public class SODFile extends AbstractTaggedLDSFile
EF_COM_TAG, EF_DG1_TAG, EF_DG10_TAG, EF_DG11_TAG, EF_DG12_TAG, EF_DG13_TAG, EF_DG14_TAG, EF_DG15_TAG, EF_DG16_TAG, EF_DG2_TAG, EF_DG3_TAG, EF_DG4_TAG, EF_DG5_TAG, EF_DG6_TAG, EF_DG7_TAG, EF_DG8_TAG, EF_DG9_TAG, EF_SOD_TAG
Constructor and Description |
---|
SODFile(InputStream inputStream)
Constructs a Security Object data structure.
|
SODFile(String digestAlgorithm,
String digestEncryptionAlgorithm,
Map<Integer,byte[]> dataGroupHashes,
byte[] encryptedDigest,
X509Certificate docSigningCertificate)
Constructs a Security Object data structure.
|
SODFile(String digestAlgorithm,
String digestEncryptionAlgorithm,
Map<Integer,byte[]> dataGroupHashes,
PrivateKey privateKey,
X509Certificate docSigningCertificate)
Constructs a Security Object data structure.
|
SODFile(String digestAlgorithm,
String digestEncryptionAlgorithm,
Map<Integer,byte[]> dataGroupHashes,
PrivateKey privateKey,
X509Certificate docSigningCertificate,
String provider)
Constructs a Security Object data structure using a specified signature provider.
|
SODFile(String digestAlgorithm,
String digestEncryptionAlgorithm,
Map<Integer,byte[]> dataGroupHashes,
PrivateKey privateKey,
X509Certificate docSigningCertificate,
String provider,
String ldsVersion,
String unicodeVersion)
Constructs a Security Object data structure using a specified signature provider.
|
Modifier and Type | Method and Description |
---|---|
boolean |
equals(Object obj) |
Map<Integer,byte[]> |
getDataGroupHashes()
Returns the stored data group hashes indexed by data group number.
|
String |
getDigestAlgorithm()
Returns the name of the algorithm used in the data group hashes.
|
String |
getDigestEncryptionAlgorithm()
Returns the name of the digest encryption algorithm used in the signature.
|
AlgorithmParameterSpec |
getDigestEncryptionAlgorithmParams()
Returns the parameters of the digest encryption (signature) algorithm.
|
X509Certificate |
getDocSigningCertificate()
Returns the embedded document signing certificate (if present) or
null if not present. |
List<X509Certificate> |
getDocSigningCertificates()
Returns any embedded (document signing) certificates.
|
byte[] |
getEContent()
Returns the encoded contents of the signed data over which the
signature is to be computed.
|
byte[] |
getEncoded()
Returns the contents of this file as byte array,
includes the ICAO tag and length.
|
byte[] |
getEncryptedDigest()
Returns the signature (the encrypted digest) over the hashes.
|
X500Principal |
getIssuerX500Principal()
Returns the issuer name of the document signing certificate
as it appears in the signer-info in the signed-data structure
This returns
null when the signer is identified through
subject-key-identifier instead. |
String |
getLDSVersion()
Returns the version of the LDS if stored in the Security Object (SOd).
|
BigInteger |
getSerialNumber()
Returns the serial number as it appears in the signer-info in the
signed-data structure.
|
String |
getSignerInfoDigestAlgorithm()
Returns the name of the digest algorithm used in the signature.
|
byte[] |
getSubjectKeyIdentifier()
Returns the signer's subject-key-identifier as it appears in the signer-info
in the signed-data structure.
|
String |
getUnicodeVersion()
Returns the version of unicode if stored in the Security Object (SOd).
|
int |
hashCode() |
protected void |
readContent(InputStream inputStream)
Reads the contents of the data group from an input stream.
|
String |
toString()
Returns a textual representation of this file.
|
protected void |
writeContent(OutputStream outputStream)
Writes the contents of the data group to an output stream.
