public class CMSSignedData
extends java.lang.Object
implements org.bouncycastle.util.Encodable
Store certStore = s.getCertificates(); SignerInformationStore signers = s.getSignerInfos(); Collection c = signers.getSigners(); Iterator it = c.iterator(); while (it.hasNext()) { SignerInformation signer = (SignerInformation)it.next(); Collection certCollection = certStore.getMatches(signer.getSID()); Iterator certIt = certCollection.iterator(); X509CertificateHolder cert = (X509CertificateHolder)certIt.next(); if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) { verified++; } }
Constructor and Description |
---|
CMSSignedData(byte[] sigBlock) |
CMSSignedData(CMSProcessable signedContent,
byte[] sigBlock) |
CMSSignedData(CMSProcessable signedContent,
org.bouncycastle.asn1.cms.ContentInfo sigData) |
CMSSignedData(CMSProcessable signedContent,
java.io.InputStream sigData)
base constructor - content with detached signature.
|
CMSSignedData(org.bouncycastle.asn1.cms.ContentInfo sigData) |
CMSSignedData(java.io.InputStream sigData)
base constructor - with encapsulated content
|
CMSSignedData(java.util.Map hashes,
byte[] sigBlock)
Content with detached signature, digests precomputed
|
CMSSignedData(java.util.Map hashes,
org.bouncycastle.asn1.cms.ContentInfo sigData) |
Modifier and Type | Method and Description |
---|---|
static CMSSignedData |
addDigestAlgorithm(CMSSignedData signedData,
org.bouncycastle.asn1.x509.AlgorithmIdentifier digestAlgorithm)
Return a new CMSSignedData which guarantees to have the passed in digestAlgorithm
in it.
|
org.bouncycastle.util.Store<X509AttributeCertificateHolder> |
getAttributeCertificates()
Return any X.509 attribute certificate objects in this SignedData structure as a Store of X509AttributeCertificateHolder objects.
|
org.bouncycastle.util.Store<X509CertificateHolder> |
getCertificates()
Return any X.509 certificate objects in this SignedData structure as a Store of X509CertificateHolder objects.
|
org.bouncycastle.util.Store<X509CRLHolder> |
getCRLs()
Return any X.509 CRL objects in this SignedData structure as a Store of X509CRLHolder objects.
|
java.util.Set<org.bouncycastle.asn1.x509.AlgorithmIdentifier> |
getDigestAlgorithmIDs()
Return the digest algorithm identifiers for the SignedData object
|
byte[] |
getEncoded()
return the ASN.1 encoded representation of this object.
|
byte[] |
getEncoded(java.lang.String encoding)
return the ASN.1 encoded representation of this object using the specified encoding.
|
org.bouncycastle.util.Store |
getOtherRevocationInfo(org.bouncycastle.asn1.ASN1ObjectIdentifier otherRevocationInfoFormat)
Return any OtherRevocationInfo OtherRevInfo objects of the type indicated by otherRevocationInfoFormat in
this SignedData structure.
|
CMSTypedData |
getSignedContent() |
java.lang.String |
getSignedContentTypeOID()
Return the a string representation of the OID associated with the
encapsulated content info structure carried in the signed data.
|
SignerInformationStore |
getSignerInfos()
return the collection of signers that are associated with the
signatures for the message.
|
int |
getVersion()
Return the version number for this object
|
boolean |
isCertificateManagementMessage()
Return if this is object represents a certificate management message.
|
boolean |
isDetachedSignature()
Return if this is object represents a detached signature.
|
static CMSSignedData |
replaceCertificatesAndCRLs(CMSSignedData signedData,
org.bouncycastle.util.Store certificates,
org.bouncycastle.util.Store attrCerts,
org.bouncycastle.util.Store revocations)
Replace the certificate and CRL information associated with this
CMSSignedData object with the new one passed in.
|
static CMSSignedData |
replaceSigners(CMSSignedData signedData,
SignerInformationStore signerInformationStore)
Replace the SignerInformation store associated with this
CMSSignedData object with the new one passed in.
