CadesSignature

java.lang.Object
- iaik.pdf.cmscades.AbstractCadesSignature
- - iaik.pdf.cmscades.CadesSignature

```
public class CadesSignature
extends AbstractCadesSignature
```
This class manages non-stream instances of SignedData object according to CAdES or PAdES profiles. To create a CAdES signature instantiate a new CadesSignature object providing the data to be signed and the required signature mode. Add a SignerInfo for each signer who signs the data. Finally, request the encoding of the internally managed SignedData object to do the actual signing and to get the final signature. E.g.:
```
 CadesSignature cadesSig = new CadesSignature(data, SignedData.EXPLICIT);
 CadesBESParameters params = new CadesBESParameters();
 cadesSig.addSignerInfo(privKey_, certs, params);
 byte[] signature = cadesSig.encodeSignature();
 
```

Constructor Summary

Constructors
Constructor and Description
`CadesSignature(byte[] signature)` Create a new instance by providing only the bytes of the signature.
`CadesSignature(byte[] signature, byte[] signedContent)` Create a new instance by providing the bytes of the signature and the signed content.
`CadesSignature(byte[] signature, byte[] signedContent, int signedDataMode)` Create a new instance by providing the bytes of the signature and the signed content.
`CadesSignature(byte[] signature, byte[] signedContent, java.io.OutputStream newSignatureEncodingStream)` Create a new instance by providing the bytes of the signature and the signed content.
`CadesSignature(byte[] signature, byte[] signedContent, java.lang.String[] additionalContentDigestAlgs, int signedDataMode, java.io.OutputStream newSignatureEncodingStream)` Create a new instance by providing the bytes of the signature and the signed content.
`CadesSignature(byte[] signature, byte[] signedContent, java.lang.String[] additionalContentDigestAlgs, java.io.OutputStream newSignatureEncodingStream)` Create a new instance by providing the bytes of the signature and the signed content.
`CadesSignature(byte[] signature, java.io.InputStream signedContent)` Create a new instance by providing the signature as bytes and signed content as stream.
`CadesSignature(byte[] signature, java.io.InputStream signedContent, int signedDataMode)` Create a new instance by providing the signature as bytes and signed content as stream.
`CadesSignature(byte[] signature, java.io.InputStream signedContent, java.io.OutputStream newSignatureEncodingStream)` Create a new instance by providing the signature as bytes and signed content as stream.
`CadesSignature(byte[] signature, java.io.InputStream signedContent, java.lang.String[] additionalContentDigestAlgs, int signedDataMode, java.io.OutputStream newSignatureEncodingStream)` Create a new instance by providing the signature as bytes and signed content as stream.
`CadesSignature(byte[] signature, java.io.InputStream signedContent, java.lang.String[] additionalContentDigestAlgs, java.io.OutputStream newSignatureEncodingStream)` Create a new instance by providing the signature as bytes and signed content as stream.
`CadesSignature(byte[] data, int mode)` New instance creating a signed data object for the given data and mode.

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`byte[]`	`encodeSignature()` Returns the encoded CMS signature.
`byte[]`	`getEncodedSignedData()` Deprecated. use `encodeSignature()` for new signatures and `AbstractCadesSignature.encodeUpgradedSignature()` for upgraded signatures (e.g. upgraded with archive timestamps)

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CadesSignature
```
public CadesSignature(byte[] data,
                      int mode)
```
    New instance creating a signed data object for the given data and mode. Used for signature creation.
    
