iaik.cms
Class OriginatorInfo

java.lang.Object
  iaik.cms.OriginatorInfo

public class OriginatorInfo
extends java.lang.Object

This class represents the CMS type OriginatorInfo.

The Cryptographic Message Syntax (CMS) (RFC 5652) specifies the OriginatorInfo type to be used within the EnvelopedData or AuthenticatedData type for optionally including certificate and/or crl information of the originator if required by the key management protocol in use:

 OriginatorInfo ::= SEQUENCE {
   certs [0] IMPLICIT CertificateSet OPTIONAL,
   crls [1] IMPLICIT RevocationInfoChoices OPTIONAL }
 

 CertificateSet ::= SET OF CertificateChoices

 CertificateChoices ::= CHOICE {
   certificate Certificate,
   extendedCertificate [0] IMPLICIT ExtendedCertificate, -- Obsolete
   v1AttrCert [1] IMPLICIT AttributeCertificateV1,       -- Obsolete
   v2AttrCert [2] IMPLICIT AttributeCertificateV2,
   other [3] IMPLICIT OtherCertificateFormat }

 OtherCertificateFormat ::= SEQUENCE {
   otherCertFormat OBJECT IDENTIFIER,
   otherCert ANY DEFINED BY otherCertFormat }
 

 RevocationInfoChoices ::= SET OF RevocationInfoChoice

 RevocationInfoChoice ::= CHOICE {
   crl CertificateList,
   other [1] IMPLICIT OtherRevocationInfoFormat }

 OtherRevocationInfoFormat ::= SEQUENCE {
   otherRevInfoFormat OBJECT IDENTIFIER,
   otherRevInfo ANY DEFINED BY otherRevInfoFormat }
 

 

An application may use the empty default constructor for creating an OriginatorInfo object and later add certificates and/or crls as required:

 OriginatorInfo originatorInfo = new OriginatorInfo();
 X509Certificate[] certs = ...;
 X509CRL[] crls = ...;
 originatorInfo.setCertificates(certs);
 originatorInfo.setCRLs(crls);
 

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) or other certificates (instances of iaik.cms.OtherCertificate can be added to an OriginatorInfo object; PKCS#6 extended certificates are obsolete and therefore not supported. Revocation information may be supplied as X.509 crls (instances of iaik.x509.X509CRL or other revocation info (instances of iaik.cms.OtherRevocationInfo).

See Also:

CertificateSet, RevocationInfoChoices

Constructor Summary

OriginatorInfo()
Default constructor.

OriginatorInfo(iaik.asn1.ASN1Object obj)
Creates a new OriginatorInfo from its ASN.1 representation.

OriginatorInfo(java.io.InputStream is)
Creates a new OriginatorInfo from its DER encoding, read from the given InputStream.

Method Summary

boolean	containsCertificates() Looks if any certificates are included in this OriginatorInfo.
boolean	containsCRLs() Looks if any crls (revocation infos) are included in this OriginatorInfo.
void	decode(iaik.asn1.ASN1Object obj) Decodes an OriginatorInfo from its ASN.1 representation.
void	decode(java.io.InputStream is) Reads and decodes the OriginatorInfo from DER encoding.
iaik.x509.attr.AttributeCertificate[]	getAttributeCertificates() Returns the attribute certificates included in this OriginatorInfo.
iaik.x509.X509Certificate	getCertificate(CertificateIdentifier certificateIdentifier) Tries to find the originator X.509 certificate specified by the given CertificateIdentidier.
java.security.cert.Certificate[]	getCertificates() Returns all certificates included.
CertificateSet	getCertificateSet() Gets the certificateSet holding all certificates included in this OriginatorInfo.
iaik.x509.X509CRL[]	getCRLs() Returns all the X.509 cerificate-revocation lists included in this OriginatorInfo object.
OtherCertificate[]	getOtherCertificates() Returns the other certificates included in this OriginatorInfo.
OtherRevocationInfo[]	getOtherRevocationInfos() Returns all the other cerificate-revocation infos included in this OriginatorInfo object.
RevocationInfoChoices	getRevocationInfoChoices() Gets the crls (RevocationInfoChoices) included in this OriginatorInfo.
iaik.x509.X509Certificate[]	getX509Certificates() Returns the X.509 public key certificates included.
boolean	isEmpty() Looks if this OriginatorInfo is empty.
void	setCertificates(java.security.cert.Certificate[] certificates) Sets the originator certificates.
void	setCertificateSet(CertificateSet certSet) Sets the certificateSet to be included.
void	setCRLs(iaik.x509.X509CRL[] crls) Sets a set of cerificate-revocation lists.
void	setRevocationInfoChoices(RevocationInfoChoices crls) Sets the crls (RevocationInfoChoices) to be included.
iaik.asn1.ASN1Object	toASN1Object() Returns this OriginatorInfo as ASN1Object.
java.lang.String	toString() Returns a string giving some information about this OriginatorInfo object.
void	writeTo(java.io.OutputStream os) DER encodes and writes this object to the supplied output stream.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

OriginatorInfo

public OriginatorInfo()

Default constructor.

