpublic void addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, java.util.Date timeStamp, SmimeCapabilities smimeCaps) throws java.security.NoSuchAlgorithmException, java.security.SignatureException, java.security.InvalidKeyException, java.io.IOException, java.security.cert.CertificateEncodingException
Note the changes in the method signature
Previouslypublic void addSignature (oracle.security.crypto.core.PrivateKey , X509, AlgorithmIdentifier, Date ,SmimeCapabilities )
Nowpublic void addSignature (java.security.PrivateKey , X509Certificate , AlgorithmIdentifier, Date ,SmimeCapabilities)
signerKey
- The key used for signingsignerCert
- The signer's certificatedigestAlgID
- The digest Algorithmdatestamp
- Signing timesmimeCaps
- The smime capabilitiesjava.security.NoSuchAlgorithmException
- Algorithm not supportedjava.security.SignatureException
- Error while signature creationjava.security.InvalidKeyException
- The key is invalidjava.io.IOException
- IOException while creating an X509 certificatejava.security.cert.CertificateEncodingException
- Error when certificate encodingpublic void addSignature(java.security.PrivateKey signerKey, java.security.cert.X509Certificate signerCert, oracle.security.crypto.core.AlgorithmIdentifier digestAlgID, AttributeSet signedAttributes) throws java.security.NoSuchAlgorithmException, java.security.SignatureException, java.security.InvalidKeyException, java.io.IOException, java.security.cert.CertificateEncodingException
Note the changes in the method signature
Previouslypublic void addSignature (oracle.security.crypto.core.PrivateKey , X509, AlgorithmIdentifier,AttributeSet )
Nowpublic void addSignature (java.security.PrivateKey , X509Certificate , AlgorithmIdentifier, AttributeSet)
signerKey
- The key used for signingsignerCert
- The signer's certificatedigestAlgID
- The digest AlgorithmsignedAttributes
- The attributes that are signedjava.security.NoSuchAlgorithmException
- Algorithm not supportedjava.security.SignatureException
- Error while signature creationjava.security.InvalidKeyException
- The key is invalidjava.io.IOException
- IOException while creating an X509 certificatejava.security.cert.CertificateEncodingException
- Error when certificate encodingpublic Address[] getReceiptsToAddresses()
null
.public ESSReceipt getEnclosedReceipt()
public MimeBodyPart getEnclosedBodyPart() throws oracle.security.crypto.util.InvalidInputException, MessagingException
getEnclosedBodyPart
in interface SmimeSignedObject
MimeBodyPart
.oracle.security.crypto.util.InvalidInputException
MessagingException
public java.util.Vector getCertificates()
null
if no list of Certificates is present.getCertificates
in interface SmimeSignedObject
Vector
containing X509
objects or null
if no list of certificates is present.public java.util.Vector getCRLs()
null
if no list of CRLs is present.getCRLs
in interface SmimeSignedObject
Vector
containing CRL
objects or null
if no list of CRLs is present.public java.util.Enumeration signers()
CMSSignerInfo
.
This method never returns null
.
signers
in interface SmimeSignedObject
Vector
containing CMSSignerInfo
objects.public void verifySignature(java.security.cert.X509Certificate signerCert) throws oracle.security.crypto.core.AuthenticationException, java.security.SignatureException
Note the changes in the method signature
Previously public void verifySignature (X509)
Now public void verifySignature (X509Certificate )
verifySignature
in interface SmimeSignedObject
signerCert
- The signer's certificateoracle.security.crypto.core.AuthenticationException
- Signature verification failedjava.security.SignatureException
- Error while creating signature object for verificationpublic void verifySignature(java.security.cert.X509Certificate signerCert, Address[] senderAddresses) throws oracle.security.crypto.core.AuthenticationException, java.security.SignatureException
Note the changes in the method signature
Previously public void verifySignature (X509,Address[])
Now public void verifySignature (X509Certificate ,Address[])
verifySignature
in interface SmimeSignedObject
signerCert
- The signer's certificatesenderAdresses
- Addresses of the senderoracle.security.crypto.core.AuthenticationException
- Signature verification failedjava.security.SignatureException
- Error while creating signature object for verificationpublic void verify(CertificateTrustPolicy trustPolicy) throws oracle.security.crypto.core.AuthenticationException
SmimeSignedObject
AuthenticationException
.
In order to be considered valid, there must be at least one signature on this CMS message which is validated by one of the certificates included with it; furthermore, the validating certificate must itself be valid according to the given certificate trust policy. This latter validation process may involve examining the other certificates or CRLs included with this object, if called for by the trust policy.
If a signature is encountered for which a certification path can be found, but is invalid, an AuthenticationException
will be created, but will not be thrown until all other signatures have been checked. If another signature is found which is valid, then the method simply returns and no exception at all is thrown.
verify
in interface SmimeSignedObject
oracle.security.crypto.core.AuthenticationException
- if there is no valid signaturepublic void verify(CertificateTrustPolicy trustPolicy, Address[] senderAddresses) throws oracle.security.crypto.core.AuthenticationException
SmimeSignedObject
SmimeSignedObject.verify(CertificateTrustPolicy)
, except that in addition, it checks to make sure that the terminating certificate of the validating certificate chain contains an email address which is present in the specified list of sender addresses.
