iaik.smime.ess.utils
Class ESSUtil

java.lang.Object
  iaik.smime.ess.utils.ESSUtil

public class ESSUtil
extends java.lang.Object

Some ESS utils.

Method Summary

static boolean	compareGeneralName(GeneralName gn1, GeneralName gn2) Compares two GeneralName objects.
static boolean	compareGeneralNames(GeneralNames gns1, GeneralNames gns2) Compares two GeneralNames objects.
static X509Certificate	convertCertificate(java.security.cert.Certificate certificate) Converts the given X.509 certificate into an iaik.x509.X509Certificate.
static java.security.cert.X509Certificate	convertCertificate(java.security.cert.Certificate certificate, java.lang.String provider) Converts the given X509Certificate into a X509Certificate object of the requested provider.
static X509Certificate[]	convertCertificateChain(java.security.cert.Certificate[] certificateChain) Converts the given X.509 certificate array into an array iaik.x509.X509Certificate objects.
static java.security.cert.X509Certificate[]	convertCertificateChain(java.security.cert.Certificate[] certificateChain, java.lang.String provider) Converts an array of X509Certificates into an array of X509Certificate objects of the requested provider.
static java.security.Key	convertKey(java.security.Key key, java.lang.String provider) Converts the given key into a key object of the requested provider.
static GeneralName	createGeneralName(java.lang.String email) Creates a GeneralName of type rfc822Name from the given email address.
static GeneralNames	createGeneralNames(java.lang.String email) Creates a GeneralNames conatining one GeneralName of type rfc822Name with the given email address.
static AttributeValue	getAttributeValue(SignedContent signedContent, ObjectID attributeType, boolean checkIfAllIdentical) Returns the attribute value belonging to the specified attribute type if included in the given SignedContent.
static AttributeValue	getAttributeValue(SignedContent signedContent, ObjectID attributeType, boolean checkIfAllIdentical, boolean checkIfIncluedInAllSignerInfos) Returns the attribute value belonging to the specified attribute type if included in the given SignedContent.
static AttributeValue	getAttributeValue(SignerInfo[] signerInfos, ObjectID attributeType, boolean checkIfAllIdentical) Returns the attribute value belonging to the specified attribute type if included in the set of given SignerInfos.
static AttributeValue	getAttributeValue(SignerInfo[] signerInfos, ObjectID attributeType, boolean checkIfAllIdentical, boolean checkIfIncluedInAllSignerInfos) Returns the attribute value belonging to the specified attribute type if included in the set of given SignerInfos.
static EquivalentLabels	getEquivalentLabels(SignedContent signedContent) Returns the EquivalentLabels attribute if included in the given SignedContent.
static EquivalentLabels	getEquivalentLabels(SignerInfo[] signerInfos) Returns the EquivalentLabels attribute if included in the set of given SignerInfos.
static ESSSecurityLabel	getESSSecurityLabel(SignedContent signedContent) Returns the ESSSecurityLabel attribute if included in the given SignedContent.
static ESSSecurityLabel	getESSSecurityLabel(SignerInfo[] signerInfos) Returns the ESSSecurityLabel attribute if included in the set of given SignerInfos.
static SignerInfo	getFirstSignerInfoWithAttribute(SignedContent signedContent, ObjectID attributeType) Returns the first SignerInfo included in the given SignedContent object that contains a signed attribute of the specified attribute type.
static SignerInfo	getFirstSignerInfoWithAttribute(SignerInfo[] signerInfos, ObjectID attributeType) Returns the first SignerInfo of the given array that contains a signed attribute of the specified attribute type.
static java.lang.String[]	getMailAddresses(GeneralNames generalNames) Picks all email addresses (GeneralNames of type rfc822Name) from the given GeneralNames.
static java.lang.String[]	getMailAddresses(GeneralNames[] generalNames) Picks all email addresses (GeneralNames of type rfc822Name) from the array of given GeneralNames.
static MLExpansionHistory	getMLExpansionHistory(SignedContent signedContent) Returns the MLExpansionHistory attribute if included in the given SignedContent.
static MLExpansionHistory	getMLExpansionHistory(SignerInfo[] signerInfos) Returns the MLExpansionHistory attribute if included in the set of given SignerInfos.
static ReceiptRequest	getReceiptRequest(SignedContent signedContent) Returns the ReceiptRequest attribute if included in the given SignedContent.
static ReceiptRequest	getReceiptRequest(SignerInfo[] signerInfos) Returns the ReceiptRequest attribute if included in the set of given SignerInfos.
static SignerInfo[]	getSignerInfosWithAttribute(SignedContent signedContent, ObjectID attributeType, boolean checkIfAllIdentical) Returns all SignerInfos of the given SignedContent object that contain a signed attribute of the specified attribute type.
static SignerInfo[]	getSignerInfosWithAttribute(SignedContent signedContent, ObjectID attributeType, boolean checkIfAllIdentical, boolean checkIfIncluedInAllSignerInfos) Returns all SignerInfos of the given SignedContent object that contain a signed attribute of the specified attribute type.
static SignerInfo[]	getSignerInfosWithAttribute(SignerInfo[] signerInfos, ObjectID attributeType, boolean checkIfAllIdentical) Returns all SignerInfos of the given array that contain a signed attribute of the specified attribute type.
static SignerInfo[]	getSignerInfosWithAttribute(SignerInfo[] signerInfos, ObjectID attributeType, boolean checkIfAllIdentical, boolean checkIfIncluedInAllSignerInfos) Returns all SignerInfos of the given array that contain a signed attribute of the specified attribute type.
static java.lang.String	parseAddress(java.lang.String address) Parses an RFC822 address like: "John Doe" and returns the email address only.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getReceiptRequest

