iaik.smime
Class SMimeUtil

java.lang.Object
  iaik.smime.SMimeUtil

public class SMimeUtil
extends java.lang.Object

This class provides some utilties.

Method Summary

static Attribute[]	createStandardAttributes() Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.
static Attribute[]	createStandardAttributes(CertificateIdentifier encryptionCertID, boolean includeEncryptionCertIDForMSOE) Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.
static Attribute[]	createStandardAttributes(CertificateIdentifier encryptionCertID, boolean includeEncryptionCertIDForMSOE, ObjectID contentType) Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.
static Attribute[]	createStandardAttributes(X509Certificate[] signerCerts, AlgorithmID hashAlg, CertificateIdentifier encryptionCertID, boolean includeEncryptionCertIDForMSOE, ObjectID contentType) Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.
static java.lang.String[]	getEmailAddresses(X509Certificate certificate) Gets all email adresses that are included in the given certificate.
static SMIMECapabilities	makeSMIMECapabilitiesAttribute() Creates an SMIMECapabilities attribute for AES-256-CBC, AES-128-CBC, DES-EDE-CBC, RC2-CBC (128, 64, 40 bit keylength) and DES-CBC.
static Attributes	makeStandardAttributes() Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.
static Attributes	makeStandardAttributes(CertificateIdentifier encryptionCertID, boolean includeEncryptionCertIDForMSOE) Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.
static Attributes	makeStandardAttributes(CertificateIdentifier encryptionCertID, boolean includeEncryptionCertIDForMSOE, ObjectID contentType) Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.
static Attributes	makeStandardAttributes(X509Certificate[] signerCerts, AlgorithmID hashAlg, CertificateIdentifier encryptionCertID, boolean includeEncryptionCertIDForMSOE, ObjectID contentType) Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

createStandardAttributes

public static Attribute[] createStandardAttributes()
                                            throws SMimeException

Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.

This method sets the following attributes for the supplied SignerInfo:

• content-type (data)
• signing-time (the current time)
• SMIME capabilities:
  • AES-256-CBC
  • AES-128-CBC
  • DES-EDE-CBC
  • RC2-CBC (128, 64, 40 bit keylength)
  • DES-CBC

Note that this method does not include the MessageDigest attribute. It will be automatically added when setting the attributes for a SignerInfo thereby letting class SignerInfo calculating the message digest value as required.

Note that this method does exactly the same as method makeStandardAttributes but returns the attributes as array.

Returns:

the attributes just created

Throws:

SMimeException - if an error occurs when creating/setting the attributes

createStandardAttributes

public static Attribute[] createStandardAttributes(CertificateIdentifier encryptionCertID,
                                                   boolean includeEncryptionCertIDForMSOE)
                                            throws SMimeException

Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.

This method sets the following attributes for the supplied SignerInfo:

• content-type (data)
• signing-time (the current time)
• SMIME capabilities:
  • AES-256-CBC
  • AES-128-CBC
  • DES-EDE-CBC
  • RC2-CBC (128, 64, 40 bit keylength)
  • DES-CBC
• SMIMEEncryptionKeyPreference, if encryptionCertID is not null
• a private MS attribute ("1.3.6.1.4.1.311.16.4") identifying the encryption cert if encryptionCertID is not null and includeEncryptionCertIDForMSOE is true (this attribute is required by MSOE to recognize the encryption certificate if different certs are used for signing and encryption

Note that this method does not include the MessageDigest attribute. It will be automatically added when setting the attributes for a SignerInfo thereby letting class SignerInfo calculating the message digest value as required.

Note that this method does exactly the same as method makeStandardAttributes but returns the attributes as array.

Parameters:

encryptionCertID - an ID for the encryption cert of the signer; if not null, the SMIMEEncryptionKeyPreference attribute will be included into the SignerInfo

includeEncryptionCertIDForMSOE - if true and an encryptionCertID of type IssuerAndSerialNumber is provided, a private MS attribute will be included allowing MSOE to recognize the encryption cert of the signer if using different certs for signing/encryption

Returns:

the attributes just created

Throws:

SMimeException - if an error occurs when creating/setting the attributes

createStandardAttributes

public static Attribute[] createStandardAttributes(CertificateIdentifier encryptionCertID,
                                                   boolean includeEncryptionCertIDForMSOE,
                                                   ObjectID contentType)
                                            throws SMimeException

Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.

This method sets the following attributes for the supplied SignerInfo:

• content-type
• signing-time (the current time)
• SMIME capabilities:
  • AES-256-CBC
  • AES-128-CBC
  • DES-EDE-CBC
  • RC2-CBC (128, 64, 40 bit keylength)
  • DES-CBC
• SMIMEEncryptionKeyPreference, if encryptionCertID is not null
• a private MS attribute ("1.3.6.1.4.1.311.16.4") identifying the encryption cert if encryptionCertID is not null and includeEncryptionCertIDForMSOE is true (this attribute is required by MSOE to recognize the encryption certificate if different certs are used for signing and encryption

Note that this method does not include the MessageDigest attribute. It will be automatically added when setting the attributes for a SignerInfo thereby letting class SignerInfo calculating the message digest value as required.

