public class CMSCertList
extends java.lang.Object
implements java.io.Serializable
The CMS SignedData
content type provides a degenerate case
where there are no signers on the content. It is an intended application of
this degenerate case to be used for disseminating certificates and/or
certificate-revocation lists.
This class provides several constructors and methods for creating a
SignedData
object only containing a list of X.509 public
key (PKC) and/or X.509 attribute certificates, writing the list encoded, e.g.
to a file and reading it back from the file.
After creating
a new CMSCertList you may add
X.509 public key and/or attribute certificates (as instances of
iaik.x509.X509Certificate
respectively
iaik.x509.attr.AttributeCertificate
) by either
immediately setting
the
certificates or adding
them from a CertificateSet
, e.g.:
// create a CMSCertList for one X.509 PKC and one attribute certificate: X509Certificate x509Cert = ...; AttributeCertificate attrCert = ...; Certificate[] certs = { x509Cert, attrCert }; CMSCertList certList = new CMSCertList(); certList.setCertificateList(certs);respectively:
X509Certificate x509Cert = ...; AttributeCertificate attrCert = ...; CertifcateSet certSet = new CertificateSet; certSet.addCertificate(x509Cert); certSet.addCertificate(attrCert); CMSCertList certList = new CMSCertList(); certList.setCertificateList(certSet);Use method
setCRLList
for
adding certificate revocation lists to this CMSCertList, e.g.:
X509CRL crls = ...; cmsCertList.setCRLList(crls);
SignedData
,
CertificateSet
,
X509Certificate
,
AttributeCertificate
,
Serialized FormConstructor and Description |
---|
CMSCertList()
Default constructor.
|
CMSCertList(java.io.InputStream is)
Creates a
CMSCertList from an input stream. |
Modifier and Type | Method and Description |
---|---|
iaik.x509.attr.AttributeCertificate[] |
getAttributeCertificates()
Returns the attribute certificates included in this CMSCertList.
|
java.security.cert.Certificate[] |
getCertificateList()
Returns the certificates included in this CMSCertList object.
|
CertificateSet |
getCertificateSet()
Returns the certificate set included in this CMSCertList object.
|
iaik.x509.X509CRL[] |
getCRLList()
Returns the CRLs included in this CMSCertList object.
|
iaik.x509.X509Certificate[] |
getX509Certificates()
Returns the X.509 public key certificates included.
|
void |
setCertificateList(java.security.cert.Certificate[] certificateList)
Sets the certificates for this CMS SignedData object.
|
void |
setCertificateList(CertificateSet certificateSet)
Sets the certificates for this CMS SignedData object.
|
void |
setCRLList(iaik.x509.X509CRL[] crlList)
Sets the CRLs for this CMS SignedData object.
|
byte[] |
toByteArray()
Returns this
CMSCertList object as DER encoded byte array. |
java.lang.String |
toString()
Returns a string giving some information about the contents of this
CMSCertList object. |
void |
writeTo(java.io.OutputStream os)
Writes this CMSCertList DER encoded to the given output stream.
|
public CMSCertList()
CMSCertList
object.
Add X.509 public key and/or attribute certificates (as instances of
iaik.x509.X509Certificate
respectively
iaik.x509.attr.AttributeCertificate
) by either
immediately setting
the
certificates or adding
them from a CertificateSet
, e.g.:
// create a CMSCertList for one X.509 PKCS and one attribute certificate: X509Certificate x509Cert = ...; AttributeCertificate attrCert = ...; Certificate[] certs = { x509Cert, attrCert }; CMSCertList certList = new CMSCertList(); certList.setCertificateList(certs);respectively:
X509Certificate x509Cert = ...; AttributeCertificate attrCert = ...; CertifcateSet certSet = new CertificateSet; certSet.addCertificate(x509Cert); certSet.addCertificate(attrCert); CMSCertList certList = new CMSCertList(); certList.setCertificateList(certSet);Use method
setCRLList
for
adding certificate revocation lists to this CMSCertList, e.g.:
X509CRL crls = ...; cmsCertList.setCRLList(crls);
public CMSCertList(java.io.InputStream is) throws java.io.IOException, CMSParsingException
CMSCertList
from an input stream.
is
- the input stream from where the encoded CMSCertList shall be readjava.io.IOException
- if the object could not be readCMSParsingException
- if an error occurs while parsing the object;
e.g. the encoding is invalid, or PKCS#6 extended certificates
(obsolete) are includedpublic java.security.cert.Certificate[] getCertificateList()
The array returned may contain X.509 public key certificates (instances
of iaik.x509.X509Certificate
and/or X.509 attribute
certificates (instances of iaik.x509.attr.AttributeCertificate
);
PKCS#6 extended certificates are obsolete and therefore not supported.
CMSCertList
object, as array of Certificates; or null
if no
certificates are includedpublic CertificateSet getCertificateSet()
The CertificateSet returned may contain X.509 public key certificates (instances
of iaik.x509.X509Certificate
and/or X.509 attribute
certificates (instances of iaik.x509.attr.AttributeCertificate
);
PKCS#6 extended certificates are obsolete and therefore not supported.
CMSCertList
object, as CertificateSet; the set may be emptypublic iaik.x509.attr.AttributeCertificate[] getAttributeCertificates()
null
if no attribute certificates are
includedpublic iaik.x509.X509Certificate[] getX509Certificates()
null
if no X.509 certificates are includedpublic iaik.x509.X509CRL[] getCRLList()
CMSCertList
object, as array of X509CRLspublic void setCertificateList(java.security.cert.Certificate[] certificateList)
certificateList
- the chain of certificates as arrayjava.lang.IllegalArgumentException
- if any of the supplied certificates
is not a iaik.x509.X509Certificate
or
iaik.x509.attr.AttributeCertificate
objectpublic void setCertificateList(CertificateSet certificateSet)
certificateSet
- the certificates to be set; as CertificateSet
public void setCRLList(iaik.x509.X509CRL[] crlList)
crlList
- the list of certificates as arraypublic void writeTo(java.io.OutputStream os) throws java.io.IOException
os
- the output stream to which the CMSCertList shall
be writtenjava.io.IOException
- if an error occurs during writing out the filepublic byte[] toByteArray() throws CMSException
CMSCertList
object as DER encoded byte array.
This method DER encodes the ASN.1 representation of this CMS cert list an writes it to a byte array.
CMSCertList
object as DER encoded byte arrayCMSException
- if an encoding error occurspublic java.lang.String toString()
CMSCertList
object.toString
in class java.lang.Object