Creates an empty OriginatorInfo object. Certificates and/or revocation lists may be added by calling method setCertificates or setCertificateSet and/or setCRLs or setRevocationInfoChoices as required, e.g.:

 OriginatorInfo originatorInfo = new OriginatorInfo();
 X509Certificate[] certs = ...;
 X509CRL[] crls = ...;
 originatorInfo.setCertificates(certs);
 originatorInfo.setCRLs(crls);
 

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) or other certificates (instances of iaik.cms.OtherCertificate can be added to an OriginatorInfo object; PKCS#6 extended certificates are obsolete and therefore not supported. Revocation information may be added as X.509 crls (instances of iaik.x509.X509CRL or other revocation info (instances of iaik.cms.OtherRevocationInfo).

OriginatorInfo

public OriginatorInfo(java.io.InputStream is)
               throws CMSParsingException,
                      java.io.IOException

Creates a new OriginatorInfo from its DER encoding, read from the given InputStream.

Parameters:

is - the InputStream holding a DER encoded CMS OriginatorInfo object

Throws:

java.io.IOException - if an I/O error occurs during reading from the InputStream

CMSParsingException - if an error occurs while parsing the object

OriginatorInfo

public OriginatorInfo(iaik.asn1.ASN1Object obj)
               throws CMSParsingException

Creates a new OriginatorInfo from its ASN.1 representation.

Parameters:

obj - the OriginatorInfo as ASN1Object

Throws:

CMSParsingException - if an error occurs while parsing the object

Method Detail

decode

public void decode(java.io.InputStream is)
            throws java.io.IOException,
                   CMSParsingException

Reads and decodes the OriginatorInfo from DER encoding.

Parameters:

is - the InputStream holding a DER encoded CMS OriginatorInfo object

Throws:

java.io.IOException - if an I/O error occurs during reading from the InputStream

CMSParsingException - if an error occurs while parsing the object

decode

public void decode(iaik.asn1.ASN1Object obj)
            throws CMSParsingException

Decodes an OriginatorInfo from its ASN.1 representation.

Parameters:

obj - the OriginatorInfo as ASN1Object

Throws:

CMSParsingException - if an error occurs while parsing the object

setCertificates

public void setCertificates(java.security.cert.Certificate[] certificates)

Sets the originator certificates.

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) or other certificates (instances of iaik.cms.OtherCertificate can be added to an OriginatorInfo object; PKCS#6 extended certificates are obsolete and therefore not supported.

Parameters:

certificates - the certificates to be set

Throws:

java.lang.IllegalArgumentException - if any of the supplied certificates is not a iaik.x509.X509Certificate or iaik.x509.attr.AttributeCertificate or iaik.cms.OtherCertificate object

setCertificateSet

public void setCertificateSet(CertificateSet certSet)

Sets the certificateSet to be included. This method provides an alternative way to set the certificates by immediately supplying a CertificateSet that may hold any number of X.509 public key and/or attribute certificates.
Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) or other certificates (instances of iaik.cms.OtherCertificate can be added to an OriginatorInfo object; PKCS#6 extended certificates are obsolete and therefore not supported.

Parameters:

certSet - the certificate set to be added

setRevocationInfoChoices

public void setRevocationInfoChoices(RevocationInfoChoices crls)

Sets the crls (RevocationInfoChoices) to be included. This method provides an alternative way to set the crls by immediately supplying a RevocationInfoChoices set that may hold any number of X.509 or other crls.
Attention! Only X.509 crls (instances of iaik.x509.X509CRL) or other revocation infos (instances of iaik.cms.OtherRevocationInfo) can be included in the given RevocationInfoChoices set.

Parameters:

crls - the RevocationInfoChoices to be set

Throws:

java.lang.IllegalArgumentException - if any of the supplied revocation infos is not a iaik.x509.X509CRL or iaik.cms.OtherRevocationInfo object

setCRLs

public void setCRLs(iaik.x509.X509CRL[] crls)

Sets a set of cerificate-revocation lists.

The given CRLs supply information about the revocation status of the certificates specified in the certs field.