Note that this method does exactly the same as method makeStandardAttributes but returns the attributes as array.

Parameters:

encryptionCertID - an ID for the encryption cert of the signer; if not null, the SMIMEEncryptionKeyPreference attribute will be included into the SignerInfo

includeEncryptionCertIDForMSOE - if true and an encryptionCertID of type IssuerAndSerialNumber is provided, a private MS attribute will be included allowing MSOE to recognize the encryption cert of the signer if using different certs for signing/encryption

contentType - the contentType for the ContentType attribute

Returns:

the attributes just created

Throws:

SMimeException - if an error occurs when creating/setting the attributes

createStandardAttributes

public static Attribute[] createStandardAttributes(X509Certificate[] signerCerts,
                                                   AlgorithmID hashAlg,
                                                   CertificateIdentifier encryptionCertID,
                                                   boolean includeEncryptionCertIDForMSOE,
                                                   ObjectID contentType)
                                            throws SMimeException

Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.

This method sets the following attributes for the supplied SignerInfo:

• content-type
• signing-time (the current time)
• SMIME capabilities:
  • AES-256-CBC
  • AES-128-CBC
  • DES-EDE-CBC
  • RC2-CBC (128, 64, 40 bit keylength)
  • DES-CBC
• SMIMEEncryptionKeyPreference, if encryptionCertID is not null
• a private MS attribute ("1.3.6.1.4.1.311.16.4") identifying the encryption cert if encryptionCertID is not null and includeEncryptionCertIDForMSOE is true (this attribute is required by MSOE to recognize the encryption certificate if different certs are used for signing and encryption
• SigningCertificate or SigningCertificateV2 if signerCerts is not null and not empty

Note that this method does not include the MessageDigest attribute. It will be automatically added when setting the attributes for a SignerInfo thereby letting class SignerInfo calculating the message digest value as required.

Note that this method does exactly the same as method makeStandardAttributes but returns the attributes as array.

Parameters:

signerCerts - the (ordered) certificate chain of the signer if the SigningCertificate/SigningCertificateV2 attribute shall be included

hashAlg - the hash algorithm for the SigningCertificate/SigningCertificateV2 attribute (default: SHA-1)

encryptionCertID - an ID for the encryption cert of the signer; if not null, the SMIMEEncryptionKeyPreference attribute will be included into the SignerInfo

includeEncryptionCertIDForMSOE - if true and an encryptionCertID of type IssuerAndSerialNumber is provided, a private MS attribute will be included allowing MSOE to recognize the encryption cert of the signer if using different certs for signing/encryption

contentType - the contentType for the ContentType attribute

Returns:

the attributes just created

Throws:

SMimeException - if an error occurs when creating/setting the attributes

makeStandardAttributes

public static Attributes makeStandardAttributes()
                                         throws SMimeException

Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.

This method sets the following attributes for the supplied SignerInfo:

• content-type (data)
• signing-time (the current time)
• SMIME capabilities:
  • AES-256-CBC
  • AES-128-CBC
  • DES-EDE-CBC
  • RC2-CBC (128, 64, 40 bit keylength)
  • DES-CBC

Note that this method does not include the MessageDigest attribute. It will be automatically added when setting the attributes for a SignerInfo thereby letting class SignerInfo calculating the message digest value as required.

Note that this method does exactly the same as method createStandardAttributes but returns the attributes as iaik.asn1.structures.Attributes object.

Returns:

the attributes just created

Throws:

SMimeException - if an error occurs when creating/setting the attributes

makeStandardAttributes

public static Attributes makeStandardAttributes(CertificateIdentifier encryptionCertID,
                                                boolean includeEncryptionCertIDForMSOE)
                                         throws SMimeException

Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.

This method sets the following attributes for the supplied SignerInfo:

• content-type (data)
• signing-time (the current time)
• SMIME capabilities:
  • AES-256-CBC
  • AES-128-CBC
  • DES-EDE-CBC
  • RC2-CBC (128, 64, 40 bit keylength)
  • DES-CBC
• SMIMEEncryptionKeyPreference, if encryptionCertID is not null
• a private MS attribute ("1.3.6.1.4.1.311.16.4") identifying the encryption cert if encryptionCertID is not null and includeEncryptionCertIDForMSOE is true (this attribute is required by MSOE to recognize the encryption certificate if different certs are used for signing and encryption

Note that this method does not include the MessageDigest attribute. It will be automatically added when setting the attributes for a SignerInfo thereby letting class SignerInfo calculating the message digest value as required.

Note that this method does exactly the same as method createStandardAttributes but returns the attributes as iaik.asn1.structures.Attributes object.