public static ReceiptRequest getReceiptRequest(SignedContent signedContent)
                                        throws CodingException,
                                               ESSException

Returns the ReceiptRequest attribute if included in the given SignedContent. This method steps through the SignerInfo objects included in the given SignedContent object and looks whether a ReceiptRequest attribute is included. If a ReceiptRequest attribute is found in one SignerInfo, any further SignerInfo is checked if having a ReceiptRequest that does not match to the first ReceiptRequest found. If any ReceiptRequest attributes are found that are not identical, an ESSException is thrown (according to RFC2634 all ReceiptRequest attributes that are found in the SignerInfos must be identical).

Parameters:

signedContent - the signedContent whose signer infos to be searched for an ReceiptRequest attribute

Returns:

the ReceiptRequest attribute if present in the given SignedContent

Throws:

CodingException - if an error occurs when decoding some included ReceiptRequest attribute

ESSException - if ReceiptRequest attributes are included that are not identical (according to RFC2634 all ReceiptRequest attributes that are found in the SignerInfos must be identical)

getReceiptRequest

public static ReceiptRequest getReceiptRequest(SignerInfo[] signerInfos)
                                        throws CodingException,
                                               ESSException

Returns the ReceiptRequest attribute if included in the set of given SignerInfos. This method steps through the given SignerInfo objects and looks whether a ReceiptRequest attribute is included. If a ReceiptRequest attribute is found in one SignerInfo, any further SignerInfo is checked if having a ReceiptRequest that does not match to the first ReceiptRequest found. If any ReceiptRequest attributes are found that are not identical, an ESSException is thrown (according to RFC2634 all ReceiptRequest attributes that are found in the SignerInfos must be identical).

Parameters:

signerInfos - the signer infos to be searched for an ReceiptRequest attribute

Returns:

the ReceiptRequest attribute if present in the given set of SignerInfos

Throws:

CodingException - if an error occurs when decoding some included ReceiptRequest attribute

ESSException - if ReceiptRequest attributes are included that are not identical (according to RFC2634 all ReceiptRequest attributes that are found in the SignerInfos must be identical)

getMLExpansionHistory

public static MLExpansionHistory getMLExpansionHistory(SignedContent signedContent)
                                                throws CodingException,
                                                       ESSException

Returns the MLExpansionHistory attribute if included in the given SignedContent. This method steps through the SignerInfo objects included in the given SignedContent object and looks whether a MLExpansionHistory attribute is included. If a MLExpansionHistory attribute is found in one SignerInfo it is returned if checkIfAllIdentical is set to false. However, if checkIfAllIdentical is set to true, any further SignerInfo is checked if having a MLExpansionHistory that does not match to the first MLExpansionHistory found. If any MLExpansionHistory attributes are found that are not identical, an ESSException is thrown (according to RFC2634 all SignerInfos created by a MLA must include the same MLExpansionHistory attribute).

Parameters:

signedContent - the signedContent whose signer infos to be searched for an MLExpansionHistory attribute

Returns:

the MLExpansionHistory attribute if present in the given SignedContent

Throws:

CodingException - if an error occurs when decoding some included MLExpansionHistory attribute

ESSException - if checkIfAllIdentical is true and MLExpansionHistory attributes are included that are not identical

getMLExpansionHistory

public static MLExpansionHistory getMLExpansionHistory(SignerInfo[] signerInfos)
                                                throws CodingException,
                                                       ESSException

Returns the MLExpansionHistory attribute if included in the set of given SignerInfos. This method steps through the given SignerInfo objects and looks whether a MLExpansionHistory attribute is included. If a MLExpansionHistory attribute is found in one SignerInfo, any further SignerInfo is checked if having a MLExpansionHistory that does not match to the first MLExpansionHistory found. If any MLExpansionHistory attributes are found that are not identical, an ESSException is thrown (according to RFC2634 all SignerInfos created by a MLA must include the same MLExpansionHistory attribute).