|
org.bouncycastle.asn1.cms.ContentInfo |
toASN1Structure()
return the ContentInfo
|
boolean |
verifySignatures(SignerInformationVerifierProvider verifierProvider)
Verify all the SignerInformation objects and their associated counter signatures attached
to this CMS SignedData object.
|
boolean |
verifySignatures(SignerInformationVerifierProvider verifierProvider,
boolean ignoreCounterSignatures)
Verify all the SignerInformation objects and optionally their associated counter signatures attached
to this CMS SignedData object.
|
public CMSSignedData(byte[] sigBlock) throws CMSException
CMSException
public CMSSignedData(CMSProcessable signedContent, byte[] sigBlock) throws CMSException
CMSException
public CMSSignedData(java.util.Map hashes, byte[] sigBlock) throws CMSException
hashes
- a map of precomputed digests for content indexed by name of hash.sigBlock
- the signature object.CMSException
public CMSSignedData(CMSProcessable signedContent, java.io.InputStream sigData) throws CMSException
signedContent
- the content that was signed.sigData
- the signature object.CMSException
public CMSSignedData(java.io.InputStream sigData) throws CMSException
CMSException
public CMSSignedData(CMSProcessable signedContent, org.bouncycastle.asn1.cms.ContentInfo sigData) throws CMSException
CMSException
public CMSSignedData(java.util.Map hashes, org.bouncycastle.asn1.cms.ContentInfo sigData) throws CMSException
CMSException
public CMSSignedData(org.bouncycastle.asn1.cms.ContentInfo sigData) throws CMSException
CMSException
public int getVersion()
public SignerInformationStore getSignerInfos()
public boolean isDetachedSignature()
public boolean isCertificateManagementMessage()
public org.bouncycastle.util.Store<X509CertificateHolder> getCertificates()
public org.bouncycastle.util.Store<X509CRLHolder> getCRLs()
public org.bouncycastle.util.Store<X509AttributeCertificateHolder> getAttributeCertificates()
public org.bouncycastle.util.Store getOtherRevocationInfo(org.bouncycastle.asn1.ASN1ObjectIdentifier otherRevocationInfoFormat)
otherRevocationInfoFormat
- OID of the format type been looked for.public java.util.Set<org.bouncycastle.asn1.x509.AlgorithmIdentifier> getDigestAlgorithmIDs()
public java.lang.String getSignedContentTypeOID()
public CMSTypedData getSignedContent()
public org.bouncycastle.asn1.cms.ContentInfo toASN1Structure()
public byte[] getEncoded() throws java.io.IOException
getEncoded
in interface org.bouncycastle.util.Encodable
java.io.IOException
public byte[] getEncoded(java.lang.String encoding) throws java.io.IOException
encoding
- the ASN.1 encoding format to use ("BER", "DL", or "DER").java.io.IOException
public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider) throws CMSException
verifierProvider
- a provider of SignerInformationVerifier objects.CMSException
- if an exception occurs during the verification process.public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider, boolean ignoreCounterSignatures) throws CMSException
verifierProvider
- a provider of SignerInformationVerifier objects.ignoreCounterSignatures
- if true don't check counter signatures. If false check counter signatures as well.CMSException
- if an exception occurs during the verification process.public static CMSSignedData addDigestAlgorithm(CMSSignedData signedData, org.bouncycastle.asn1.x509.AlgorithmIdentifier digestAlgorithm)
signedData
- the signed data object to be used as a base.digestAlgorithm
- the digest algorithm to be added to the signed data.public static CMSSignedData replaceSigners(CMSSignedData signedData, SignerInformationStore signerInformationStore)
signedData
- the signed data object to be used as a base.signerInformationStore
- the new signer information store to use.public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData, org.bouncycastle.util.Store certificates, org.bouncycastle.util.Store attrCerts, org.bouncycastle.util.Store revocations) throws CMSException
signedData
- the signed data object to be used as a base.certificates
- the new certificates to be used.attrCerts
- the new attribute certificates to be used.revocations
- the new CRLs to be used - a collection of X509CRLHolder objects, OtherRevocationInfoFormat, or both.CMSException
- if there is an error processing the CertStore