iaik.cms
Class CMSCertList

java.lang.Object
  iaik.cms.CMSCertList

All Implemented Interfaces:

java.io.Serializable

public class CMSCertList
extends java.lang.Object
implements java.io.Serializable

This class implements an application of the CMS standard for dealing with certificate chains in PKCS#7/CMS format as also used by Microsoft Internet Explorer and Mozilla Firefox.

The CMS SignedData content type provides a degenerate case where there are no signers on the content. It is an intended application of this degenerate case to be used for disseminating certificates and/or certificate-revocation lists.

This class provides several constructors and methods for creating a SignedData object only containing a list of X.509 public key (PKC) and/or X.509 attribute certificates, writing the list encoded, e.g. to a file and reading it back from the file.

After creating a new CMSCertList you may add X.509 public key and/or attribute certificates (as instances of iaik.x509.X509Certificate respectively iaik.x509.attr.AttributeCertificate) by either immediately setting the certificates or adding them from a CertificateSet, e.g.:

 // create a CMSCertList for one X.509 PKC and one attribute certificate:
 X509Certificate x509Cert = ...;
 AttributeCertificate attrCert = ...;
 Certificate[] certs = { x509Cert, attrCert };
 CMSCertList certList = new CMSCertList();
 certList.setCertificateList(certs);
 

respectively:

 X509Certificate x509Cert = ...;
 AttributeCertificate attrCert = ...;
 CertifcateSet certSet = new CertificateSet;
 certSet.addCertificate(x509Cert);
 certSet.addCertificate(attrCert);
 CMSCertList certList = new CMSCertList();
 certList.setCertificateList(certSet);
 

Use method setCRLList for adding certificate revocation lists to this CMSCertList, e.g.:

 X509CRL crls = ...;
 cmsCertList.setCRLList(crls);
 

See Also:

SignedData, CertificateSet, X509Certificate, AttributeCertificate, Serialized Form

Constructor Summary

CMSCertList()
Default constructor.

CMSCertList(java.io.InputStream is)
Creates a CMSCertList from an input stream.

Method Summary

iaik.x509.attr.AttributeCertificate[]	getAttributeCertificates() Returns the attribute certificates included in this CMSCertList.
java.security.cert.Certificate[]	getCertificateList() Returns the certificates included in this CMSCertList object.
CertificateSet	getCertificateSet() Returns the certificate set included in this CMSCertList object.
iaik.x509.X509CRL[]	getCRLList() Returns the CRLs included in this CMSCertList object.
iaik.x509.X509Certificate[]	getX509Certificates() Returns the X.509 public key certificates included.
void	setCertificateList(java.security.cert.Certificate[] certificateList) Sets the certificates for this CMS SignedData object.
void	setCertificateList(CertificateSet certificateSet) Sets the certificates for this CMS SignedData object.
void	setCRLList(iaik.x509.X509CRL[] crlList) Sets the CRLs for this CMS SignedData object.
byte[]	toByteArray() Returns this CMSCertList object as DER encoded byte array.
java.lang.String	toString() Returns a string giving some information about the contents of this CMSCertList object.
void	writeTo(java.io.OutputStream os) Writes this CMSCertList DER encoded to the given output stream.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

CMSCertList

public CMSCertList()

Default constructor. Creates an empty CMSCertList object.

Add X.509 public key and/or attribute certificates (as instances of iaik.x509.X509Certificate respectively iaik.x509.attr.AttributeCertificate) by either immediately setting the certificates or adding them from a CertificateSet, e.g.:

 // create a CMSCertList for one X.509 PKCS and one attribute certificate:
 X509Certificate x509Cert = ...;
 AttributeCertificate attrCert = ...;
 Certificate[] certs = { x509Cert, attrCert };
 CMSCertList certList = new CMSCertList();
 certList.setCertificateList(certs);
 

respectively:

 X509Certificate x509Cert = ...;
 AttributeCertificate attrCert = ...;
 CertifcateSet certSet = new CertificateSet;
 certSet.addCertificate(x509Cert);
 certSet.addCertificate(attrCert);
 CMSCertList certList = new CMSCertList();
 certList.setCertificateList(certSet);
 

Use method setCRLList for adding certificate revocation lists to this CMSCertList, e.g.:

 X509CRL crls = ...;
 cmsCertList.setCRLList(crls);
 

CMSCertList

public CMSCertList(java.io.InputStream is)
            throws java.io.IOException,
                   CMSParsingException

Creates a CMSCertList from an input stream.

Parameters:

is - the input stream from where the encoded CMSCertList shall be read

Throws:

java.io.IOException - if the object could not be read

CMSParsingException - if an error occurs while parsing the object; e.g. the encoding is invalid, or PKCS#6 extended certificates (obsolete) are included

Method Detail

getCertificateList

public java.security.cert.Certificate[] getCertificateList()

Returns the certificates included in this CMSCertList object.

The array returned may contain X.509 public key certificates (instances of iaik.x509.X509Certificate and/or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate); PKCS#6 extended certificates are obsolete and therefore not supported.

Returns:

the certificates included in this CMSCertList object, as array of Certificates; or null if no certificates are included

getCertificateSet

public CertificateSet getCertificateSet()

Returns the certificate set included in this CMSCertList object.

The CertificateSet returned may contain X.509 public key certificates (instances of iaik.x509.X509Certificate and/or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate); PKCS#6 extended certificates are obsolete and therefore not supported.

Returns:

the certificates included in this CMSCertList object, as CertificateSet; the set may be empty

getAttributeCertificates

public iaik.x509.attr.AttributeCertificate[] getAttributeCertificates()

Returns the attribute certificates included in this CMSCertList.

Returns:

an array containing all attribute certificates included in this CMSCertList, or null if no attribute certificates are included

getX509Certificates

public iaik.x509.X509Certificate[] getX509Certificates()

Returns the X.509 public key certificates included.

Returns:

the X.509 public key certificates included in this CMSCertList, or null if no X.509 certificates are included

getCRLList

public iaik.x509.X509CRL[] getCRLList()

Returns the CRLs included in this CMSCertList object.

Returns:

the CRLs included in this CMSCertList object, as array of X509CRLs

setCertificateList

public void setCertificateList(java.security.cert.Certificate[] certificateList)

Sets the certificates for this CMS SignedData object.

Parameters:

certificateList - the chain of certificates as array

Throws:

java.lang.IllegalArgumentException - if any of the supplied certificates is not a iaik.x509.X509Certificate or iaik.x509.attr.AttributeCertificate object

setCertificateList

public void setCertificateList(CertificateSet certificateSet)

Sets the certificates for this CMS SignedData object.

Parameters:

certificateSet - the certificates to be set; as CertificateSet

setCRLList

public void setCRLList(iaik.x509.X509CRL[] crlList)

Sets the CRLs for this CMS SignedData object.

Parameters:

crlList - the list of certificates as array

writeTo

public void writeTo(java.io.OutputStream os)
             throws java.io.IOException

Writes this CMSCertList DER encoded to the given output stream.

Parameters:

os - the output stream to which the CMSCertList shall be written

Throws:

java.io.IOException - if an error occurs during writing out the file

toByteArray

public byte[] toByteArray()
                   throws CMSException

Returns this CMSCertList object as DER encoded byte array.

This method DER encodes the ASN.1 representation of this CMS cert list an writes it to a byte array.

Returns:

this CMSCertList object as DER encoded byte array

Throws:

CMSException - if an encoding error occurs

toString

public java.lang.String toString()

Returns a string giving some information about the contents of this CMSCertList object.

Overrides:

toString in class java.lang.Object

Returns:

the string representation