Parameters:

signerInfos - the signer infos to be searched for an MLExpansionHistory attribute

Returns:

the MLExpansionHistory attribute if present in the given set of SignerInfos

Throws:

CodingException - if an error occurs when decoding some included MLExpansionHistory attribute

ESSException - if MLExpansionHistory attributes are included that are not identical (according to RFC2634 all SignerInfos created by a MLA must include the same MLExpansionHistory attribute)

getESSSecurityLabel

public static ESSSecurityLabel getESSSecurityLabel(SignedContent signedContent)
                                            throws CodingException,
                                                   ESSException

Returns the ESSSecurityLabel attribute if included in the given SignedContent. This method steps through the SignerInfo objects included in the given SignedContent object and looks whether a ReceiptRequest attribute is included. If a ESSSecurityLabel attribute is found in one SignerInfo, any other SignerInfo is checked if having a ESSSecurityLabel that does not match to the first ESSSecurityLabel found. If any ESSSecurityLabel attributes are found that are not identical, an ESSException is thrown. If an ESSSecurityLabel attribute is included in only some, but not all SignerInfos, an ESSException is thrown (according the ESS specification ( RFC2634 all ESSSecurityLabel attributes included in a SignedData layer must be identical; and if any of the SignerInfos does contain an ESSSecurityLabel attribute all other SignerInfos of the SignedData must contain the (same) ESSSecurityLabel attribute, too).

Parameters:

signedContent - the signedContent whose signer infos to be searched for an ESSSecurityLabel attribute

Returns:

the ESSSecurityLabel attribute if present in the SignerInfos of the given SignedContent

Throws:

CodingException - if an error occurs when decoding some included ESSSecurityLabel attribute

ESSException - if ESSSecurityLabel attributes are included that are not identical (according the ESS specification ( RFC2634 all ESSSecurityLabel attributes included in a SignedData layer must be identical); or if any, but not all of the SignerInfos do contain an ESSSecurityLabel attribute (according the ESS specification ( RFC2634 either all or none of the SignerInfos of a SignedData must contain an (identical) ESSSecurityLabel attribute

getESSSecurityLabel

public static ESSSecurityLabel getESSSecurityLabel(SignerInfo[] signerInfos)
                                            throws CodingException,
                                                   ESSException

Returns the ESSSecurityLabel attribute if included in the set of given SignerInfos. This method steps through the given SignerInfo objects and looks whether a ESSSecurityLabel attribute is included. If a ESSSecurityLabel attribute is found in one SignerInfo, any other SignerInfo is checked if having a ESSSecurityLabel that does not match to the first ESSSecurityLabel found. If any ESSSecurityLabel attributes are found that are not identical, an ESSException is thrown. If an ESSSecurityLabel attribute is included in only some, but not all SignerInfos, an ESSException is thrown (according the ESS specification ( RFC2634 all ESSSecurityLabel attributes included in a SignedData layer must be identical; and if any of the SignerInfos does contain an ESSSecurityLabel attribute all other SignerInfos of the SignedData must contain the (same) ESSSecurityLabel attribute, too).

Parameters:

signerInfos - the signer infos to be searched for an ESSSecurityLabel attribute

Returns:

the ESSSecurityLabel attribute if present in the given set of SignerInfos

Throws:

CodingException - if an error occurs when decoding some included ESSSecurityLabel attribute

ESSException - if ESSSecurityLabel attributes are included that are not identical (according the ESS specification ( RFC2634 all ESSSecurityLabel attributes included in a SignedData layer must be identical); or if any, but not all of the SignerInfos do contain an ESSSecurityLabel attribute (according the ESS specification ( RFC2634 either all or none of the SignerInfos of a SignedData must contain an (identical) ESSSecurityLabel attribute

getEquivalentLabels

public static EquivalentLabels getEquivalentLabels(SignedContent signedContent)
                                            throws CodingException,
                                                   ESSException

Returns the EquivalentLabels attribute if included in the given SignedContent. This method steps through the SignerInfo objects included in the given SignedContent object and looks whether a ReceiptRequest attribute is included. If a EquivalentLabels attribute is found in one SignerInfo, any other SignerInfo is checked if having a EquivalentLabels that does not match to the first EquivalentLabels found. If any EquivalentLabels attributes are found that are not identical, an ESSException is thrown. If an EquivalentLabels attribute is included in only some, but not all SignerInfos, an ESSException is thrown (according the ESS specification ( RFC2634 all EquivalentLabels attributes included in a SignedData layer must be identical; and if any of the SignerInfos does contain an EquivalentLabels attribute all other SignerInfos of the SignedData must contain the (same) EquivalentLabels attribute, too).

