Class SignedData

  • All Implemented Interfaces:
    ASN1Value

    public class SignedData
    extends java.lang.Object
    implements ASN1Value
    A CMS SignedData structure.

    The certificates field should only contain X.509 certificates. PKCS #6 extended certificates will fail to decode properly.

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      static class  SignedData.Template
      A template file for decoding a SignedData blob
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void encode​(java.io.OutputStream ostream)
      Write this value's DER encoding to an output stream using its own base tag.
      void encode​(Tag tag, java.io.OutputStream ostream)
      Write this value's DER encoding to an output stream using an implicit tag.
      SET getCertificates()
      Returns the certificates field, which is a SET of X.509 certificates (org.mozilla.jss.pkix.cert.Certificate).
      EncapsulatedContentInfo getContentInfo()
      Returns the EncapsulatedContentInfo containing the signed content.
      SET getCrls()
      Returns the crls field, which contains a SET of certificate revocation lists represented by ANYs (org.mozilla.jss.asn1.ANY).
      SET getDigestAlgorithmIdentifiers()
      Returns the digest algorithms used by the signers to digest the signed content.
      SET getSignerInfos()
      Returns the signerInfos field, which is a SET of org.mozilla.jss.pkix.cms.SignerInfo.
      Tag getTag()
      Returns the base tag for this type, not counting any tags that may be imposed on it by its context.
      static SignedData.Template getTemplate()  
      INTEGER getVersion()
      Returns the version of this SignedData.
      boolean hasCertificates()
      Returns true if the certificates field is present.
      boolean hasCrls()
      Returns true if the crls field is present.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • SignedData

        public SignedData​(SET digestAlgorithms,
                          EncapsulatedContentInfo contentInfo,
                          SET certificates,
                          SET crls,
                          SET signerInfos)
        Create a SignedData ASN1 object. Both certificates and CRLs are optional. If you pass in a null for either value, that parameter will not get written in the sequence.
        Parameters:
        digestAlgorithms - A SET of zero or more algorithm identifiers. The purpose of this item is to list the digest algorithms used by the various signers to digest the signed content. This field will also be updated by the addSigner method. If all the signers are added with addSigner, it is not necessary to list the digest algorithms here.

        If null is passed in, the digestAlgorithms field will be initialized with an empty SET.

        contentInfo - The content that is being signed. This parameter may not be null. However, the content field of the contentInfo may be omitted, in which case the signatures contained in the SignerInfo structures are presumed to be on externally-supplied data.
        certificates - A SET of org.mozilla.jss.pkix.cert.Certificate, the certificates containing the public keys used to sign the content. It may also contain elements of the CA chain extending from the leaf certificates. It is not necessary to include the CA chain, or indeed to include any certificates, if the certificates are expected to already be possessed by the recipient. The recipient can use the issuer and serial number in the SignerInfo structure to search for the necessary certificates. If this parameter is null, the certificates field will be omitted.
        crls - A SET of ASN1Values, which should encode to the ASN1 type CertificateRevocationList. This implementation does not interpret CRLs. If this parameter is null, the crls field will be omitted.
        signerInfos - SignerInfo structures containing signatures of the content. Additional signerInfos can be added with the addSigner method. If this parameter is null, the field will be initialized with an empty SET.
    • Method Detail

      • getVersion

        public INTEGER getVersion()
        Returns the version of this SignedData. The current version of the spec is version 3.
      • getDigestAlgorithmIdentifiers

        public SET getDigestAlgorithmIdentifiers()
        Returns the digest algorithms used by the signers to digest the signed content. There may be more than one, if different signers use different digesting algorithms.
      • getContentInfo

        public EncapsulatedContentInfo getContentInfo()
        Returns the EncapsulatedContentInfo containing the signed content. The simple case is for the content to be of type data, although any content type can be signed.
      • getCertificates

        public SET getCertificates()
        Returns the certificates field, which is a SET of X.509 certificates (org.mozilla.jss.pkix.cert.Certificate). PKCS #6 Extended Certificates are not supported by this implementation. Returns null if this optional field is not present.
      • hasCertificates

        public boolean hasCertificates()
        Returns true if the certificates field is present.
      • getCrls

        public SET getCrls()
        Returns the crls field, which contains a SET of certificate revocation lists represented by ANYs (org.mozilla.jss.asn1.ANY).
      • hasCrls

        public boolean hasCrls()
        Returns true if the crls field is present.
      • getSignerInfos

        public SET getSignerInfos()
        Returns the signerInfos field, which is a SET of org.mozilla.jss.pkix.cms.SignerInfo.
      • getTag

        public Tag getTag()
        Description copied from interface: ASN1Value
        Returns the base tag for this type, not counting any tags that may be imposed on it by its context.
        Specified by:
        getTag in interface ASN1Value
        Returns:
        Base tag.
      • encode

        public void encode​(java.io.OutputStream ostream)
                    throws java.io.IOException
        Description copied from interface: ASN1Value
        Write this value's DER encoding to an output stream using its own base tag.
        Specified by:
        encode in interface ASN1Value
        Parameters:
        ostream - Output stream.
        Throws:
        java.io.IOException - If an error occurred.
      • encode

        public void encode​(Tag tag,
                           java.io.OutputStream ostream)
                    throws java.io.IOException
        Description copied from interface: ASN1Value
        Write this value's DER encoding to an output stream using an implicit tag.
        Specified by:
        encode in interface ASN1Value
        Parameters:
        tag - Implicit tag.
        ostream - Output stream.
        Throws:
        java.io.IOException - If an error occurred.