org.bouncycastle.cms
Class CMSSignedData

java.lang.Object
  org.bouncycastle.cms.CMSSignedData

public class CMSSignedData
extends java.lang.Object

general class for handling a pkcs7-signature message. A simple example of usage - note, in the example below the validity of the certificate isn't verified, just the fact that one of the certs matches the given signer...

  Store                   certStore = s.getCertificates();
  SignerInformationStore  signers = s.getSignerInfos();
  Collection              c = signers.getSigners();
  Iterator                it = c.iterator();
  
  while (it.hasNext())
  {
      SignerInformation   signer = (SignerInformation)it.next();
      Collection          certCollection = certStore.getMatches(signer.getSID());

      Iterator              certIt = certCollection.iterator();
      X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
  
      if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)))
      {
          verified++;
      }   
  }
 

Constructor Summary

CMSSignedData(byte[] sigBlock)

CMSSignedData(CMSProcessable signedContent, byte[] sigBlock)

CMSSignedData(CMSProcessable signedContent, org.bouncycastle.asn1.cms.ContentInfo sigData)

CMSSignedData(CMSProcessable signedContent, java.io.InputStream sigData)
base constructor - content with detached signature.

CMSSignedData(org.bouncycastle.asn1.cms.ContentInfo sigData)

CMSSignedData(java.io.InputStream sigData)
base constructor - with encapsulated content

CMSSignedData(java.util.Map hashes, byte[] sigBlock)
Content with detached signature, digests precomputed

CMSSignedData(java.util.Map hashes, org.bouncycastle.asn1.cms.ContentInfo sigData)

Method Summary

org.bouncycastle.util.Store	getAttributeCertificates()
org.bouncycastle.x509.X509Store	getAttributeCertificates(java.lang.String type, java.security.Provider provider) Deprecated. use base Store returning method
org.bouncycastle.x509.X509Store	getAttributeCertificates(java.lang.String type, java.lang.String provider) Deprecated. use base Store returning method
org.bouncycastle.util.Store	getCertificates()
org.bouncycastle.x509.X509Store	getCertificates(java.lang.String type, java.security.Provider provider) Deprecated. use base Store returning method
org.bouncycastle.x509.X509Store	getCertificates(java.lang.String type, java.lang.String provider) Deprecated. use base Store returning method
java.security.cert.CertStore	getCertificatesAndCRLs(java.lang.String type, java.security.Provider provider) Deprecated. use base Store returning method
java.security.cert.CertStore	getCertificatesAndCRLs(java.lang.String type, java.lang.String provider) Deprecated. use base Store returning method
org.bouncycastle.asn1.cms.ContentInfo	getContentInfo() Deprecated. use toASN1Structure()
org.bouncycastle.util.Store	getCRLs()
org.bouncycastle.x509.X509Store	getCRLs(java.lang.String type, java.security.Provider provider) Deprecated. use base Store returning method
org.bouncycastle.x509.X509Store	getCRLs(java.lang.String type, java.lang.String provider) Deprecated. use base Store returning method
byte[]	getEncoded() return the ASN.1 encoded representation of this object.
CMSProcessable	getSignedContent()
java.lang.String	getSignedContentTypeOID() Return the a string representation of the OID associated with the encapsulated content info structure carried in the signed data.
SignerInformationStore	getSignerInfos() return the collection of signers that are associated with the signatures for the message.
int	getVersion() Return the version number for this object
static CMSSignedData	replaceCertificatesAndCRLs(CMSSignedData signedData, java.security.cert.CertStore certsAndCrls) Replace the certificate and CRL information associated with this CMSSignedData object with the new one passed in.
static CMSSignedData	replaceCertificatesAndCRLs(CMSSignedData signedData, org.bouncycastle.util.Store certificates, org.bouncycastle.util.Store attrCerts, org.bouncycastle.util.Store crls) Replace the certificate and CRL information associated with this CMSSignedData object with the new one passed in.
static CMSSignedData	replaceSigners(CMSSignedData signedData, SignerInformationStore signerInformationStore) Replace the signerinformation store associated with this CMSSignedData object with the new one passed in.
org.bouncycastle.asn1.cms.ContentInfo	toASN1Structure() return the ContentInfo

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CMSSignedData

public CMSSignedData(byte[] sigBlock)
              throws CMSException

Throws:

CMSException

CMSSignedData

public CMSSignedData(CMSProcessable signedContent,
                     byte[] sigBlock)
              throws CMSException

Throws:

CMSException

CMSSignedData

public CMSSignedData(java.util.Map hashes,
                     byte[] sigBlock)
              throws CMSException

Content with detached signature, digests precomputed

Parameters:

hashes - a map of precomputed digests for content indexed by name of hash.

sigBlock - the signature object.