Parameters:

signedContent - the signedContent whose signer infos to be searched for an EquivalentLabels attribute

Returns:

the EquivalentLabels attribute if present in the SignerInfos of the given SignedContent

Throws:

CodingException - if an error occurs when decoding some included EquivalentLabels attribute

ESSException - if EquivalentLabels attributes are included that are not identical (according the ESS specification ( RFC2634 all EquivalentLabels attributes included in a SignedData layer must be identical); or if any, but not all of the SignerInfos do contain an EquivalentLabels attribute (according the ESS specification ( RFC2634 either all or none of the SignerInfos of a SignedData must contain an (identical) EquivalentLabels attribute

getEquivalentLabels

public static EquivalentLabels getEquivalentLabels(SignerInfo[] signerInfos)
                                            throws CodingException,
                                                   ESSException

Returns the EquivalentLabels attribute if included in the set of given SignerInfos. This method steps through the given SignerInfo objects and looks whether a EquivalentLabels attribute is included. If a EquivalentLabels attribute is found in one SignerInfo, any other SignerInfo is checked if having a EquivalentLabels that does not match to the first EquivalentLabels found. If any EquivalentLabels attributes are found that are not identical, an ESSException is thrown. If an EquivalentLabels attribute is included in only some, but not all SignerInfos, an ESSException is thrown (according the ESS specification ( RFC2634 all EquivalentLabels attributes included in a SignedData layer must be identical; and if any of the SignerInfos does contain an EquivalentLabels attribute all other SignerInfos of the SignedData must contain the (same) EquivalentLabels attribute, too).

Parameters:

signerInfos - the signer infos to be searched for an EquivalentLabels attribute

Returns:

the EquivalentLabels attribute if present in the given set of SignerInfos

Throws:

CodingException - if an error occurs when decoding some included EquivalentLabels attribute

ESSException - if EquivalentLabels attributes are included that are not identical (according the ESS specification ( RFC2634 all EquivalentLabels attributes included in a SignedData layer must be identical); or if any, but not all of the SignerInfos do contain an EquivalentLabels attribute (according the ESS specification ( RFC2634 either all or none of the SignerInfos of a SignedData must contain an (identical) EquivalentLabels attribute

getAttributeValue

public static AttributeValue getAttributeValue(SignedContent signedContent,
                                               ObjectID attributeType,
                                               boolean checkIfAllIdentical)
                                        throws CodingException,
                                               ESSException

Returns the attribute value belonging to the specified attribute type if included in the given SignedContent. This method steps through the SignerInfo objects included in the given SignedContent object and looks whether the requested attribute is included. If an attribute of the requested type is found in one SignerInfo it is returned if checkIfAllIdentical is set to false. However, if checkIfAllIdentical is set to true, any further SignerInfo is checked if having an attribute of that type that does not match to the first attribute found. If any attributes of that type are found that are not identical, an ESSException is thrown.

Parameters:

signedContent - the signedContent whose signer infos to be searched for the requested attribute

checkIfAllIdentical - whether to check if all attributes (of the requested type) that are included in the given signerInfos are identical (according to RFC2634 for attributes of some type (e.g. ReceiptRequest) it is required that all attributes of that type that are inlcuded in the set of SignerInfos must be identical)

Returns:

the attribute value of requested type if present in the given SignedContent

Throws:

CodingException - if an error occurs when decoding some included attribute

ESSException - if checkIfAllIdentical is true and there are attributes of the requested type included that are not identical

getAttributeValue

public static AttributeValue getAttributeValue(SignedContent signedContent,
                                               ObjectID attributeType,
                                               boolean checkIfAllIdentical,
                                               boolean checkIfIncluedInAllSignerInfos)
                                        throws CodingException,
                                               ESSException

Returns the attribute value belonging to the specified attribute type if included in the given SignedContent. This method steps through the SignerInfo objects included in the given SignedContent object and looks whether the requested attribute is included. If an attribute of the requested type is found in one SignerInfo it is returned if checkIfAllIdentical is set to false. However, if checkIfAllIdentical is set to true, any further SignerInfo is checked if having an attribute of that type that does not match to the first attribute found. If any attributes of that type are found that are not identical, an ESSException is thrown.

