public class PKCS7SignedData
extends java.lang.Object
implements mybouncycastle.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers
How to use it? To verify a signature, do:
PKCS7SignedData pkcs7 = new PKCS7SignedData(der_bytes); // Create it pkcs7.update(bytes, 0, bytes.length); // Update checksum boolean verified = pkcs7.verify(); // Does it add up? To sign, do this: PKCS7SignedData pkcs7 = new PKCS7SignedData(privKey, certChain, "MD5"); pkcs7.update(bytes, 0, bytes.length); // Update checksum pkcs7.sign(); // Create digest bytes = pkcs7.getEncoded(); // Write it somewhere
This class is pretty close to obsolete, for a much better (and more complete) implementation of PKCS7 have a look at the org.bouncycastle.cms package.
Modifier and Type | Field and Description |
---|---|
private java.util.Vector |
certs |
private byte[] |
digest |
private java.lang.String |
digestAlgorithm |
private java.util.Hashtable |
digestalgos |
private java.lang.String |
digestEncryptionAlgorithm |
private java.lang.String |
ID_DSA |
private java.lang.String |
ID_MD2 |
private java.lang.String |
ID_MD5 |
private java.lang.String |
ID_RSA |
private java.lang.String |
ID_SHA1 |
private JAPCertificate |
signCert |
private int |
signerversion |
private int |
version |
bagtypes, canNotDecryptAny, certBag, certTypes, crlBag, crlTypes, data, des_EDE3_CBC, dhKeyAgreement, digestedData, encryptedData, encryptionAlgorithm, envelopedData, id_aa, id_aa_asymmDecryptKeyID, id_aa_cmsAlgorithmProtect, id_aa_commitmentType, id_aa_communityIdentifiers, id_aa_contentHint, id_aa_contentIdentifier, id_aa_contentReference, id_aa_decryptKeyID, id_aa_encrypKeyPref, id_aa_ets_archiveTimestamp, id_aa_ets_certCRLTimestamp, id_aa_ets_certificateRefs, id_aa_ets_certValues, id_aa_ets_commitmentType, id_aa_ets_contentTimestamp, id_aa_ets_escTimeStamp, id_aa_ets_otherSigCert, id_aa_ets_revocationRefs, id_aa_ets_revocationValues, id_aa_ets_signerAttr, id_aa_ets_signerLocation, id_aa_ets_sigPolicyId, id_aa_implCompressAlgs, id_aa_implCryptoAlgs, id_aa_msgSigDigest, id_aa_otherSigCert, id_aa_receiptRequest, id_aa_signatureTimeStampToken, id_aa_signerLocation, id_aa_signingCertificate, id_aa_signingCertificateV2, id_aa_sigPolicyId, id_alg, id_alg_AEADChaCha20Poly1305, id_alg_CMS3DESwrap, id_alg_CMSRC2wrap, id_alg_ESDH, id_alg_hkdf_with_sha256, id_alg_hkdf_with_sha384, id_alg_hkdf_with_sha512, id_alg_hss_lms_hashsig, id_alg_PWRI_KEK, id_alg_SSDH, id_ct, id_ct_authData, id_ct_authEnvelopedData, id_ct_compressedData, id_ct_timestampedData, id_ct_TSTInfo, id_cti, id_cti_ets_proofOfApproval, id_cti_ets_proofOfCreation, id_cti_ets_proofOfDelivery, id_cti_ets_proofOfOrigin, id_cti_ets_proofOfReceipt, id_cti_ets_proofOfSender, id_hmacWithSHA1, id_hmacWithSHA224, id_hmacWithSHA256, id_hmacWithSHA384, id_hmacWithSHA512, id_mgf1, id_PBES2, id_PBKDF2, id_pSpecified, id_rsa_KEM, id_RSAES_OAEP, id_RSASSA_PSS, id_smime, id_spq, id_spq_ets_unotice, id_spq_ets_uri, keyBag, md2, md2WithRSAEncryption, md4, md4WithRSAEncryption, md5, md5WithRSAEncryption, pbeWithMD2AndDES_CBC, pbeWithMD2AndRC2_CBC, pbeWithMD5AndDES_CBC, pbeWithMD5AndRC2_CBC, pbeWithSHA1AndDES_CBC, pbeWithSHA1AndRC2_CBC, pbeWithSHAAnd128BitRC2_CBC, pbeWithSHAAnd128BitRC4, pbeWithSHAAnd2_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC, pbewithSHAAnd40BitRC2_CBC, pbeWithSHAAnd40BitRC2_CBC, pbeWithSHAAnd40BitRC4, pkcs_1, pkcs_12, pkcs_12PbeIds, pkcs_3, pkcs_5, pkcs_7, pkcs_9, pkcs_9_at_challengePassword, pkcs_9_at_contentType, pkcs_9_at_counterSignature, pkcs_9_at_emailAddress, pkcs_9_at_extendedCertificateAttributes, pkcs_9_at_extensionRequest, pkcs_9_at_friendlyName, pkcs_9_at_localKeyId, pkcs_9_at_messageDigest, pkcs_9_at_signingDescription, pkcs_9_at_signingTime, pkcs_9_at_smimeCapabilities, pkcs_9_at_unstructuredAddress, pkcs_9_at_unstructuredName, pkcs8ShroudedKeyBag, preferSignedData, RC2_CBC, rc4, rsaEncryption, safeContentsBag, sdsiCertificate, secretBag, sha1WithRSAEncryption, sha224WithRSAEncryption, sha256WithRSAEncryption, sha384WithRSAEncryption, sha512_224WithRSAEncryption, sha512_256WithRSAEncryption, sha512WithRSAEncryption, signedAndEnvelopedData, signedData, sMIMECapabilitiesVersions, srsaOAEPEncryptionSET, x509Certificate, x509certType, x509Crl
Constructor and Description |
---|
PKCS7SignedData(byte[] in)
Read an existing PKCS#7 object from a DER encoded byte array
|
Modifier and Type | Method and Description |
---|---|
JAPCertificate[] |
getCertificates()
Get the X.509 certificates associated with this PKCS#7 object
|
java.lang.String |
getDigestAlgorithm()
Get the algorithm used to calculate the message digest
|
private mybouncycastle.org.bouncycastle.asn1.ASN1Encodable |
getIssuer(byte[] enc)
Get the "issuer" from the TBSCertificate bytes that are passed in
|
JAPCertificate |
getSigningCertificate()
Get the X.509 certificate actually used to sign the digest.
|
int |
getSigningInfoVersion()
Get the version of the PKCS#7 "SignerInfo" object.
|
int |
getVersion()
Get the version of the PKCS#7 object.
|
boolean |
verify(byte[] msg)
Verify the digest
|
private int version
private int signerversion
private java.util.Hashtable digestalgos
private java.util.Vector certs
private JAPCertificate signCert
private byte[] digest
private java.lang.String digestAlgorithm
private java.lang.String digestEncryptionAlgorithm
private final java.lang.String ID_MD5
private final java.lang.String ID_MD2
private final java.lang.String ID_SHA1
private final java.lang.String ID_RSA
private final java.lang.String ID_DSA
public PKCS7SignedData(byte[] in) throws java.lang.SecurityException, java.security.InvalidKeyException, java.security.NoSuchAlgorithmException
java.lang.SecurityException
java.security.InvalidKeyException
java.security.NoSuchAlgorithmException
public java.lang.String getDigestAlgorithm()
public JAPCertificate[] getCertificates()
public JAPCertificate getSigningCertificate()
public int getVersion()
public int getSigningInfoVersion()
public boolean verify(byte[] msg) throws java.security.SignatureException
java.security.SignatureException
private mybouncycastle.org.bouncycastle.asn1.ASN1Encodable getIssuer(byte[] enc)
Copyright © 2023. All rights reserved.