    Parameters:
    
    data - Bytes of data to be signed
    
    mode - SignedData.IMPLICIT or SignedData.EXPLICIT
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      java.io.InputStream signedContent)
               throws CmsCadesException
```
    Create a new instance by providing the signature as bytes and signed content as stream. Used for signature verification.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      java.io.InputStream signedContent,
                      java.io.OutputStream newSignatureEncodingStream)
               throws CmsCadesException
```
    Create a new instance by providing the signature as bytes and signed content as stream. If unsigned attributes shall be added subsequently (e.g. AbstractCadesSignature.addArchiveTimeStamp(iaik.x509.X509Certificate, iaik.pdf.parameters.CadesLTAParameters)) and not yet included content digests are required, these additional digest algorithms for hashing the signed content have to be specified here. Used for signature verification and upgrade with unsigned attributes.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures
    
    newSignatureEncodingStream - output stream to write the encoding of the new upgraded signature
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      java.io.InputStream signedContent,
                      java.lang.String[] additionalContentDigestAlgs,
                      java.io.OutputStream newSignatureEncodingStream)
               throws CmsCadesException
```
    Create a new instance by providing the signature as bytes and signed content as stream. The new signature upgraded with further unsigned attributes (e.g. AbstractCadesSignature.addArchiveTimeStamp(iaik.x509.X509Certificate, iaik.pdf.parameters.CadesLTAParameters)) will be encoded to the given output stream. If not yet included content digests are required for upgrading the signature, these additional digest algorithms for hashing the signed content have to be specified here. Used for signature verification and upgrade with unsigned attributes.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures
    
    additionalContentDigestAlgs - digest algorithms that shall be added to the signature for later usage
    
    newSignatureEncodingStream - output stream to write the encoding of the new upgraded signature
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      java.io.InputStream signedContent,
                      int signedDataMode)
               throws CmsCadesException
```
    Create a new instance by providing the signature as bytes and signed content as stream. Checks whether given and actual signedDataMode correspond. Used for signature verification.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures
    
    signedDataMode - SignedData.EXPLICIT or SignedData.IMPLICIT
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      java.io.InputStream signedContent,
                      java.lang.String[] additionalContentDigestAlgs,
                      int signedDataMode,
                      java.io.OutputStream newSignatureEncodingStream)
               throws CmsCadesException
```
    Create a new instance by providing the signature as bytes and signed content as stream. Checks whether given and actual signedDataMode correspond. The new signature upgraded with further unsigned attributes (e.g. AbstractCadesSignature.addArchiveTimeStamp(iaik.x509.X509Certificate, iaik.pdf.parameters.CadesLTAParameters)) will be encoded to the given output stream. If not yet included content digests are required for upgrading the signature, these additional digest algorithms for hashing the signed content have to be specified here. Used for signature verification and upgrade with unsigned attributes.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures
    
    additionalContentDigestAlgs - digest algorithms that shall be added to the signature for later usage
    
    signedDataMode - SignedData.EXPLICIT or SignedData.IMPLICIT
    
    newSignatureEncodingStream - output stream to write the encoding of the new upgraded signature
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      byte[] signedContent)
               throws CmsCadesException
```
    Create a new instance by providing the bytes of the signature and the signed content. Used for signature verification.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures. If given for an implicit signature, the signature content must match the given content.
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      byte[] signedContent,
                      java.io.OutputStream newSignatureEncodingStream)
               throws CmsCadesException
```
    Create a new instance by providing the bytes of the signature and the signed content. If unsigned attributes shall be added subsequently (e.g. AbstractCadesSignature.addArchiveTimeStamp(iaik.x509.X509Certificate, iaik.pdf.parameters.CadesLTAParameters)) and not yet included content digests are required, these additional digest algorithms for hashing the signed content have to be specified here. Used for signature verification and upgrade with unsigned attributes.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures. If given for an implicit signature, the signature content must match the given content.
    
    newSignatureEncodingStream - output stream to write the encoding of the new upgraded signature
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      byte[] signedContent,
                      java.lang.String[] additionalContentDigestAlgs,
                      java.io.OutputStream newSignatureEncodingStream)
               throws CmsCadesException
```
    Create a new instance by providing the bytes of the signature and the signed content. The new signature upgraded with further unsigned attributes (e.g. AbstractCadesSignature.addArchiveTimeStamp(iaik.x509.X509Certificate, iaik.pdf.parameters.CadesLTAParameters)) will be encoded to the given output stream. If not yet included content digests are required for upgrading the signature, these additional digest algorithms for hashing the signed content have to be specified here. Used for signature verification and upgrade with unsigned attributes.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures. If given for an implicit signature, the signature content must match the given content.
    
