org.bouncycastle.jce
Class PKCS7SignedData

java.lang.Object
  org.bouncycastle.jce.PKCS7SignedData

All Implemented Interfaces:

PKCSObjectIdentifiers

Deprecated. this class really is obsolete - use the CMS package.

public class PKCS7SignedData
extends java.lang.Object
implements PKCSObjectIdentifiers

Represents a PKCS#7 object - specifically the "Signed Data" type.

How to use it? To verify a signature, do:

 PKCS7SignedData pkcs7 = new PKCS7SignedData(der_bytes);        // Create it
 pkcs7.update(bytes, 0, bytes.length);                          // Update checksum
 boolean verified = pkcs7.verify();                             // Does it add up?

 To sign, do this:
 PKCS7SignedData pkcs7 = new PKCS7SignedData(privKey, certChain, "MD5");
 pkcs7.update(bytes, 0, bytes.length);                          // Update checksum
 pkcs7.sign();                                                  // Create digest

 bytes = pkcs7.getEncoded();                                    // Write it somewhere
 

This class is pretty close to obsolete, for a much better (and more complete) implementation of PKCS7 have a look at the org.bouncycastle.cms package.

Field Summary

private java.util.Collection	certs Deprecated.
private java.util.Collection	crls Deprecated.
private byte[]	digest Deprecated.
private java.lang.String	digestAlgorithm Deprecated.
private java.util.Set	digestalgos Deprecated.
private java.lang.String	digestEncryptionAlgorithm Deprecated.
private java.lang.String	ID_DSA Deprecated.
private java.lang.String	ID_MD2 Deprecated.
private java.lang.String	ID_MD5 Deprecated.
private java.lang.String	ID_PKCS7_DATA Deprecated.
private java.lang.String	ID_PKCS7_SIGNED_DATA Deprecated.
private java.lang.String	ID_RSA Deprecated.
private java.lang.String	ID_SHA1 Deprecated.
private java.security.PrivateKey	privKey Deprecated.
private java.security.Signature	sig Deprecated.
private java.security.cert.X509Certificate	signCert Deprecated.
private int	signerversion Deprecated.
private int	version Deprecated.

Fields inherited from interface org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers

bagtypes, canNotDecryptAny, certBag, crlBag, data, des_EDE3_CBC, dhKeyAgreement, digestedData, encryptedData, encryptionAlgorithm, envelopedData, id_aa, id_aa_commitmentType, id_aa_contentHint, id_aa_contentIdentifier, id_aa_encrypKeyPref, id_aa_otherSigCert, id_aa_receiptRequest, id_aa_signatureTimeStampToken, id_aa_signerLocation, id_aa_signingCertificate, id_aa_sigPolicyId, id_alg_CMS3DESwrap, id_alg_CMSRC2wrap, id_alg_PWRI_KEK, id_ct, id_ct_compressedData, id_ct_TSTInfo, id_cti, id_cti_ets_proofOfApproval, id_cti_ets_proofOfCreation, id_cti_ets_proofOfDelivery, id_cti_ets_proofOfOrigin, id_cti_ets_proofOfReceipt, id_cti_ets_proofOfSender, id_hmacWithSHA1, id_hmacWithSHA224, id_hmacWithSHA256, id_hmacWithSHA384, id_hmacWithSHA512, id_mgf1, id_PBES2, id_PBKDF2, id_pSpecified, id_RSAES_OAEP, id_RSASSA_PSS, keyBag, md2, md2WithRSAEncryption, md4, md4WithRSAEncryption, md5, md5WithRSAEncryption, pbeWithMD2AndDES_CBC, pbeWithMD2AndRC2_CBC, pbeWithMD5AndDES_CBC, pbeWithMD5AndRC2_CBC, pbeWithSHA1AndDES_CBC, pbeWithSHA1AndRC2_CBC, pbeWithSHAAnd128BitRC2_CBC, pbeWithSHAAnd128BitRC4, pbeWithSHAAnd2_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC, pbewithSHAAnd40BitRC2_CBC, pbeWithSHAAnd40BitRC4, pkcs_1, pkcs_12, pkcs_12PbeIds, pkcs_3, pkcs_5, pkcs_7, pkcs_9, pkcs_9_at_challengePassword, pkcs_9_at_contentType, pkcs_9_at_counterSignature, pkcs_9_at_emailAddress, pkcs_9_at_extendedCertificateAttributes, pkcs_9_at_extensionRequest, pkcs_9_at_friendlyName, pkcs_9_at_localKeyId, pkcs_9_at_messageDigest, pkcs_9_at_signingDescription, pkcs_9_at_signingTime, pkcs_9_at_smimeCapabilities, pkcs_9_at_unstructuredAddress, pkcs_9_at_unstructuredName, pkcs8ShroudedKeyBag, preferSignedData, RC2_CBC, rsaEncryption, safeContentsBag, secretBag, sha1WithRSAEncryption, sha224WithRSAEncryption, sha256WithRSAEncryption, sha384WithRSAEncryption, sha512WithRSAEncryption, signedAndEnvelopedData, signedData, sMIMECapabilitiesVersions, srsaOAEPEncryptionSET, x509certType

Constructor Summary

PKCS7SignedData(byte[] in)
Deprecated. Read an existing PKCS#7 object from a DER encoded byte array using the BC provider.