Parameters:

signedContent - the signedContent whose signer infos to be searched for the requested attribute

checkIfAllIdentical - whether to check if all attributes (of the requested type) that are included in the given signerInfos are identical (according to RFC2634 for attributes of some type (e.g. ReceiptRequest) it is required that all attributes of that type that are inlcuded in the set of SignerInfos must be identical)

checkIfIncluedInAllSignerInfos - whether to check if the attributes (of the requested type) is included in all SignerInfos (according to RFC2634 for attributes of some type (e.g. ESSSecurityLabel) it is required that if the attribute is included in one SignerInfo of a SignedData layer it has to be present in all SignerInfos of this layer. Since this only is required together with the requirement that all attributes have to be identical, the inclusion check is only performed if checkIfAllIdentical is set to true)

Returns:

the attribute value of requested type if present in the given set of SignerInfos

Throws:

CodingException - if an error occurs when decoding some included attribute

ESSException - if checkIfAllIdentical is true and there are attributes of the requested type included that are not identical, or checkIfIncluedInAllSignerInfos is true but the attribute is not included in all SignerInfos

getAttributeValue

public static AttributeValue getAttributeValue(SignerInfo[] signerInfos,
                                               ObjectID attributeType,
                                               boolean checkIfAllIdentical)
                                        throws CodingException,
                                               ESSException

Returns the attribute value belonging to the specified attribute type if included in the set of given SignerInfos. This method steps through the given SignerInfo objects and looks whether the requested attribute is included. If an attribute of the requested type is found in one SignerInfo it is returned if checkIfAllIdentical is set to false. However, if checkIfAllIdentical is set to true, any further SignerInfo is checked if having an attribute of that type that does not match to the first attribute found. If any attributes of that type are found that are not identical, an ESSException is thrown.

Parameters:

signerInfos - the signer infos to be searched for the requested attribute

checkIfAllIdentical - whether to check if all attributes (of the requested type) that are included in the given signerInfos are identical (according to RFC2634 for attributes of some type (e.g. ReceiptRequest) it is required that all attributes of that type that are inlcuded in the set of SignerInfos must be identical)

Returns:

the attribute value of requested type if present in the given set of SignerInfos

Throws:

CodingException - if an error occurs when decoding some included attribute

ESSException - if checkIfAllIdentical is true and there are attributes of the requested type included that are not identical, or checkIfIncluedInAllSignerInfos is true but the attribute is not included in all SignerInfos

getAttributeValue

public static AttributeValue getAttributeValue(SignerInfo[] signerInfos,
                                               ObjectID attributeType,
                                               boolean checkIfAllIdentical,
                                               boolean checkIfIncluedInAllSignerInfos)
                                        throws CodingException,
                                               ESSException

Returns the attribute value belonging to the specified attribute type if included in the set of given SignerInfos. This method steps through the given SignerInfo objects and looks whether the requested attribute is included. If an attribute of the requested type is found in one SignerInfo it is returned if checkIfAllIdentical is set to false. However, if checkIfAllIdentical is set to true, any further SignerInfo is checked if having an attribute of that type that does not match to the first attribute found. If any attributes of that type are found that are not identical, an ESSException is thrown.

Parameters:

signerInfos - the signer infos to be searched for the requested attribute

checkIfAllIdentical - whether to check if all attributes (of the requested type) that are included in the given signerInfos are identical (according to RFC2634 for attributes of some type (e.g. ReceiptRequest) it is required that all attributes of that type that are inlcuded in the set of SignerInfos must be identical)

checkIfIncluedInAllSignerInfos - whether to check if the attributes (of the requested type) are included in all SignerInfos (according to RFC2634 for attributes of some type (e.g. ESSSecurityLabel) it is required that if the attribute is included in one SignerInfo of a SignedData layer it has to be present in all SignerInfos of this layer. Since this only is required together with the requirement that all attributes have to be identical, the inclusion check is only performed if checkIfAllIdentical is set to true)

Returns:

the attribute value of requested type if present in the given set of SignerInfos

Throws:

CodingException - if an error occurs when decoding some included attribute

ESSException - if checkIfAllIdentical is true and there are attributes of the requested type included that are not identical, or checkIfIncluedInAllSignerInfos is true but the attribute is not included in all SignerInfos

getSignerInfosWithAttribute

public static SignerInfo[] getSignerInfosWithAttribute(SignedContent signedContent,
                                                       ObjectID attributeType,
                                                       boolean checkIfAllIdentical,
                                                       boolean checkIfIncluedInAllSignerInfos)
                                                throws CodingException,
                                                       ESSException

Returns all SignerInfos of the given SignedContent object that contain a signed attribute of the specified attribute type. This method steps through the SignerInfo objects included in the given SignedContent object and looks whether the requested attribute is included. If checkIfAllIdentical is set to false, any signerInfo holding a signed attribute of requested type is picked. However, if checkIfAllIdentical is set to true, all attributes (of the requested type) ever included in the given SignerInfo have to be indentical. If any attributes of that type are found that are not identical, an ESSException is thrown.

