iaik.cms
Class CMSCertList

java.lang.Object
  extended by iaik.cms.CMSCertList
All Implemented Interfaces:
java.io.Serializable

public class CMSCertList
extends java.lang.Object
implements java.io.Serializable

This class implements an application of the CMS standard for dealing with certificate chains in PKCS#7/CMS format as also used by Microsoft Internet Explorer and Mozilla Firefox.

The CMS SignedData content type provides a degenerate case where there are no signers on the content. It is an intended application of this degenerate case to be used for disseminating certificates and/or certificate-revocation lists.

This class provides several constructors and methods for creating a SignedData object only containing a list of X.509 public key (PKC) and/or X.509 attribute certificates, writing the list encoded, e.g. to a file and reading it back from the file.

After creating a new CMSCertList you may add X.509 public key and/or attribute certificates (as instances of iaik.x509.X509Certificate respectively iaik.x509.attr.AttributeCertificate) by either immediately setting the certificates or adding them from a CertificateSet, e.g.:

 // create a CMSCertList for one X.509 PKC and one attribute certificate:
 X509Certificate x509Cert = ...;
 AttributeCertificate attrCert = ...;
 Certificate[] certs = { x509Cert, attrCert };
 CMSCertList certList = new CMSCertList();
 certList.setCertificateList(certs);
 
respectively:
 X509Certificate x509Cert = ...;
 AttributeCertificate attrCert = ...;
 CertifcateSet certSet = new CertificateSet;
 certSet.addCertificate(x509Cert);
 certSet.addCertificate(attrCert);
 CMSCertList certList = new CMSCertList();
 certList.setCertificateList(certSet);
 
Use method setCRLList for adding certificate revocation lists to this CMSCertList, e.g.:
 X509CRL crls = ...;
 cmsCertList.setCRLList(crls);
 

See Also:
SignedData, CertificateSet, X509Certificate, AttributeCertificate, Serialized Form

Constructor Summary
CMSCertList()
          Default constructor.
CMSCertList(java.io.InputStream is)
          Creates a CMSCertList from an input stream.
 
Method Summary
 AttributeCertificate[] getAttributeCertificates()
          Returns the attribute certificates included in this CMSCertList.
 java.security.cert.Certificate[] getCertificateList()
          Returns the certificates included in this CMSCertList object.
 CertificateSet getCertificateSet()
          Returns the certificate set included in this CMSCertList object.
 X509CRL[] getCRLList()
          Returns the CRLs included in this CMSCertList object.
 X509Certificate[] getX509Certificates()
          Returns the X.509 public key certificates included.
 void setCertificateList(java.security.cert.Certificate[] certificateList)
          Sets the certificates for this CMS SignedData object.
 void setCertificateList(CertificateSet certificateSet)
          Sets the certificates for this CMS SignedData object.
 void setCRLList(X509CRL[] crlList)
          Sets the CRLs for this CMS SignedData object.
 byte[] toByteArray()
          Returns this CMSCertList object as DER encoded byte array.
 java.lang.String toString()
          Returns a string giving some information about the contents of this CMSCertList object.
 void writeTo(java.io.OutputStream os)
          Writes this CMSCertList DER encoded to the given output stream.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

CMSCertList

public CMSCertList()
Default constructor. Creates an empty CMSCertList object.

Add X.509 public key and/or attribute certificates (as instances of iaik.x509.X509Certificate respectively iaik.x509.attr.AttributeCertificate) by either immediately setting the certificates or adding them from a CertificateSet, e.g.:

 // create a CMSCertList for one X.509 PKCS and one attribute certificate:
 X509Certificate x509Cert = ...;
 AttributeCertificate attrCert = ...;
 Certificate[] certs = { x509Cert, attrCert };
 CMSCertList certList = new CMSCertList();
 certList.setCertificateList(certs);
 
respectively:
 X509Certificate x509Cert = ...;
 AttributeCertificate attrCert = ...;
 CertifcateSet certSet = new CertificateSet;
 certSet.addCertificate(x509Cert);
 certSet.addCertificate(attrCert);
 CMSCertList certList = new CMSCertList();
 certList.setCertificateList(certSet);
 
Use method setCRLList for adding certificate revocation lists to this CMSCertList, e.g.:
 X509CRL crls = ...;
 cmsCertList.setCRLList(crls);
 


CMSCertList

public CMSCertList(java.io.InputStream is)
            throws java.io.IOException,
                   CMSParsingException
Creates a CMSCertList from an input stream.

Parameters:
is - the input stream from where the encoded CMSCertList shall be read
Throws:
java.io.IOException - if the object could not be read
CMSParsingException - if an error occurs while parsing the object; e.g. the encoding is invalid, or PKCS#6 extended certificates (obsolete) are included
Method Detail

getCertificateList

public java.security.cert.Certificate[] getCertificateList()
Returns the certificates included in this CMSCertList object.

The array returned may contain X.509 public key certificates (instances of iaik.x509.X509Certificate and/or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate); PKCS#6 extended certificates are obsolete and therefore not supported.

Returns:
the certificates included in this CMSCertList object, as array of Certificates; or null if no certificates are included

getCertificateSet

public CertificateSet getCertificateSet()
Returns the certificate set included in this CMSCertList object.

The CertificateSet returned may contain X.509 public key certificates (instances of iaik.x509.X509Certificate and/or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate); PKCS#6 extended certificates are obsolete and therefore not supported.

Returns:
the certificates included in this CMSCertList object, as CertificateSet; the set may be empty

getAttributeCertificates

public AttributeCertificate[] getAttributeCertificates()
Returns the attribute certificates included in this CMSCertList.

Returns:
an array containing all attribute certificates included in this CMSCertList, or null if no attribute certificates are included

getX509Certificates

public X509Certificate[] getX509Certificates()
Returns the X.509 public key certificates included.

Returns:
the X.509 public key certificates included in this CMSCertList, or null if no X.509 certificates are included

getCRLList

public X509CRL[] getCRLList()
Returns the CRLs included in this CMSCertList object.

Returns:
the CRLs included in this CMSCertList object, as array of X509CRLs

setCertificateList

public void setCertificateList(java.security.cert.Certificate[] certificateList)
Sets the certificates for this CMS SignedData object.

Parameters:
certificateList - the chain of certificates as array
Throws:
java.lang.IllegalArgumentException - if any of the supplied certificates is not a iaik.x509.X509Certificate or iaik.x509.attr.AttributeCertificate object

setCertificateList

public void setCertificateList(CertificateSet certificateSet)
Sets the certificates for this CMS SignedData object.

Parameters:
certificateSet - the certificates to be set; as CertificateSet

setCRLList

public void setCRLList(X509CRL[] crlList)
Sets the CRLs for this CMS SignedData object.

Parameters:
crlList - the list of certificates as array

writeTo

public void writeTo(java.io.OutputStream os)
             throws java.io.IOException
Writes this CMSCertList DER encoded to the given output stream.

Parameters:
os - the output stream to which the CMSCertList shall be written
Throws:
java.io.IOException - if an error occurs during writing out the file

toByteArray

public byte[] toByteArray()
                   throws CMSException
Returns this CMSCertList object as DER encoded byte array.

This method DER encodes the ASN.1 representation of this CMS cert list an writes it to a byte array.

Returns:
this CMSCertList object as DER encoded byte array
Throws:
CMSException - if an encoding error occurs

toString

public java.lang.String toString()
Returns a string giving some information about the contents of this CMSCertList object.

Overrides:
toString in class java.lang.Object
Returns:
the string representation

This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).

IAIK-CMS 6.0, (c) 2002 IAIK, (c) 2003, 2023 SIC