Class PKCS7


  • public class PKCS7
    extends java.lang.Object
    PKCS7 as defined in RSA Laboratories PKCS7 Technical Note. Profile Supports only SignedData ContentInfo type, where to the type of data signed is plain Data. For signedData, crls, attributes and PKCS#6 Extended Certificates are not supported.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String FOOTER  
      static java.lang.String HEADER  
    • Constructor Summary

      Constructors 
      Constructor Description
      PKCS7​(byte[] bytes)
      Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes.
      PKCS7​(java.io.InputStream in)
      Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the InputStream.
      PKCS7​(java.lang.String input)
      Unmarshals a PKCS7 block from PEM format.
      PKCS7​(java.security.cert.X509Certificate[] certs)
      Construct PKCS7 from an array of certificates.
      PKCS7​(DerInputStream derin)
      Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the DerInputStream.
      PKCS7​(AlgorithmId[] digestAlgorithmIds, ContentInfo contentInfo, java.security.cert.X509Certificate[] certificates, SignerInfo[] signerInfos)
      Construct an initialized PKCS7 block.
    • Constructor Detail

      • PKCS7

        public PKCS7​(java.io.InputStream in)
              throws ParsingException,
                     java.io.IOException
        Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the InputStream.
        Parameters:
        in - an input stream holding at least one PKCS7 block.
        Throws:
        ParsingException - on parsing errors.
        java.io.IOException - on other errors.
      • PKCS7

        public PKCS7​(DerInputStream derin)
              throws ParsingException
        Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes from the DerInputStream.
        Parameters:
        derin - a DerInputStream holding at least one PKCS7 block.
        Throws:
        ParsingException - on parsing errors.
      • PKCS7

        public PKCS7​(byte[] bytes)
              throws ParsingException
        Unmarshals a PKCS7 block from its encoded form, parsing the encoded bytes.
        Parameters:
        bytes - the encoded bytes.
        Throws:
        ParsingException - on parsing errors.
      • PKCS7

        public PKCS7​(java.lang.String input)
              throws ParsingException,
                     java.io.IOException
        Unmarshals a PKCS7 block from PEM format.
        Parameters:
        input - the PKCS7 block in PEM format.
        Throws:
        ParsingException - on parsing errors.
        java.io.IOException
      • PKCS7

        public PKCS7​(AlgorithmId[] digestAlgorithmIds,
                     ContentInfo contentInfo,
                     java.security.cert.X509Certificate[] certificates,
                     SignerInfo[] signerInfos)
        Construct an initialized PKCS7 block.
        Parameters:
        digestAlgorithmIds - the message digest algorithm identifiers.
        contentInfo - the content information.
        certificates - an array of X.509 certificates.
        signerInfos - an array of signer information.
      • PKCS7

        public PKCS7​(java.security.cert.X509Certificate[] certs)
        Construct PKCS7 from an array of certificates.
        Parameters:
        certs - Array of certificates.
    • Method Detail

      • encodeSignedData

        public void encodeSignedData​(java.io.OutputStream out)
                              throws java.io.IOException
        Encodes the signed data to an output stream.
        Parameters:
        out - the output stream to write the encoded data to.
        Throws:
        java.io.IOException - on encoding errors.
      • encodeSignedData

        public void encodeSignedData​(java.io.OutputStream out,
                                     boolean sort)
                              throws java.io.IOException
        Like method above but not sorted.
        Throws:
        java.io.IOException
      • encodeSignedData

        public void encodeSignedData​(DerOutputStream out)
                              throws java.io.IOException
        encode signed data, sort certs by default.
        Throws:
        java.io.IOException
      • encodeSignedData

        public void encodeSignedData​(DerOutputStream out,
                                     boolean sort)
                              throws java.io.IOException
        Encodes the signed data to a DerOutputStream.
        Parameters:
        out - the DerOutputStream to write the encoded data to.
        Throws:
        java.io.IOException - on encoding errors.
      • verify

        public SignerInfo verify​(SignerInfo info,
                                 byte[] bytes)
                          throws java.security.NoSuchAlgorithmException,
                                 java.security.SignatureException
        This verifies a given SignerInfo.
        Parameters:
        info - the signer information.
        bytes - the DER encoded content information.
        Throws:
        java.security.NoSuchAlgorithmException - on unrecognized algorithms.
        java.security.SignatureException - on signature handling errors.
      • verify

        public SignerInfo[] verify​(byte[] bytes)
                            throws java.security.NoSuchAlgorithmException,
                                   java.security.SignatureException
        Returns all signerInfos which self-verify.
        Parameters:
        bytes - the DER encoded content information.
        Throws:
        java.security.NoSuchAlgorithmException - on unrecognized algorithms.
        java.security.SignatureException - on signature handling errors.
      • verify

        public SignerInfo[] verify()
                            throws java.security.NoSuchAlgorithmException,
                                   java.security.SignatureException
        Returns all signerInfos which self-verify.
        Throws:
        java.security.NoSuchAlgorithmException - on unrecognized algorithms.
        java.security.SignatureException - on signature handling errors.
      • getVersion

        public BigInt getVersion()
        Returns the version number of this PKCS7 block.
      • getDigestAlgorithmIds

        public AlgorithmId[] getDigestAlgorithmIds()
        Returns the message digest algorithms specified in this PKCS7 block.
      • getContentInfo

        public ContentInfo getContentInfo()
        Returns the content information specified in this PKCS7 block.
      • getCertificates

        public java.security.cert.X509Certificate[] getCertificates()
        Returns the X.509 certificates listed in this PKCS7 block.
      • getSignerInfos

        public SignerInfo[] getSignerInfos()
        Returns the signer's information specified in this PKCS7 block.
      • getCertificate

        public java.security.cert.X509Certificate getCertificate​(BigInt serial,
                                                                 X500Name name)
        Returns the X.509 certificate listed in this PKCS7 block which has a matching serial number and Issuer name, or null if one is not found.
        Parameters:
        serial - the serial number of the certificate to retrieve.
        name - the Distinguished Name of the Issuer.
      • getBytes

        public byte[] getBytes()
                        throws java.io.IOException
        Throws:
        java.io.IOException
      • toPEMString

        public java.lang.String toPEMString()
                                     throws java.io.IOException
        Throws:
        java.io.IOException
      • toString

        public java.lang.String toString()
        Returns the PKCS7 block in a printable string form.
        Overrides:
        toString in class java.lang.Object