Parameters:

signedContent - the signedContent whose signer infos to be searched for the requested attribute

checkIfAllIdentical - whether to check if all attributes (of the requested type) that are included in the given signerInfos are identical (according to RFC2634 for attributes of some type (e.g. ReceiptRequest) it is required that all attributes of that type that are inlcuded in the set of SignerInfos must be identical)

checkIfIncluedInAllSignerInfos - whether to check if the attributes (of the requested type) is included in all SignerInfos (according to RFC2634 for attributes of some type (e.g. ESSSecurityLabel) it is required that if the attribute is included in one SignerInfo of a SignedData layer it has to be present in all SignerInfos of this layer. Since this only is required together with the requirement that all attributes have to be identical, the inclusion check is only performed if checkIfAllIdentical is set to true)

Returns:

an array holding all the SignerInfos of the given SignedContent that contain a signed attribute of the requested type; the array may be empty (if no SignerInfo contains an attribute of the requested type); if checkIfAllIdentical is false the attributes (of requested type) in the SignerInfo result set may not be identical; if checkIfAllIdentical is true all attributes (of requested type) in the SignerInfo result set are identical (otherwise an ESSException would be thrown);

Throws:

CodingException - if an error occurs when decoding some included attribute

ESSException - if checkIfAllIdentical is true and there are attributes of the requested type included that are not identical, or checkIfIncluedInAllSignerInfos is true but the attribute is not included in all SignerInfos

getSignerInfosWithAttribute

public static SignerInfo[] getSignerInfosWithAttribute(SignedContent signedContent,
                                                       ObjectID attributeType,
                                                       boolean checkIfAllIdentical)
                                                throws CodingException,
                                                       ESSException

Returns all SignerInfos of the given SignedContent object that contain a signed attribute of the specified attribute type. This method steps through the SignerInfo objects included in the given SignedContent object and looks whether the requested attribute is included. If checkIfAllIdentical is set to false, any signerInfo holding a signed attribute of requested type is picked. However, if checkIfAllIdentical is set to true, all attributes (of the requested type) ever included in the given SignerInfo have to be indentical. If any attributes of that type are found that are not identical, an ESSException is thrown.

Parameters:

signedContent - the signedContent whose signer infos to be searched for the requested attribute

checkIfAllIdentical - whether to check if all attributes (of the requested type) that are included in the given signerInfos are identical (according to RFC2634 for attributes of some type (e.g. ReceiptRequest) it is required that all attributes of that type that are inlcuded in the set of SignerInfos must be identical)

Returns:

an array holding all the SignerInfos of the given SignedContent that contain a signed attribute of the requested type; the array may be empty (if no SignerInfo contains an attribute of the requested type); if checkIfAllIdentical is false the attributes (of requested type) in the SignerInfo result set may not be identical; if checkIfAllIdentical is true all attributes (of requested type) in the SignerInfo result set are identical (otherwise an ESSException would be thrown);

Throws:

CodingException - if an error occurs when decoding some included attribute

ESSException - if checkIfAllIdentical is true and there are attributes of the requested type included that are not identical

getSignerInfosWithAttribute

public static SignerInfo[] getSignerInfosWithAttribute(SignerInfo[] signerInfos,
                                                       ObjectID attributeType,
                                                       boolean checkIfAllIdentical)
                                                throws CodingException,
                                                       ESSException

Returns all SignerInfos of the given array that contain a signed attribute of the specified attribute type. This method steps through the given SignerInfo objects and looks whether the requested attribute is included. If checkIfAllIdentical is set to false, any signerInfo holding a signed attribute of requested type is picked. However, if checkIfAllIdentical is set to true, all attributes (of the requested type) ever included in the given SignerInfo have to be indentical. If any attributes of that type are found that are not identical, an ESSException is thrown.