Parameters:

crls - a set of cerificate-revocation lists as array of X509CRLs

getCertificates

public java.security.cert.Certificate[] getCertificates()

Returns all certificates included.

Any certificate returned by this method either may be an X.509 public key certificate (iaik.x509.X509Certificate) or an X.509 attribute certificate (iaik.x509.attr.AttributeCertificate) or an other certificate (iaik.cms.OtherCertificate); PKCS#6 extended certificates are obsolete and therefore not supported.

Returns:

all certificates included; the array may be empty if no certificates are included

getX509Certificates

public iaik.x509.X509Certificate[] getX509Certificates()

Returns the X.509 public key certificates included.

Returns:

the X.509 public key certificates; the array may be empty if no X.509 certificates are included

getAttributeCertificates

public iaik.x509.attr.AttributeCertificate[] getAttributeCertificates()

Returns the attribute certificates included in this OriginatorInfo.

Returns:

an array containing all attribute certificates included in this OriginatorInfo; the array may be empty if no attribute certificates are included

getOtherCertificates

public OtherCertificate[] getOtherCertificates()

Returns the other certificates included in this OriginatorInfo.

Returns:

an array containing all other certificates included in this OriginatorInfo; the array may be empty if no other certificates are included

getCertificateSet

public CertificateSet getCertificateSet()

Gets the certificateSet holding all certificates included in this OriginatorInfo. This method never returns null, however the retrieved certificateSet maybe empty. If not empty, the CertificateSet returned may contain X.509 public key certificates (iaik.x509.X509Certificate objects) and/or or an X.509 attribute certificates (iaik.x509.attr.AttributeCertificate objects) and/or other certificates (iaik.cms.OtherCertificate objects); PKCS#6 extended certificates are obsolete and therefore not supported.

Returns:

the certificateSet holding the certificates of this OriginatorInfo

getCertificate

public iaik.x509.X509Certificate getCertificate(CertificateIdentifier certificateIdentifier)
                                         throws CMSException

Tries to find the originator X.509 certificate specified by the given CertificateIdentidier.

This method searches the certificates field of this OriginatorInfo for a certificate identified by the given CertificateIdentifier.

Parameters:

certificateIdentifier - the certificate identifier

Returns:

the X509Certificate belonging to the given CertificateIdentifier, if included; otherwise a CMSException is thrown

Throws:

CMSException - if the requested certificate cannot be found

getCRLs

public iaik.x509.X509CRL[] getCRLs()

Returns all the X.509 cerificate-revocation lists included in this OriginatorInfo object.

Returns:

an array containing the X.509 cerificate-revocation lists included into this OriginatorInfo object; the array may be empty if no X.509 crls are included

getOtherRevocationInfos

public OtherRevocationInfo[] getOtherRevocationInfos()

Returns all the other cerificate-revocation infos included in this OriginatorInfo object.

Returns:

an array containing the other cerificate-revocation infos included into this OriginatorInfo object; the array may be empty if no other revocation infos are included

getRevocationInfoChoices

public RevocationInfoChoices getRevocationInfoChoices()

Gets the crls (RevocationInfoChoices) included in this OriginatorInfo. This method never returns null, however the retrieved RevocationInfoChoices maybe empty. If not empty, the RevocationInfoChoices returned may contain X.509 crls (iaik.x509.X509CRL objects) and/or or other crls (iaik.cms.OtherRevocationInfo objects);

Returns:

the RevocationInfoChoices holding the crls of this OriginatorInfo

containsCertificates

public boolean containsCertificates()

Looks if any certificates are included in this OriginatorInfo.

Returns:

true if certificates are included, false if not

containsCRLs

public boolean containsCRLs()

Looks if any crls (revocation infos) are included in this OriginatorInfo.

Returns:

true if crls are included, false if not

isEmpty

public boolean isEmpty()

Looks if this OriginatorInfo is empty.

Returns:

true if there are no certificates and no crls inlcuded, false otherwise

toASN1Object

public iaik.asn1.ASN1Object toASN1Object()
                                  throws CMSException

Returns this OriginatorInfo as ASN1Object.

Returns:

this OriginatorInfo as ASN1Object

Throws:

CMSException - if the ASN1Object could not be created

writeTo

public void writeTo(java.io.OutputStream os)
             throws java.io.IOException

DER encodes and writes this object to the supplied output stream.

Parameters:

os - the output stream to which this OriginatorInfo shall be encoded

Throws:

java.io.IOException - if an error occurs when writing to the stream

toString

public java.lang.String toString()

Returns a string giving some information about this OriginatorInfo object.

Overrides:

toString in class java.lang.Object

Returns:

the string representation