Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

iaik.pkcs
Class PKCS7CertList

java.lang.Object
  |
  +--iaik.pkcs.PKCS7CertList
All Implemented Interfaces:
Serializable
public class PKCS7CertList
extends Object
implements Serializable

This class implements an application of the PKCS#7 standard for dealing with certificate chains as used by Netscape Navigator and Microsoft Internet Explorer.

The PKCS#7 SignedData content type provides a degenerate case where there are no signers on the content. It is an intended application of this degenerate case to be used for disseminating certificates and certificate-revocation lists.

This class provides several constructors and methods for creating a SignedData object only containing a list of X509v3 certificates, writing the list to a file (with extension .p7c), and reading it back from the file.

Usage: 

  X509Certificate[] certs = ...;

  PKCS7CertList pkcs7 = new PKCS7CertList();
  pkcs7.setCertificateList(certs);
  pkcs7.writeTo(new FileOutputStream(pkcs7File));
  

  or:
  

  PKCS7CertList pkcs7 = new PKCS7CertList(new FileInputStream("certs.p7c"));
  X509Certificate[] certs = pkcs7.getCertificateList();

Version:
File Revision 17
See Also:
ContentInfo, SignedData, X509Certificate, Serialized Form

Constructor Summary
PKCS7CertList()
          Default constructor.
PKCS7CertList(InputStream is)
          Creates a PKCS7CertList from an input stream.
 
Method Summary
 X509Certificate[] getCertificateList()
          Returns the certificates included in this PKCS7CertList object.
 X509CRL[] getCRLList()
          Returns the CRLs included in this PKCS7CertList object.
 void setCertificateList(X509Certificate[] certificateList)
          Set the certificates for this PKCS#7 SignedData object.
 void setCRLList(X509CRL[] crlList)
          Set the CRLs for this PKCS#7 SignedData object.
 byte[] toByteArray()
          Returns this PKCS7CertList object as DER encoded byte array.
 String toString()
          Returns a string giving some information about the contents of this PKCS7CertList object.
 void writeTo(OutputStream os)
          Writes the certificate chain to the given output stream.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

PKCS7CertList

public PKCS7CertList()
Default constructor. Creates an empty PKCS7CertList object.

Use setCertificateList for supplying a list of X509Certificates, e.g.: 

 PKCS7CertList pkcs7 = new PKCS7CertList();
 pkcs7.setCertificateList(certs);

PKCS7CertList

public PKCS7CertList(InputStream is)
              throws IOException,
                     PKCSParsingException
Creates a PKCS7CertList from an input stream.

You may use this constructor for "reading in" a certificate list that has been written to a .p7c file by using the writeTo method, e.g.: 

 PKCS7CertList pkcs7 = new PKCS7CertList(new FileInputStream("certs.p7c"));
 X509Certificate[] certs = pkcs7.getCertificateList();

Parameters:
is - the input stream from where the object shall be read
Throws:
IOException - if the object could not be read
PKCSParsingException - if the object could not be parsed
Method Detail

getCertificateList

public X509Certificate[] getCertificateList()
Returns the certificates included in this PKCS7CertList object.
Returns:
the certificates included in this PKCS7CertList object, as array of X509Certificates

getCRLList

public X509CRL[] getCRLList()
Returns the CRLs included in this PKCS7CertList object.
Returns:
the CRLs included in this PKCS7CertList object, as array of X509CRLs

setCertificateList

public void setCertificateList(X509Certificate[] certificateList)
Set the certificates for this PKCS#7 SignedData object.
Parameters:
certificateList - the chain of certificates as array

setCRLList

public void setCRLList(X509CRL[] crlList)
Set the CRLs for this PKCS#7 SignedData object.
Parameters:
crlList - the list of certificates as array

writeTo

public void writeTo(OutputStream os)
             throws IOException
Writes the certificate chain to the given output stream.

This method can be used to write the certificate list to a .p7c file, e.g.: 

 X509Certificate[] certs = ...;

 PKCS7CertList pkcs7 = new PKCS7CertList();
 pkcs7.createCertificateList(certs);
 pkcs7.writeTo(new FileOutputStream("certs.p7c"));

Use the PKCS7CertList(InputStream is) for "reading back" the certificate chain from the file.

Parameters:
os - the output stream to which the certificate chain shall be written
Throws:
IOException - if an error occurs during writing out the file

toByteArray

public byte[] toByteArray()
                   throws PKCSException
Returns this PKCS7CertList object as DER encoded byte array.

This method DER encodes the ASN.1 representation of this PKCS#7 cert list an writes it to a byte array.

Returns:
this PKCS7CertList object as DER encoded byte array
Throws:
PKCSException - if an encoding error occurs

toString

public String toString()
Returns a string giving some information about the contents of this PKCS7CertList object.
Overrides:
toString in class Object
Returns:
the string representation
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK