Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography 1.46
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.bouncycastle.cms
Class CMSSignedDataParser

java.lang.Object
  extended by org.bouncycastle.cms.CMSContentInfoParser
      extended by org.bouncycastle.cms.CMSSignedDataParser
Direct Known Subclasses:
SMIMESignedParser
public class CMSSignedDataParser
extends CMSContentInfoParser

Parsing class for an CMS Signed Data object from an input stream.

Note: that because we are in a streaming mode only one signer can be tried and it is important that the methods on the parser are called in the appropriate order.

A simple example of usage for an encapsulated signature.

Two notes: first, in the example below the validity of the certificate isn't verified, just the fact that one of the certs matches the given signer, and, second, because we are in a streaming mode the order of the operations is important. 

      CMSSignedDataParser     sp = new CMSSignedDataParser(encapSigData);

      sp.getSignedContent().drain();

      CertStore               certs = sp.getCertificatesAndCRLs("Collection", "BC");
      SignerInformationStore  signers = sp.getSignerInfos();
      
      Collection              c = signers.getSigners();
      Iterator                it = c.iterator();

      while (it.hasNext())
      {
          SignerInformation   signer = (SignerInformation)it.next();
          Collection          certCollection = certStore.getMatches(signer.getSID());

          Iterator        certIt = certCollection.iterator();
          X509CertificateHolder cert = (X509CertificateHolder)certIt.next();

          System.out.println("verify returns: " + signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)));
      }
Note also: this class does not introduce buffering - if you are processing large files you should create the parser with: 
          CMSSignedDataParser     ep = new CMSSignedDataParser(new BufferedInputStream(encapSigData, bufSize));
where bufSize is a suitably large buffer size.

Field Summary
 
Fields inherited from class org.bouncycastle.cms.CMSContentInfoParser
_contentInfo, _data
 
Constructor Summary
CMSSignedDataParser(byte[] sigBlock)
           
CMSSignedDataParser(CMSTypedStream signedContent, byte[] sigBlock)
           
CMSSignedDataParser(CMSTypedStream signedContent, java.io.InputStream sigData)
          base constructor
CMSSignedDataParser(java.io.InputStream sigData)
          base constructor - with encapsulated content
 
Method Summary
 Store getAttributeCertificates()
           
 X509Store getAttributeCertificates(java.lang.String type, java.security.Provider provider)
          return a X509Store containing the attribute certificates, if any, contained in this message.
 X509Store getAttributeCertificates(java.lang.String type, java.lang.String provider)
          return a X509Store containing the attribute certificates, if any, contained in this message.
 Store getCertificates()
           
 X509Store getCertificates(java.lang.String type, java.security.Provider provider)
          Deprecated. use getCertificates()
 X509Store getCertificates(java.lang.String type, java.lang.String provider)
          Deprecated. use getCertificates()
 java.security.cert.CertStore getCertificatesAndCRLs(java.lang.String type, java.security.Provider provider)
          Deprecated. use getCertificates()
 java.security.cert.CertStore getCertificatesAndCRLs(java.lang.String type, java.lang.String provider)
          Deprecated. use getCertificates()
 Store getCRLs()
           
 X509Store getCRLs(java.lang.String type, java.security.Provider provider)
          Deprecated. use getCRLs()
 X509Store getCRLs(java.lang.String type, java.lang.String provider)
          Deprecated. use getCRLs()
 CMSTypedStream getSignedContent()
           
 java.lang.String getSignedContentTypeOID()
          Return the a string representation of the OID associated with the encapsulated content info structure carried in the signed data.
 SignerInformationStore getSignerInfos()
          return the collection of signers that are associated with the signatures for the message.
 int getVersion()
          Return the version number for the SignedData object
static java.io.OutputStream replaceCertificatesAndCRLs(java.io.InputStream original, java.security.cert.CertStore certsAndCrls, java.io.OutputStream out)
          Deprecated. use method that takes Store objects.
static java.io.OutputStream replaceCertificatesAndCRLs(java.io.InputStream original, Store certs, Store crls, Store attrCerts, java.io.OutputStream out)
          Replace the certificate and CRL information associated with this CMSSignedData object with the new one passed in.
static java.io.OutputStream replaceSigners(java.io.InputStream original, SignerInformationStore signerInformationStore, java.io.OutputStream out)
          Replace the signerinformation store associated with the passed in message contained in the stream original with the new one passed in.
 
Methods inherited from class org.bouncycastle.cms.CMSContentInfoParser
close
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CMSSignedDataParser

public CMSSignedDataParser(byte[] sigBlock)
                    throws CMSException
Throws:
CMSException

CMSSignedDataParser

public CMSSignedDataParser(CMSTypedStream signedContent,
                           byte[] sigBlock)
                    throws CMSException
Throws:
CMSException

CMSSignedDataParser

public CMSSignedDataParser(java.io.InputStream sigData)
                    throws CMSException
base constructor - with encapsulated content

Throws:
CMSException

CMSSignedDataParser

public CMSSignedDataParser(CMSTypedStream signedContent,
                           java.io.InputStream sigData)
                    throws CMSException
base constructor

Parameters:
signedContent - the content that was signed.
sigData - the signature object stream.
Throws:
CMSException
Method Detail

getVersion

public int getVersion()
Return the version number for the SignedData object

Returns:
the version number

getSignerInfos

public SignerInformationStore getSignerInfos()
                                      throws CMSException
return the collection of signers that are associated with the signatures for the message.

Throws:
CMSException

getAttributeCertificates

public X509Store getAttributeCertificates(java.lang.String type,
                                          java.lang.String provider)
                                   throws NoSuchStoreException,
                                          java.security.NoSuchProviderException,
                                          CMSException
return a X509Store containing the attribute certificates, if any, contained in this message.

Parameters:
type - type of store to create
provider - name of provider to use
Returns:
a store of attribute certificates
Throws:
java.security.NoSuchProviderException - if the provider requested isn't available.
org.bouncycastle.x509.NoSuchStoreException - if the store type isn't available.
CMSException - if a general exception prevents creation of the X509Store
NoSuchStoreException

getAttributeCertificates

public X509Store getAttributeCertificates(java.lang.String type,
                                          java.security.Provider provider)
                                   throws NoSuchStoreException,
                                          CMSException
return a X509Store containing the attribute certificates, if any, contained in this message.

Parameters:
type - type of store to create
provider - provider to use
Returns:
a store of attribute certificates
Throws:
org.bouncycastle.x509.NoSuchStoreException - if the store type isn't available.
CMSException - if a general exception prevents creation of the X509Store
NoSuchStoreException

getCertificates

public X509Store getCertificates(java.lang.String type,
                                 java.lang.String provider)
                          throws NoSuchStoreException,
                                 java.security.NoSuchProviderException,
                                 CMSException
Deprecated. use getCertificates()

return a X509Store containing the public key certificates, if any, contained in this message.

Parameters:
type - type of store to create
provider - provider to use
Returns:
a store of public key certificates
Throws:
java.security.NoSuchProviderException - if the provider requested isn't available.
NoSuchStoreException - if the store type isn't available.
CMSException - if a general exception prevents creation of the X509Store

getCertificates

public X509Store getCertificates(java.lang.String type,
                                 java.security.Provider provider)
                          throws NoSuchStoreException,
                                 CMSException
Deprecated. use getCertificates()

return a X509Store containing the public key certificates, if any, contained in this message.

Parameters:
type - type of store to create
provider - provider to use
Returns:
a store of public key certificates
Throws:
NoSuchStoreException - if the store type isn't available.
CMSException - if a general exception prevents creation of the X509Store

getCRLs

public X509Store getCRLs(java.lang.String type,
                         java.lang.String provider)
                  throws NoSuchStoreException,
                         java.security.NoSuchProviderException,
                         CMSException
Deprecated. use getCRLs()

return a X509Store containing CRLs, if any, contained in this message.

Parameters:
type - type of store to create
provider - name of provider to use
Returns:
a store of CRLs
Throws:
java.security.NoSuchProviderException - if the provider requested isn't available.
NoSuchStoreException - if the store type isn't available.
CMSException - if a general exception prevents creation of the X509Store

getCRLs

public X509Store getCRLs(java.lang.String type,
                         java.security.Provider provider)
                  throws NoSuchStoreException,
                         CMSException
Deprecated. use getCRLs()

return a X509Store containing CRLs, if any, contained in this message.