|
getLength, getTag, readObject, writeObject
public SODFile(String digestAlgorithm, String digestEncryptionAlgorithm, Map<Integer,byte[]> dataGroupHashes, PrivateKey privateKey, X509Certificate docSigningCertificate) throws GeneralSecurityException
digestAlgorithm
- a digest algorithm, such as "SHA1" or "SHA256"digestEncryptionAlgorithm
- a digest encryption algorithm, such as "SHA256withRSA"dataGroupHashes
- maps datagroup numbers (1 to 16) to hashes of the data groupsprivateKey
- private key to sign the datadocSigningCertificate
- the document signing certificateGeneralSecurityException
- if either of the algorithm parameters is not recognized, or if the document signing certificate cannot be usedpublic SODFile(String digestAlgorithm, String digestEncryptionAlgorithm, Map<Integer,byte[]> dataGroupHashes, PrivateKey privateKey, X509Certificate docSigningCertificate, String provider) throws GeneralSecurityException
digestAlgorithm
- a digest algorithm, such as "SHA-1" or "SHA-256"digestEncryptionAlgorithm
- a digest encryption algorithm, such as "SHA256withRSA"dataGroupHashes
- maps datagroup numbers (1 to 16) to hashes of the data groupsprivateKey
- private key to sign the contentsdocSigningCertificate
- the document signing certificate to embedprovider
- specific signature provider that should be used to create the signatureGeneralSecurityException
- if either of the algorithm parameters is not recognized, or if the document signing certificate cannot be usedpublic SODFile(String digestAlgorithm, String digestEncryptionAlgorithm, Map<Integer,byte[]> dataGroupHashes, PrivateKey privateKey, X509Certificate docSigningCertificate, String provider, String ldsVersion, String unicodeVersion) throws GeneralSecurityException
digestAlgorithm
- a digest algorithm, such as "SHA-1" or "SHA-256"digestEncryptionAlgorithm
- a digest encryption algorithm, such as "SHA256withRSA"dataGroupHashes
- maps datagroup numbers (1 to 16) to hashes of the data groupsprivateKey
- private key to sign the datadocSigningCertificate
- the document signing certificateprovider
- specific signature provider that should be used to create the signatureldsVersion
- LDS versionunicodeVersion
- Unicode versionGeneralSecurityException
- if either of the algorithm parameters is not recognized, or if the document signing certificate cannot be usedpublic SODFile(String digestAlgorithm, String digestEncryptionAlgorithm, Map<Integer,byte[]> dataGroupHashes, byte[] encryptedDigest, X509Certificate docSigningCertificate) throws GeneralSecurityException
digestAlgorithm
- a digest algorithm, such as "SHA-1" or "SHA-256"digestEncryptionAlgorithm
- a digest encryption algorithm, such as "SHA256withRSA"dataGroupHashes
- maps datagroup numbers (1 to 16) to hashes of the data groupsencryptedDigest
- externally signed contentsdocSigningCertificate
- the document signing certificateGeneralSecurityException
- if either of the algorithm parameters is not recognized, or if the document signing certificate cannot be usedpublic SODFile(InputStream inputStream) throws IOException
inputStream
- some inputstreamIOException
- if something goes wrongprotected void readContent(InputStream inputStream) throws IOException
AbstractTaggedLDSFile
readContent
in class AbstractTaggedLDSFile
inputStream
- the input stream to read fromIOException
- on error reading from input streamprotected void writeContent(OutputStream outputStream) throws IOException
AbstractTaggedLDSFile
writeContent
in class AbstractTaggedLDSFile
outputStream
- the output stream to write toIOException
- on error writing to output streampublic Map<Integer,byte[]> getDataGroupHashes()
public byte[] getEncryptedDigest()
public AlgorithmParameterSpec getDigestEncryptionAlgorithmParams()
"RSASSA/PSS"
this includes the hash algorithm
and the salt length.public byte[] getEContent() throws SignatureException
SignatureException
- if the contents do not check outpublic String getDigestAlgorithm()
public String getSignerInfoDigestAlgorithm()
public String getDigestEncryptionAlgorithm()
public String getLDSVersion()
public String getUnicodeVersion()
public List<X509Certificate> getDocSigningCertificates()
public X509Certificate getDocSigningCertificate()
null
if not present.
Use this certificate to verify that eSignature is a valid
signature for eContent. This certificate itself is signed
using the country signing certificate.public X500Principal getIssuerX500Principal()
null
when the signer is identified through
subject-key-identifier instead.null
if not presentpublic BigInteger getSerialNumber()
null
when the signer is identified through
subject-key-identifier instead.null
if not presentpublic byte[] getSubjectKeyIdentifier()
null
when the signer is identified through
issuer name and serial instead.null
if not presentpublic String toString()
toString
in class AbstractTaggedLDSFile
public byte[] getEncoded()
getEncoded
in interface LDSElement
Copyright © 2020. All rights reserved.