Parameters:

encryptionCertID - an ID for the encryption cert of the signer; if not null, the SMIMEEncryptionKeyPreference attribute will be included into the SignerInfo

includeEncryptionCertIDForMSOE - if true and an encryptionCertID of type IssuerAndSerialNumber is provided, a private MS attribute will be included allowing MSOE to recognize the encryption cert of the signer if using different certs for signing/encryption

Returns:

the attributes just created

Throws:

SMimeException - if an error occurs when creating/setting the attributes

makeStandardAttributes

public static Attributes makeStandardAttributes(CertificateIdentifier encryptionCertID,
                                                boolean includeEncryptionCertIDForMSOE,
                                                ObjectID contentType)
                                         throws SMimeException

Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.

This method sets the following attributes for the supplied SignerInfo:

• content-type
• signing-time (the current time)
• SMIME capabilities:
  • AES-256-CBC
  • AES-128-CBC
  • DES-EDE-CBC
  • RC2-CBC (128, 64, 40 bit keylength)
  • DES-CBC
• SMIMEEncryptionKeyPreference, if encryptionCertID is not null
• a private MS attribute ("1.3.6.1.4.1.311.16.4") identifying the encryption cert if encryptionCertID is not null and includeEncryptionCertIDForMSOE is true (this attribute is required by MSOE to recognize the encryption certificate if different certs are used for signing and encryption

Note that this method does not include the MessageDigest attribute. It will be automatically added when setting the attributes for a SignerInfo thereby letting class SignerInfo calculating the message digest value as required.

Note that this method does exactly the same as method createStandardAttributes but returns the attributes as iaik.asn1.structures.Attributes object.

Parameters:

encryptionCertID - an ID for the encryption cert of the signer; if not null, the SMIMEEncryptionKeyPreference attribute will be included into the SignerInfo

includeEncryptionCertIDForMSOE - if true and an encryptionCertID of type IssuerAndSerialNumber is provided, a private MS attribute will be included allowing MSOE to recognize the encryption cert of the signer if using different certs for signing/encryption

contentType - the contentType for the ContentType attribute

Returns:

the attributes just created

Throws:

SMimeException - if an error occurs when creating/setting the attributes

makeStandardAttributes

public static Attributes makeStandardAttributes(X509Certificate[] signerCerts,
                                                AlgorithmID hashAlg,
                                                CertificateIdentifier encryptionCertID,
                                                boolean includeEncryptionCertIDForMSOE,
                                                ObjectID contentType)
                                         throws SMimeException

Creates a set of standard attributes to may be included into the signedAttributes field of a SignerInfo.

This method sets the following attributes for the supplied SignerInfo:

• content-type
• signing-time (the current time)
• SMIME capabilities:
  • AES-256-CBC
  • AES-128-CBC
  • DES-EDE-CBC
  • RC2-CBC (128, 64, 40 bit keylength)
  • DES-CBC
• SMIMEEncryptionKeyPreference, if encryptionCertID is not null
• a private MS attribute ("1.3.6.1.4.1.311.16.4") identifying the encryption cert if encryptionCertID is not null and includeEncryptionCertIDForMSOE is true (this attribute is required by MSOE to recognize the encryption certificate if different certs are used for signing and encryption
• SigningCertificate or SigningCertificateV2 if signerCerts is not null and not empty

Note that this method does not include the MessageDigest attribute. It will be automatically added when setting the attributes for a SignerInfo thereby letting class SignerInfo calculating the message digest value as required.

Note that this method does exactly the same as method createStandardAttributes but returns the attributes as iaik.asn1.structures.Attributes object.

Parameters:

signerCerts - the (ordered) certificate chain of the signer if the SigningCertificate/SigningCertificateV2 attribute shall be included

hashAlg - the hash algorithm for the SigningCertificate/SigningCertificateV2 attribute (default: SHA-1)

encryptionCertID - an ID for the encryption cert of the signer; if not null, the SMIMEEncryptionKeyPreference attribute will be included into the SignerInfo

includeEncryptionCertIDForMSOE - if true and an encryptionCertID of type IssuerAndSerialNumber is provided, a private MS attribute will be included allowing MSOE to recognize the encryption cert of the signer if using different certs for signing/encryption

contentType - the contentType for the ContentType attribute

Returns:

the attributes just created

Throws:

SMimeException - if an error occurs when creating/setting the attributes

makeSMIMECapabilitiesAttribute

public static SMIMECapabilities makeSMIMECapabilitiesAttribute()

Creates an SMIMECapabilities attribute for AES-256-CBC, AES-128-CBC, DES-EDE-CBC, RC2-CBC (128, 64, 40 bit keylength) and DES-CBC.

Returns:

SMIMECapabilities attribute for AES-256-CBC, AES-128-CBC, DES-EDE-CBC, RC2-CBC (128, 64, 40 bit keylength) and DES-CBC.

getEmailAddresses

public static java.lang.String[] getEmailAddresses(X509Certificate certificate)

Gets all email adresses that are included in the given certificate. This method checks email addresses that are contained in the subject field as well as email addresses that are contained in the SubjectAltName extension, if present.

Parameters:

certificate - the certificate for which to get its email addresses

Returns:

a String array of all email addresses contained in this certificate; the array maybe empty (if no email addresses are included in the certificate)