PKCS7SignedData(byte[] in, java.lang.String provider)
Deprecated. Read an existing PKCS#7 object from a DER encoded byte array

PKCS7SignedData(java.security.PrivateKey privKey, java.security.cert.Certificate[] certChain, java.security.cert.CRL[] crlList, java.lang.String hashAlgorithm, java.lang.String provider)
Deprecated. Create a new PKCS#7 object from the specified key.

PKCS7SignedData(java.security.PrivateKey privKey, java.security.cert.Certificate[] certChain, java.lang.String hashAlgorithm)
Deprecated. Create a new PKCS#7 object from the specified key using the BC provider.

PKCS7SignedData(java.security.PrivateKey privKey, java.security.cert.Certificate[] certChain, java.lang.String hashAlgorithm, java.lang.String provider)
Deprecated. Create a new PKCS#7 object from the specified key.

Method Summary

java.security.cert.Certificate[]	getCertificates() Deprecated. Get the X.509 certificates associated with this PKCS#7 object
java.util.Collection	getCRLs() Deprecated. Get the X.509 certificate revocation lists associated with this PKCS#7 object
java.lang.String	getDigestAlgorithm() Deprecated. Get the algorithm used to calculate the message digest
byte[]	getEncoded() Deprecated. return the bytes for the PKCS7SignedData object.
private DERObject	getIssuer(byte[] enc) Deprecated. Get the "issuer" from the TBSCertificate bytes that are passed in
java.security.cert.X509Certificate	getSigningCertificate() Deprecated. Get the X.509 certificate actually used to sign the digest.
int	getSigningInfoVersion() Deprecated. Get the version of the PKCS#7 "SignerInfo" object.
int	getVersion() Deprecated. Get the version of the PKCS#7 object.
void	reset() Deprecated. Resets the PKCS7SignedData object to it's initial state, ready to sign or verify a new buffer.
void	update(byte buf) Deprecated. Update the digest with the specified byte.
void	update(byte[] buf, int off, int len) Deprecated. Update the digest with the specified bytes.
boolean	verify() Deprecated. Verify the digest

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

version

private int version

Deprecated.

signerversion

private int signerversion

Deprecated.

digestalgos

private java.util.Set digestalgos

Deprecated.

certs

private java.util.Collection certs

Deprecated.

crls

private java.util.Collection crls

Deprecated.

signCert

private java.security.cert.X509Certificate signCert

Deprecated.

digest

private byte[] digest

Deprecated.

digestAlgorithm

private java.lang.String digestAlgorithm

Deprecated.

digestEncryptionAlgorithm

private java.lang.String digestEncryptionAlgorithm

Deprecated.

sig

private java.security.Signature sig

Deprecated.

privKey

private transient java.security.PrivateKey privKey

Deprecated.

ID_PKCS7_DATA

private final java.lang.String ID_PKCS7_DATA

Deprecated.

See Also:

Constant Field Values

ID_PKCS7_SIGNED_DATA

private final java.lang.String ID_PKCS7_SIGNED_DATA

Deprecated.

See Also:

Constant Field Values

ID_MD5

private final java.lang.String ID_MD5

Deprecated.

See Also:

Constant Field Values

ID_MD2

private final java.lang.String ID_MD2

Deprecated.

See Also:

Constant Field Values

ID_SHA1

private final java.lang.String ID_SHA1

Deprecated.

See Also:

Constant Field Values

ID_RSA

private final java.lang.String ID_RSA

Deprecated.

See Also:

Constant Field Values

ID_DSA

private final java.lang.String ID_DSA

Deprecated.

See Also:

Constant Field Values

Constructor Detail

PKCS7SignedData

public PKCS7SignedData(byte[] in)
                throws java.lang.SecurityException,
                       java.security.cert.CRLException,
                       java.security.InvalidKeyException,
                       java.security.NoSuchProviderException,
                       java.security.NoSuchAlgorithmException

Deprecated.

Read an existing PKCS#7 object from a DER encoded byte array using the BC provider.

Throws:

java.lang.SecurityException

java.security.cert.CRLException

java.security.InvalidKeyException

java.security.NoSuchProviderException

java.security.NoSuchAlgorithmException

PKCS7SignedData

public PKCS7SignedData(byte[] in,
                       java.lang.String provider)
                throws java.lang.SecurityException,
                       java.security.cert.CRLException,
                       java.security.InvalidKeyException,
                       java.security.NoSuchProviderException,
                       java.security.NoSuchAlgorithmException

Deprecated.

Read an existing PKCS#7 object from a DER encoded byte array

Throws:

java.lang.SecurityException

java.security.cert.CRLException

java.security.InvalidKeyException

java.security.NoSuchProviderException

java.security.NoSuchAlgorithmException

PKCS7SignedData

public PKCS7SignedData(java.security.PrivateKey privKey,
                       java.security.cert.Certificate[] certChain,
                       java.lang.String hashAlgorithm)
                throws java.lang.SecurityException,
                       java.security.InvalidKeyException,
                       java.security.NoSuchProviderException,
                       java.security.NoSuchAlgorithmException

Deprecated.

Create a new PKCS#7 object from the specified key using the BC provider.

Parameters:

privKey - the private key to be used for signing.

certChain - the certificate chain associated with the private key.

hashAlgorithm - the hashing algorithm used to compute the message digest. Must be "MD5", "MD2", "SHA1" or "SHA"

Throws:

java.lang.SecurityException

java.security.InvalidKeyException

java.security.NoSuchProviderException

java.security.NoSuchAlgorithmException

PKCS7SignedData

public PKCS7SignedData(java.security.PrivateKey privKey,
                       java.security.cert.Certificate[] certChain,
                       java.lang.String hashAlgorithm,
                       java.lang.String provider)
                throws java.lang.SecurityException,
                       java.security.InvalidKeyException,
                       java.security.NoSuchProviderException,
                       java.security.NoSuchAlgorithmException

Deprecated.

Create a new PKCS#7 object from the specified key.

Parameters:

privKey - the private key to be used for signing.

certChain - the certificate chain associated with the private key.

hashAlgorithm - the hashing algorithm used to compute the message digest. Must be "MD5", "MD2", "SHA1" or "SHA"

provider - the provider to use.

Throws:

java.lang.SecurityException

java.security.InvalidKeyException

java.security.NoSuchProviderException

java.security.NoSuchAlgorithmException

PKCS7SignedData

public PKCS7SignedData(java.security.PrivateKey privKey,
                       java.security.cert.Certificate[] certChain,
                       java.security.cert.CRL[] crlList,
                       java.lang.String hashAlgorithm,
                       java.lang.String provider)
                throws java.lang.SecurityException,
                       java.security.InvalidKeyException,
                       java.security.NoSuchProviderException,
                       java.security.NoSuchAlgorithmException

Deprecated.

Create a new PKCS#7 object from the specified key.

Parameters:

privKey - the private key to be used for signing.

certChain - the certificate chain associated with the private key.

crlList - the crl list associated with the private key.

hashAlgorithm - the hashing algorithm used to compute the message digest. Must be "MD5", "MD2", "SHA1" or "SHA"

provider - the provider to use.

Throws:

java.lang.SecurityException

java.security.InvalidKeyException

java.security.NoSuchProviderException

java.security.NoSuchAlgorithmException

Method Detail

getDigestAlgorithm

public java.lang.String getDigestAlgorithm()

Deprecated.

Get the algorithm used to calculate the message digest

reset

public void reset()

Deprecated.

Resets the PKCS7SignedData object to it's initial state, ready to sign or verify a new buffer.

getCertificates

public java.security.cert.Certificate[] getCertificates()

Deprecated.

Get the X.509 certificates associated with this PKCS#7 object

getCRLs

public java.util.Collection getCRLs()

Deprecated.

Get the X.509 certificate revocation lists associated with this PKCS#7 object

getSigningCertificate

public java.security.cert.X509Certificate getSigningCertificate()

Deprecated.

Get the X.509 certificate actually used to sign the digest.

getVersion

public int getVersion()

Deprecated.

Get the version of the PKCS#7 object. Always 1

getSigningInfoVersion

public int getSigningInfoVersion()

Deprecated.

Get the version of the PKCS#7 "SignerInfo" object. Always 1

update

public void update(byte buf)
            throws java.security.SignatureException

Deprecated.

Update the digest with the specified byte. This method is used both for signing and verifying

Throws:

java.security.SignatureException

update

public void update(byte[] buf,
                   int off,
                   int len)
            throws java.security.SignatureException

Deprecated.

Update the digest with the specified bytes. This method is used both for signing and verifying

Throws:

java.security.SignatureException

verify

public boolean verify()
               throws java.security.SignatureException

Deprecated.

Verify the digest

Throws:

java.security.SignatureException

getIssuer

private DERObject getIssuer(byte[] enc)

Deprecated.

Get the "issuer" from the TBSCertificate bytes that are passed in

getEncoded

public byte[] getEncoded()

Deprecated.

return the bytes for the PKCS7SignedData object.