Throws:

CMSException

CMSSignedData

public CMSSignedData(CMSProcessable signedContent,
                     java.io.InputStream sigData)
              throws CMSException

base constructor - content with detached signature.

Parameters:

signedContent - the content that was signed.

sigData - the signature object.

Throws:

CMSException

CMSSignedData

public CMSSignedData(java.io.InputStream sigData)
              throws CMSException

base constructor - with encapsulated content

Throws:

CMSException

CMSSignedData

public CMSSignedData(CMSProcessable signedContent,
                     org.bouncycastle.asn1.cms.ContentInfo sigData)
              throws CMSException

Throws:

CMSException

CMSSignedData

public CMSSignedData(java.util.Map hashes,
                     org.bouncycastle.asn1.cms.ContentInfo sigData)
              throws CMSException

Throws:

CMSException

CMSSignedData

public CMSSignedData(org.bouncycastle.asn1.cms.ContentInfo sigData)
              throws CMSException

Throws:

CMSException

Method Detail

getVersion

public int getVersion()

Return the version number for this object

getSignerInfos

public SignerInformationStore getSignerInfos()

return the collection of signers that are associated with the signatures for the message.

getAttributeCertificates

public org.bouncycastle.x509.X509Store getAttributeCertificates(java.lang.String type,
                                                                java.lang.String provider)
                                                         throws org.bouncycastle.x509.NoSuchStoreException,
                                                                java.security.NoSuchProviderException,
                                                                CMSException

Deprecated. use base Store returning method

return a X509Store containing the attribute certificates, if any, contained in this message.

Parameters:

type - type of store to create

provider - name of provider to use

Returns:

a store of attribute certificates

Throws:

java.security.NoSuchProviderException - if the provider requested isn't available.

org.bouncycastle.x509.NoSuchStoreException - if the store type isn't available.

CMSException - if a general exception prevents creation of the X509Store

getAttributeCertificates

public org.bouncycastle.x509.X509Store getAttributeCertificates(java.lang.String type,
                                                                java.security.Provider provider)
                                                         throws org.bouncycastle.x509.NoSuchStoreException,
                                                                CMSException

Deprecated. use base Store returning method

return a X509Store containing the attribute certificates, if any, contained in this message.

Parameters:

type - type of store to create

provider - provider to use

Returns:

a store of attribute certificates

Throws:

org.bouncycastle.x509.NoSuchStoreException - if the store type isn't available.

CMSException - if a general exception prevents creation of the X509Store

getCertificates

public org.bouncycastle.x509.X509Store getCertificates(java.lang.String type,
                                                       java.lang.String provider)
                                                throws org.bouncycastle.x509.NoSuchStoreException,
                                                       java.security.NoSuchProviderException,
                                                       CMSException

Deprecated. use base Store returning method

return a X509Store containing the public key certificates, if any, contained in this message.

Parameters:

type - type of store to create

provider - name of provider to use

Returns:

a store of public key certificates

Throws:

java.security.NoSuchProviderException - if the provider requested isn't available.

org.bouncycastle.x509.NoSuchStoreException - if the store type isn't available.

CMSException - if a general exception prevents creation of the X509Store

getCertificates

public org.bouncycastle.x509.X509Store getCertificates(java.lang.String type,
                                                       java.security.Provider provider)
                                                throws org.bouncycastle.x509.NoSuchStoreException,
                                                       CMSException

Deprecated. use base Store returning method

return a X509Store containing the public key certificates, if any, contained in this message.

Parameters:

type - type of store to create

provider - provider to use

Returns:

a store of public key certificates

Throws:

org.bouncycastle.x509.NoSuchStoreException - if the store type isn't available.

CMSException - if a general exception prevents creation of the X509Store

getCRLs

public org.bouncycastle.x509.X509Store getCRLs(java.lang.String type,
                                               java.lang.String provider)
                                        throws org.bouncycastle.x509.NoSuchStoreException,
                                               java.security.NoSuchProviderException,
                                               CMSException

Deprecated. use base Store returning method

return a X509Store containing CRLs, if any, contained in this message.