The list of sender addresses should be obtained by invoking the getFrom()
method on the instance of javax.mail.Message
which contains this object as its content.
verify
in interface SmimeSignedObject
oracle.security.crypto.core.AuthenticationException
public void verifyReceipt(SmimeSignedObject originalSmimeSignedObject, java.security.cert.X509Certificate signerCert) throws oracle.security.crypto.core.AuthenticationException
Note the changes in the method signature
Previouslypublic void verifyReceipt (SmimeSignedObject , X509 )
Nowpublic void verifyReceipt (SmimeSignedObject , X509Certificate )
SmimeSignedObject
- object that contains the original receipt requestoracle.security.crypto.core.AuthenticationException
public ESSSecurityLabel getESSSecurityLabel(java.security.cert.X509Certificate signerCert) throws oracle.security.crypto.core.AuthenticationException, java.security.SignatureException
ESSSecurityLabel
if present or null
.
The signature of the SignerInfo that covers the ESSSecurityLabel is first verified. Then, it verifies that all the ESSSecurityLabel's in the signed message are identical.
Note the changes in the method signature
Previously public ESSSecurityLabel getESSSecurityLabel(X509)
Now public ESSSecurityLabel getESSSecurityLabel(X509Certificate)
getESSSecurityLabel
in interface SmimeSignedObject
oracle.security.crypto.core.AuthenticationException
- Signature verification did not succeed on any SignerInfo.UnknownSignerException
- No valid security label could be found.java.security.SignatureException
public EquivalentLabels getEquivalentLabels(java.security.cert.X509Certificate signerCert) throws oracle.security.crypto.core.AuthenticationException, java.security.SignatureException
EquivalentLabels
if present or null
.
The signature of the SignerInfo that covers the EquivalentLabels is first verified. Then, it verifies that all the EquivalentLabels in the signed message are identical.
Note the changes in the method signature
Previously public EquivalentLabels getEquivalentLabels(X509)
Now public EquivalentLabels getEquivalentLabels(X509Certificate)
getEquivalentLabels
in interface SmimeSignedObject
oracle.security.crypto.core.AuthenticationException
- Signature verification did not succeed on any SignerInfo.UnknownSignerException
- No valid equivalent labels could be found.java.security.SignatureException
public SigningCertificate getSigningCertificate(java.security.cert.X509Certificate signerCert) throws oracle.security.crypto.core.AuthenticationException, java.security.SignatureException
SigningCertificate
Attribute if present or null
.
The signature of the SignerInfo that covers the SigningCertificate is verified.
Note the changes in the method signature
Previously public SigningCertificate getSigningCertificate(X509)
Now public SigningCertificate getSigningCertificate(X509Certificate)
getSigningCertificate
in interface SmimeSignedObject
oracle.security.crypto.core.AuthenticationException
- Signature verification did not succeed on any SignerInfo.UnknownSignerException
- No valid signing certificate could be found.java.security.SignatureException
public MLExpansionHistory getMLExpansionHistory(java.security.cert.X509Certificate signerCert) throws oracle.security.crypto.core.AuthenticationException, java.security.SignatureException
MLExpansionHistory
if present or null
.
The signature of the SignerInfo that covers the MLExpansionHistory is first verified. Then, it verifies that all the MLExpansionHistory's in the signed message are identical.
Note the changes in the method signature
Previously public MLExpansionHistory getMLExpansionHistory (X509)
Now public MLExpansionHistory getMLExpansionHistory (X509Certificate)
getMLExpansionHistory
in interface SmimeSignedObject
oracle.security.crypto.core.AuthenticationException
- Signature verification did not succeed on any SignerInfo.UnknownSignerException
- No valid mailing list expansion history could be found.java.security.SignatureException
public ReceiptRequest getReceiptRequest(java.security.cert.X509Certificate signerCert) throws oracle.security.crypto.core.AuthenticationException, java.security.SignatureException
ReceiptRequest
if present or null
.
NOTE: RFC 2634 prohibits the presence of a ReceiptRequest attribute in a signed receipt.
The signature of the SignerInfo that covers the ReceiptRequest is first verified. Then, it verifies that all the ReceiptRequest's in the signed message are identical.
Note the changes in the method signature
Previouslypublic ReceiptRequest getReceiptRequest (X509)
Now public ReceiptRequest getReceiptRequest (X509Certificate)
getReceiptRequest
in interface SmimeSignedObject
oracle.security.crypto.core.AuthenticationException
- Signature verification did not succeed on any SignerInfo.UnknownSignerException
- No valid receipt request could be found.java.security.SignatureException
public java.lang.String generateContentType(boolean useStandardContentTypes)
SmimeObject
generateContentType
in interface SmimeObject
useStandardContentTypes
- If true
the standard content type is generated; If false
the experimental content type is generated.public java.lang.String generateContentType()
SmimeObject
generateContentType
in interface SmimeObject
public void writeTo(java.io.OutputStream os, java.lang.String mimeType) throws java.io.IOException, MessagingException
SmimeSigned
to the given output stream. Relevant canonicalizations, such as transforming text line-breaks to CRLF
, are applied.writeTo
in interface SmimeObject
os
- The output stream to which this SmimeEnveloped
will be written.mimeType
- Ignored.java.io.IOException
- An I/O error occurred.MessagingException
- An error occurred while writing the smime message.