Parameters:

signerInfos - the signer infos to be searched for the requested attribute

checkIfAllIdentical - whether to check if all attributes (of the requested type) that are included in the given signerInfos are identical (according to RFC2634 for attributes of some type (e.g. ReceiptRequest) it is required that all attributes of that type that are inlcuded in the set of SignerInfos must be identical)

Returns:

an array holding all the SignerInfos of the given set that contain a signed attribute of the requested type; the array may be empty (if no SignerInfo contains an attribute of the requested type); if checkIfAllIdentical is false the attributes (of requested type) in the SignerInfo result set may not be identical; if checkIfAllIdentical is true all attributes (of requested type) in the SignerInfo result set are identical (otherwise an ESSException would be thrown);

Throws:

CodingException - if an error occurs when decoding some included attribute

ESSException - if checkIfAllIdentical is true and there are attributes of the requested type included that are not identical

getSignerInfosWithAttribute

public static SignerInfo[] getSignerInfosWithAttribute(SignerInfo[] signerInfos,
                                                       ObjectID attributeType,
                                                       boolean checkIfAllIdentical,
                                                       boolean checkIfIncluedInAllSignerInfos)
                                                throws CodingException,
                                                       ESSException

Returns all SignerInfos of the given array that contain a signed attribute of the specified attribute type. This method steps through the given SignerInfo objects and looks whether the requested attribute is included. If checkIfAllIdentical is set to false, any signerInfo holding a signed attribute of requested type is picked. However, if checkIfAllIdentical is set to true, all attributes (of the requested type) ever included in the given SignerInfo have to be indentical. If any attributes of that type are found that are not identical, an ESSException is thrown.

Parameters:

signerInfos - the signer infos to be searched for the requested attribute

checkIfAllIdentical - whether to check if all attributes (of the requested type) that are included in the given signerInfos are identical (according to RFC2634 for attributes of some type (e.g. ReceiptRequest) it is required that all attributes of that type that are inlcuded in the set of SignerInfos must be identical)

checkIfIncluedInAllSignerInfos - whether to check if the attributes (of the requested type) is included in all SignerInfos (according to RFC2634 for attributes of some type (e.g. ESSSecurityLabel) it is required that if the attribute is included in one SignerInfo of a SignedData layer it has to be present in all SignerInfos of this layer. Since this only is required together with the requirement that all attributes have to be identical, the inclusion check is only performed if checkIfAllIdentical is set to true)

Returns:

an array holding all the SignerInfos of the given set that contain a signed attribute of the requested type; the array may be empty (if no SignerInfo contains an attribute of the requested type); if checkIfAllIdentical is false the attributes (of requested type) in the SignerInfo result set may not be identical; if checkIfAllIdentical is true all attributes (of requested type) in the SignerInfo result set are identical (otherwise an ESSException would be thrown);

Throws:

CodingException - if an error occurs when decoding some included attribute

ESSException - if checkIfAllIdentical is true and there are attributes of the requested type included that are not identical, or checkIfIncluedInAllSignerInfos is true but the attribute is not included in all SignerInfos

getFirstSignerInfoWithAttribute

public static SignerInfo getFirstSignerInfoWithAttribute(SignedContent signedContent,
                                                         ObjectID attributeType)
                                                  throws CodingException

Returns the first SignerInfo included in the given SignedContent object that contains a signed attribute of the specified attribute type. This method steps through the SignerInfo objects included in the given SignedContent object and returns the first SignerInfo that contains a signed attribute requested type. No check is performed if same-type attributes in remaining SignerInfos match to the first one detected.

Parameters:

signedContent - the signedContent whose signer infos to be searched for the requested attribute

Returns:

the first SignerInfo that contains a signed attribute of the specified attribute type

Throws:

CodingException - if an error occurs when decoding some included attribute

getFirstSignerInfoWithAttribute

public static SignerInfo getFirstSignerInfoWithAttribute(SignerInfo[] signerInfos,
                                                         ObjectID attributeType)
                                                  throws CodingException

Returns the first SignerInfo of the given array that contains a signed attribute of the specified attribute type. This method steps through the given SignerInfo objects and returns the first SignerInfo that contains a signed attribute requested type. No check is performed if same-type attributes in remaining SignerInfos match to the first one detected.

Parameters:

signerInfos - the signer infos to be searched for the requested attribute

Returns:

the first SignerInfo of the given array that contains a signed attribute of the specified attribute type

Throws:

CodingException - if an error occurs when decoding some included attribute

getMailAddresses

public static java.lang.String[] getMailAddresses(GeneralNames[] generalNames)

Picks all email addresses (GeneralNames of type rfc822Name) from the array of given GeneralNames.

Returns:

an array of Strings containing all email addresses included in the given array of GeneralNames

getMailAddresses

public static java.lang.String[] getMailAddresses(GeneralNames generalNames)

Picks all email addresses (GeneralNames of type rfc822Name) from the given GeneralNames.

Returns:

an array of Strings containing all email addresses included in the given GeneralNames

parseAddress

public static java.lang.String parseAddress(java.lang.String address)

Parses an RFC822 address like: "John Doe" and returns the email address only. Works also without the <> brackets.