Parameters:

type - type of store to create

provider - name of provider to use

Returns:

a store of CRLs

Throws:

java.security.NoSuchProviderException - if the provider requested isn't available.

org.bouncycastle.x509.NoSuchStoreException - if the store type isn't available.

CMSException - if a general exception prevents creation of the X509Store

getCRLs

public org.bouncycastle.x509.X509Store getCRLs(java.lang.String type,
                                               java.security.Provider provider)
                                        throws org.bouncycastle.x509.NoSuchStoreException,
                                               CMSException

Deprecated. use base Store returning method

return a X509Store containing CRLs, if any, contained in this message.

Parameters:

type - type of store to create

provider - provider to use

Returns:

a store of CRLs

Throws:

org.bouncycastle.x509.NoSuchStoreException - if the store type isn't available.

CMSException - if a general exception prevents creation of the X509Store

getCertificatesAndCRLs

public java.security.cert.CertStore getCertificatesAndCRLs(java.lang.String type,
                                                           java.lang.String provider)
                                                    throws java.security.NoSuchAlgorithmException,
                                                           java.security.NoSuchProviderException,
                                                           CMSException

Deprecated. use base Store returning method

return a CertStore containing the certificates and CRLs associated with this message.

Throws:

java.security.NoSuchProviderException - if the provider requested isn't available.

java.security.NoSuchAlgorithmException - if the cert store isn't available.

CMSException - if a general exception prevents creation of the CertStore

getCertificatesAndCRLs

public java.security.cert.CertStore getCertificatesAndCRLs(java.lang.String type,
                                                           java.security.Provider provider)
                                                    throws java.security.NoSuchAlgorithmException,
                                                           CMSException

Deprecated. use base Store returning method

return a CertStore containing the certificates and CRLs associated with this message.

Throws:

java.security.NoSuchAlgorithmException - if the cert store isn't available.

CMSException - if a general exception prevents creation of the CertStore

getCertificates

public org.bouncycastle.util.Store getCertificates()

getCRLs

public org.bouncycastle.util.Store getCRLs()

getAttributeCertificates

public org.bouncycastle.util.Store getAttributeCertificates()

getSignedContentTypeOID

public java.lang.String getSignedContentTypeOID()

Return the a string representation of the OID associated with the encapsulated content info structure carried in the signed data.

Returns:

the OID for the content type.

getSignedContent

public CMSProcessable getSignedContent()

getContentInfo

public org.bouncycastle.asn1.cms.ContentInfo getContentInfo()

Deprecated. use toASN1Structure()

return the ContentInfo

toASN1Structure

public org.bouncycastle.asn1.cms.ContentInfo toASN1Structure()

return the ContentInfo

getEncoded

public byte[] getEncoded()
                  throws java.io.IOException

return the ASN.1 encoded representation of this object.

Throws:

java.io.IOException

replaceSigners

public static CMSSignedData replaceSigners(CMSSignedData signedData,
                                           SignerInformationStore signerInformationStore)

Replace the signerinformation store associated with this CMSSignedData object with the new one passed in. You would probably only want to do this if you wanted to change the unsigned attributes associated with a signer, or perhaps delete one.

Parameters:

signedData - the signed data object to be used as a base.

signerInformationStore - the new signer information store to use.

Returns:

a new signed data object.

replaceCertificatesAndCRLs

public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData,
                                                       java.security.cert.CertStore certsAndCrls)
                                                throws CMSException

Replace the certificate and CRL information associated with this CMSSignedData object with the new one passed in.

Parameters:

signedData - the signed data object to be used as a base.

certsAndCrls - the new certificates and CRLs to be used.

Returns:

a new signed data object.

Throws:

CMSException - if there is an error processing the CertStore

replaceCertificatesAndCRLs

public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData,
                                                       org.bouncycastle.util.Store certificates,
                                                       org.bouncycastle.util.Store attrCerts,
                                                       org.bouncycastle.util.Store crls)
                                                throws CMSException

Replace the certificate and CRL information associated with this CMSSignedData object with the new one passed in.

Parameters:

signedData - the signed data object to be used as a base.

certificates - the new certificates to be used.

attrCerts - the new attribute certificates to be used.

crls - the new CRLs to be used.

Returns:

a new signed data object.

Throws:

CMSException - if there is an error processing the CertStore