    additionalContentDigestAlgs - digest algorithms that shall be added to the signature for later usage
    
    newSignatureEncodingStream - output stream to write the encoding of the new upgraded signature
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      byte[] signedContent,
                      int signedDataMode)
               throws CmsCadesException
```
    Create a new instance by providing the bytes of the signature and the signed content. Checks whether given and actual signedDataMode correspond. Used for signature verification.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures. If given for an implicit signature, the signature content must match the given content.
    
    signedDataMode - SignedData.EXPLICIT or SignedData.IMPLICIT
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature,
                      byte[] signedContent,
                      java.lang.String[] additionalContentDigestAlgs,
                      int signedDataMode,
                      java.io.OutputStream newSignatureEncodingStream)
               throws CmsCadesException
```
    Create a new instance by providing the bytes of the signature and the signed content. Checks whether given and actual signedDataMode correspond. The new signature upgraded with further unsigned attributes (e.g. AbstractCadesSignature.addArchiveTimeStamp(iaik.x509.X509Certificate, iaik.pdf.parameters.CadesLTAParameters)) will be encoded to the given output stream. If not yet included content digests are required for upgrading the signature, these additional digest algorithms for hashing the signed content have to be specified here. Used for signature verification and upgrade with unsigned attributes.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    signedContent - the content signed by the given signature, required for explicit signatures. If given for an implicit signature, the signature content must match the given content.
    
    additionalContentDigestAlgs - digest algorithms that shall be added to the signature for later usage
    
    signedDataMode - SignedData.EXPLICIT or SignedData.IMPLICIT
    
    newSignatureEncodingStream - output stream to write the encoding of the new upgraded signature
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
  - CadesSignature
```
public CadesSignature(byte[] signature)
               throws CmsCadesException
```
    Create a new instance by providing only the bytes of the signature. Can only be used for implicit signatures, i.e. if signed content need not be provided. Used for signature verification.
    
    Parameters:
    
    signature - signature as encoded SignedData object
    
    Throws:
    
    CmsCadesException - if signature is invalid (e.g. can't be parsed or content hash doesn't match)
- Method Detail
  - getEncodedSignedData
```
public byte[] getEncodedSignedData()
                            throws java.io.IOException,
                                   CmsCadesException
```
    Deprecated. use encodeSignature() for new signatures and AbstractCadesSignature.encodeUpgradedSignature() for upgraded signatures (e.g. upgraded with archive timestamps)
    
    Create encoded CMS signature.
    
    Returns:
    
    DER encoding of the CMS signature
    
    Throws:
    
    java.io.IOException - if data can't be read
    
    CmsCadesException - if signed data attributes or signed data object can't be created
  - encodeSignature
```
public byte[] encodeSignature()
                       throws java.io.IOException,
                              CmsCadesException
```
    Returns the encoded CMS signature. Use this method to get the encoding of a new signature created with CadesSignature(byte[], int).
    
    Returns:
    
    DER encoded CMS signature
    
    Throws:
    
    java.io.IOException - if data can't be read
    
    CmsCadesException - if signed data attributes or signed data object can't be created

Class CadesSignature

Constructor Summary

Method Summary

Methods inherited from class iaik.pdf.cmscades.AbstractCadesSignature

Methods inherited from class java.lang.Object

Constructor Detail

CadesSignature

CadesSignature

CadesSignature

CadesSignature

CadesSignature

CadesSignature

CadesSignature

CadesSignature

CadesSignature

CadesSignature

CadesSignature

CadesSignature

Method Detail

getEncodedSignedData

encodeSignature