Parameters:

address - the email address string to be parsed

Returns:

the RFC822 address parsed from the string

compareGeneralName

public static boolean compareGeneralName(GeneralName gn1,
                                         GeneralName gn2)

Compares two GeneralName objects.

This method uses the following criteria for comparing the two GeneralName object:

1. If the type is different, return false
2. Check the value:
   • If type is otherName, x400Address or ediPartyName, compare the DER encodings of the ASN1Object values
   • If type is dNSName, uniformResourceIdentifier or iPAddress compare the String values
   • If type is rfc822Name, compare the string values after parsing the RFC822 part; e.g. only "jdoe@iaik.tugraz.at" of an address like "John Doe " is compared
   • If type is registeredID compare the ObjectID values
   • If type is directoryName compare the Name values

Parameters:

gn1 - the first GeneralName

gn2 - the second GeneralName

Returns:

true, if the two GeneralNames are equal, false otherwise

compareGeneralNames

public static boolean compareGeneralNames(GeneralNames gns1,
                                          GeneralNames gns2)

Compares two GeneralNames objects.

This method steps through all GeneralName objects included and compares them for equality.

Parameters:

gns1 - the first GeneralNames

gns2 - the second GeneralNames

Returns:

true, if the two GeneralNames are equal, false otherwise

createGeneralName

public static GeneralName createGeneralName(java.lang.String email)

Creates a GeneralName of type rfc822Name from the given email address.

Parameters:

email - the email address from which to create a GeneralName

Returns:

the new GeneralName

createGeneralNames

public static GeneralNames createGeneralNames(java.lang.String email)

Creates a GeneralNames conatining one GeneralName of type rfc822Name with the given email address.

Parameters:

email - the email address from which to create a GeneralNames

Returns:

the new GeneralNames

convertCertificateChain

public static java.security.cert.X509Certificate[] convertCertificateChain(java.security.cert.Certificate[] certificateChain,
                                                                           java.lang.String provider)
                                                                    throws java.security.cert.CertificateException,
                                                                           java.security.NoSuchProviderException

Converts an array of X509Certificates into an array of X509Certificate objects of the requested provider.

Parameters:

certificateChain - the array of certificates to convert

provider - the name of the provider whose certificate implementation is requested

Returns:

the new certificate chain

Throws:

java.security.cert.CertificateException - if there occurs an error while parsing/converting the certificate chain

java.security.NoSuchProviderException - if the requested provider is not installed or does not support a X.509 certificate factory as required for conversion

convertCertificate

public static java.security.cert.X509Certificate convertCertificate(java.security.cert.Certificate certificate,
                                                                    java.lang.String provider)
                                                             throws java.security.cert.CertificateException,
                                                                    java.security.NoSuchProviderException

Converts the given X509Certificate into a X509Certificate object of the requested provider.

Parameters:

certificate - the certificate to convert

provider - the name of the provider whose certificate implementation is requested

Returns:

the new certificate

Throws:

java.security.cert.CertificateException - if there occurs an error while parsing/converting the certificate

java.security.NoSuchProviderException - if the requested provider is not installed or does not support a X.509 certificate factory as required for conversion

convertKey

public static java.security.Key convertKey(java.security.Key key,
                                           java.lang.String provider)
                                    throws java.security.InvalidKeyException,
                                           java.security.NoSuchProviderException,
                                           java.security.NoSuchAlgorithmException

Converts the given key into a key object of the requested provider.

Parameters:

key - the key to convert

provider - the name of the provider whose key implementation is requested

Returns:

the new key

Throws:

java.security.InvalidKeyException - if the key cannot be converted

java.security.NoSuchProviderException - if the requested provider is not installed

java.security.NoSuchAlgorithmException - if the requested provider does not support a keyfactory of requested type

convertCertificate

public static X509Certificate convertCertificate(java.security.cert.Certificate certificate)
                                          throws java.security.cert.CertificateException

Converts the given X.509 certificate into an iaik.x509.X509Certificate.

Parameters:

certificate - the certificate to convert

Returns:

the new certificate

Throws:

java.security.cert.CertificateException - if there occurs an error while parsing/converting the certificate

convertCertificateChain

public static X509Certificate[] convertCertificateChain(java.security.cert.Certificate[] certificateChain)
                                                 throws java.security.cert.CertificateException

Converts the given X.509 certificate array into an array iaik.x509.X509Certificate objects.

Parameters:

certificateChain - the certificate chain to convert

Returns:

the new certificate chain

Throws:

java.security.cert.CertificateException - if there occurs an error while parsing/converting the certificate chain