ALG_AES128_CBC, ALG_AES192_CBC, ALG_AES256_CBC, ALG_DES_EDE3_CBC, ALG_MD5, ALG_RC2_40_CBC, ALG_RC2_CBC, ALG_SHA, ALG_SHA256, ALG_SHA512, INC_CERT_CHAIN, INC_CERT_CHAIN_ROOT, INC_CERT_NONE, INC_CERT_OWN, PS_OAEP, PS_OAEPWithSHA256AndMGF1Padding
Constructor and Description |
---|
SsfDataPKCS7(InputStream in)
Constructs PKCS#7 object from an InputStream
|
Modifier and Type | Method and Description |
---|---|
boolean |
decrypt(ISsfProfile profile)
Decrypts the given data.
|
boolean |
encrypt(SsfSigRcpList rcpList,
ISsfPab pab)
Encrypts the given data.
|
boolean |
encrypt(SsfSigRcpList rcpList,
ISsfPab pab,
String alg_ps)
Encrypts the given data.
|
byte[] |
getDataPKCS7()
Get PKCS#7 data which results from previous operations
|
boolean |
sign(ISsfProfile profile)
Creates a digital siganture of the given data.
|
boolean |
sign(ISsfProfile profile,
String mdAlg,
int incCerts,
boolean detached)
Creates a digital siganture of the given data.
|
String |
toString()
Get information about the PKCS#7 data
|
boolean |
verify(ISsfPab pab,
SsfSigRcpList sigList)
Verifies a digital signature of the given data.
|
boolean |
verify(ISsfPab pab,
SsfSigRcpList sigList,
ISsfData input,
X509Certificate cert)
Verifies a digital signature of the given data.
|
boolean |
writeTo(OutputStream out)
Writes the changed data to an output stream
|
public SsfDataPKCS7(InputStream in) throws IOException
in
- InputStream containing the dataIOException
public boolean sign(ISsfProfile profile) throws SsfInvalidKeyException
ISsfData
sign
in interface ISsfData
profile
- containing the secret key of the signersign(profile, ALG_SHA, INC_CERT_CHAIN, false)
SsfInvalidKeyException
- if invalid key is usedISsfData.sign(com.sap.security.api.ssf.ISsfProfile)
public boolean sign(ISsfProfile profile, String mdAlg, int incCerts, boolean detached) throws SsfInvalidKeyException, SsfInvalidAlgException
ISsfData
sign
in interface ISsfData
profile
- containing the secret key of the signermdAlg
- message digest algorithm used to hash the dataincCerts
- determine if certificates should be includeddetached
- if true
do not include data into signaturetrue
if signature could be createdSsfInvalidKeyException
- if invalid key is usedSsfInvalidAlgException
- if invalid algorithm is usedISsfData.sign(com.sap.security.api.ssf.ISsfProfile)
public boolean verify(ISsfPab pab, SsfSigRcpList sigList) throws SsfInvalidDataException
ISsfData
verify
in interface ISsfData
pab
- personal address book containing trusted certificates (if
null
, all certificates are considered as trusted, i.e.
the signer certificates must be validated by the caller)sigList
- list of signer informationverify(pab, null, signer)
SsfInvalidDataException
- if given data is not digitally signedISsfData.verify(com.sap.security.api.ssf.ISsfPab, com.sap.security.core.server.ssf.SsfSigRcpList)
public boolean verify(ISsfPab pab, SsfSigRcpList sigList, ISsfData input, X509Certificate cert) throws SsfInvalidDataException
ISsfData
verify
in interface ISsfData
pab
- personal address book containing trusted certificates (if
null
, all certificates are considered as trusted, i.e.
the signer certificates must be validated by the caller)sigList
- list of signer informationinput
- unsigned data (provide only in case of detached signature,
in case of attached signature pass null
)cert
- certificate to be used for verification (if null
,
use certificate included in signed data)true
if (at least one) signature could be verifiedSsfInvalidDataException
- if given data is not digitally signedISsfData.verify(com.sap.security.api.ssf.ISsfPab, com.sap.security.core.server.ssf.SsfSigRcpList)
public boolean encrypt(SsfSigRcpList rcpList, ISsfPab pab) throws SsfInvalidKeyException
ISsfData
encrypt
in interface ISsfData
rcpList
- list of recipients of encrypted datapab
- personal address book containing trusted certificatesencrypt(rcp, pab, ALG_AES128_CBC)
SsfInvalidKeyException
- if invalid key is usedISsfData.encrypt(com.sap.security.core.server.ssf.SsfSigRcpList, com.sap.security.api.ssf.ISsfPab)
public boolean encrypt(SsfSigRcpList rcpList, ISsfPab pab, String alg_ps) throws SsfInvalidKeyException, SsfInvalidAlgException
ISsfData
encrypt
in interface ISsfData
rcpList
- list of recipients of encrypted datapab
- personal address book containing the certificate of the recipient
(if null
, all certificates are considered as trusted)alg_ps
- name of symmetric encryption algorithmtrue
if data could be encrypted for all recipientsSsfInvalidKeyException
- if invalid key is usedSsfInvalidAlgException
- if invalid algorithm is usedISsfData.encrypt(com.sap.security.core.server.ssf.SsfSigRcpList, com.sap.security.api.ssf.ISsfPab)
public boolean decrypt(ISsfProfile profile) throws SsfInvalidKeyException, SsfInvalidDataException
ISsfData
decrypt
in interface ISsfData
profile
- containing the secret key of the recipienttrue
if encrypted data could be decryptedSsfInvalidKeyException
- if invalid key is usedSsfInvalidDataException
- if given data is not encryptedISsfData.decrypt(com.sap.security.api.ssf.ISsfProfile)
public boolean writeTo(OutputStream out) throws IOException
ISsfData
writeTo
in interface ISsfData
out
- output streamtrue
if data could be writtenIOException
- if an I/O error occursISsfData.writeTo(java.io.OutputStream)
public byte[] getDataPKCS7()
Access Rights |
---|
SC | DC | Public Part | ACH |
---|---|---|---|
[sap.com] CORE-TOOLS
|
[sap.com]
|
default
|
BC-JAS
|
[sap.com] ENGFACADE
|
[sap.com] tc/bl/security/lib
|
api
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
-
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
default
|
BC-JAS-SEC
|
Copyright 2018 SAP AG Complete Copyright Notice