Parameters:
type - type of store to create
provider - provider to use
Returns:
a store of CRLs
Throws:
NoSuchStoreException - if the store type isn't available.
CMSException - if a general exception prevents creation of the X509Store

getCertificatesAndCRLs

public java.security.cert.CertStore getCertificatesAndCRLs(java.lang.String type,
                                                           java.lang.String provider)
                                                    throws java.security.NoSuchAlgorithmException,
                                                           java.security.NoSuchProviderException,
                                                           CMSException
Deprecated. use getCertificates()

return a CertStore containing the certificates and CRLs associated with this message.

Throws:
java.security.NoSuchProviderException - if the provider requested isn't available.
java.security.NoSuchAlgorithmException - if the cert store isn't available.
CMSException - if a general exception prevents creation of the CertStore

getCertificatesAndCRLs

public java.security.cert.CertStore getCertificatesAndCRLs(java.lang.String type,
                                                           java.security.Provider provider)
                                                    throws java.security.NoSuchAlgorithmException,
                                                           java.security.NoSuchProviderException,
                                                           CMSException
Deprecated. use getCertificates()

return a CertStore containing the certificates and CRLs associated with this message.

Throws:
java.security.NoSuchProviderException - if the provider requested isn't available.
java.security.NoSuchAlgorithmException - if the cert store isn't available.
CMSException - if a general exception prevents creation of the CertStore

getCertificates

public Store getCertificates()
                      throws CMSException
Throws:
CMSException

getCRLs

public Store getCRLs()
              throws CMSException
Throws:
CMSException

getAttributeCertificates

public Store getAttributeCertificates()
                               throws CMSException
Throws:
CMSException

getSignedContentTypeOID

public java.lang.String getSignedContentTypeOID()
Return the a string representation of the OID associated with the encapsulated content info structure carried in the signed data.

Returns:
the OID for the content type.

getSignedContent

public CMSTypedStream getSignedContent()

replaceSigners

public static java.io.OutputStream replaceSigners(java.io.InputStream original,
                                                  SignerInformationStore signerInformationStore,
                                                  java.io.OutputStream out)
                                           throws CMSException,
                                                  java.io.IOException
Replace the signerinformation store associated with the passed in message contained in the stream original with the new one passed in. You would probably only want to do this if you wanted to change the unsigned attributes associated with a signer, or perhaps delete one.

The output stream is returned unclosed.

Parameters:
original - the signed data stream to be used as a base.
signerInformationStore - the new signer information store to use.
out - the stream to write the new signed data object to.
Returns:
out.
Throws:
CMSException
java.io.IOException

replaceCertificatesAndCRLs

public static java.io.OutputStream replaceCertificatesAndCRLs(java.io.InputStream original,
                                                              java.security.cert.CertStore certsAndCrls,
                                                              java.io.OutputStream out)
                                                       throws CMSException,
                                                              java.io.IOException
Deprecated. use method that takes Store objects.

Replace the certificate and CRL information associated with this CMSSignedData object with the new one passed in.

The output stream is returned unclosed.

Parameters:
original - the signed data stream to be used as a base.
certsAndCrls - the new certificates and CRLs to be used.
out - the stream to write the new signed data object to.
Returns:
out.
Throws:
CMSException - if there is an error processing the CertStore
java.io.IOException

replaceCertificatesAndCRLs

public static java.io.OutputStream replaceCertificatesAndCRLs(java.io.InputStream original,
                                                              Store certs,
                                                              Store crls,
                                                              Store attrCerts,
                                                              java.io.OutputStream out)
                                                       throws CMSException,
                                                              java.io.IOException
Replace the certificate and CRL information associated with this CMSSignedData object with the new one passed in.

The output stream is returned unclosed.

Parameters:
original - the signed data stream to be used as a base.
certs - new certificates to be used, if any.
crls - new CRLs to be used, if any.
attrCerts - new attribute certificates to be used, if any.
out - the stream to write the new signed data object to.
Returns:
out.
Throws:
CMSException - if there is an error processing the CertStore
java.io.IOException
Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography 1.46
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD