iaik.smime

Class JMailSMimeSigned

java.lang.Object

iaik.cms.SignedDataStream

iaik.smime.SMimeSigned

iaik.smime.JMailSMimeSigned

All Implemented Interfaces:

iaik.asn1.EncodeListener, ContentStream, iaik.utils.EOFListener, java.util.EventListener

public class JMailSMimeSigned
extends SMimeSigned

This class extends class SMimeSigned for ensuring to write the body parts in right order. When writing an explicit signed message, for calculating the hash it is important that the data carrying body part is written before the signature part. Since JavaMail calls any participated writeTo method twice and works with several threads, extra care has been taken to ensure the correct writing order. This class only extends the SMimeSigned class to force the data body part to be written before the signature. This is be done in a separate class because - for use in other applications - the SMimeSigned class should be not responsible on Java Mail parts.

Field Summary

Fields inherited from class iaik.cms.SignedDataStream

blockSize_, certSet_, contentType_, crls_, encapContentInfo_, EXPLICIT, IMPLICIT, inputStream_, mode_, securityProvider_, signerInfos_, thisObject_, version_

Constructor Summary

Constructors

Constructor and Description
JMailSMimeSigned(java.io.InputStream is) Reads a JMailSMimeSigned message from an InputStream.
JMailSMimeSigned(java.io.InputStream is, iaik.asn1.structures.AlgorithmID[] hashAlgorithm) Creates a new JMailSMimeSigned from an InputStream holding the signed data and an algorithm specifying the hash algorithm to use for digesting.
JMailSMimeSigned(java.io.InputStream is, int mode) Creates a JMailSMimeSigned object from an input stream which supplies the data to be signed.

Method Summary

Modifier and Type	Method and Description
byte[]	toByteArray() Returns this JMailSMimeSigned object as DER encoded byte array.
void	writeTo(java.io.OutputStream os) Writes this JMailSMimeSigned object to the supplied output stream.
void	writeTo(java.io.OutputStream os, int blockSize) Writes this JMailSMimeSigned object to the supplied output stream.

Methods inherited from class iaik.smime.SMimeSigned

addSigner, addSigner, addSigner, addSigner, addSigner, addSigner, addSigner, addSigner, addSigner, getMode, toASN1Object, toString, verify, verify

Methods inherited from class iaik.cms.SignedDataStream

addCertificates, addCRLs, addDigestAlgorithm, addSDSEncodeListener, addSignerInfo, clearSignatures, decode, encodeCalled, getAttributeCertificates, getBlockSize, getCertificate, getCertificates, getCertificates, getCertificateSet, getContentType, getCRLs, getDigestAlgorithms, getEncapsulatedContentType, getInputStream, getMessageDigest, getRevocationInfoChoices, getSecurityProvider, getSignedDigest, getSignerInfo, getSignerInfo, getSignerInfoIndex, getSignerInfos, getVersion, getX509Certificates, notifyEOF, removeMessageDigest, removeSignerInfo, setBlockSize, setCertificates, setCertificateSet, setCRLs, setInputStream, setMessageDigest, setRevocationInfoChoices, setSDSEncodeListener, setSecurityProvider, setSignerInfos, toASN1Object, toString, verify, verify, verify

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

JMailSMimeSigned

public JMailSMimeSigned(java.io.InputStream is,
                        int mode)

Creates a JMailSMimeSigned object from an input stream which supplies the data to be signed.

There are two possible modes:

1. IMPLICIT: The message is included in der DER encoding. This means the message can only be read from an S/MIME aware mail client. If the signed message also is encrypted, IMPLICIT may be the better choice.
   The IMPLICIT mode corresponds to the application/pkcs7-mime content type.

2. EXPLICIT: The message is not included in the BER encoding and must be added according to the MIME rules. The DER encoding only contains the signature of the message.
   The EXPLICIT mode corresponds to the multipart/signed content type.

Parameters:

is - a stream supplying the data to sign

mode - IMPLICIT if the message shall be included in the DER encoding, EXPLICIT otherwise

JMailSMimeSigned

public JMailSMimeSigned(java.io.InputStream is,
                        iaik.asn1.structures.AlgorithmID[] hashAlgorithm)
                 throws java.io.IOException

Creates a new JMailSMimeSigned from an InputStream holding the signed data and an algorithm specifying the hash algorithm to use for digesting.

This constructor shall be used to process an already existing EXPLICIT JMailSMimeSigned object. It will setup a DigestInputStream where the signed data is piped through. The new InputStream can be retrieved using the method getInputStream for reading the data and thereby piping it through a digest stream for hash calculation.

For subsequently processing the DER encoded JMailSMimeSigned object, use method decode(InpuStream), e.g.:

 AlgorithmID[] algID = { AlgorithmID.sha256 };
 JMailSMimeSigned signed = new JMailSMimeSigned(data_is, algIDs);
 InputStream dataIs = signed.getInputStream();
 byte[] buf = new byte[2048];
 int r;
 while ((r = dataIs.read(buf)) > 0) {
   // do something useful
 }
 signed.decode(encoded_stream);
 

Parameters:

is - the InputStream holding the raw data supplied by other means, i.e. the first part of a multipart/signed message

hashAlgorithm - the hash algorithm used for digesting the signed data; supplied as array of hash algorithms as required by the parent SignedDataStream class, but actually containing only one digest algorithm identifier for the one and only signer

Throws:

java.io.IOException - if an I/O error occurs or there is no implementation for the specified hash algorithm

JMailSMimeSigned

public JMailSMimeSigned(java.io.InputStream is)
                 throws java.io.IOException

Reads a JMailSMimeSigned message from an InputStream.

Do not use this constructor for supplying the content data to be signed. This constructor may be used by the recipient for parsing an already exisiting JMailSMimeSigned object, supplied as DER encoding from an input stream, that may have been created by means of the writeTo method.

Use the JMailSMimeSigned(InputStream data_is, int mode) constructor for supplying the content data to be signed when creating a JMailSMimeSigned object.

This constructor only shall be used for decoding a JMailSMimeSigned object with included raw data (implicit mode).
To initialize a JMailSMimeSigned object for parsing an explicit message where the raw data is not included, use the JMailSMimeSigned(InputStream is, AlgorithmID[] hashAlgorithms) constructor, and perform the decoding explicitly by calling the decode method.

Parameters:

is - the input stream where the DER encoded message shall be read from

Throws:

java.io.IOException - if an I/O error or parsing problem occurs

Method Detail

toByteArray

public byte[] toByteArray()
                   throws CMSException

Returns this JMailSMimeSigned object as DER encoded byte array.

Returns:

this JMailSMimeSigned object as byte array

Throws:

CMSException - if an error occurs

writeTo

public void writeTo(java.io.OutputStream os)
             throws java.io.IOException

Writes this JMailSMimeSigned object to the supplied output stream. Automatically enforces block encoding with a block size of 2048.

Overrides:

writeTo in class SMimeSigned

Parameters:

os - the output stream to which this JMailSMimeSigned shall be written

Throws:

java.io.IOException - if an error occurs while writing to the stream

writeTo

public void writeTo(java.io.OutputStream os,
                    int blockSize)
             throws java.io.IOException

Writes this JMailSMimeSigned object to the supplied output stream. The blockSize parameter indicates the block size to be used for performimg block encoding.

Overrides:

writeTo in class SMimeSigned

Parameters:

os - the output stream to which this JMailSMimeSigned shall be written

blockSize - the block size for performing block encoding

Throws:

java.io.IOException - if an error occurs while writing to the stream