ALG_AES128_CBC, ALG_AES192_CBC, ALG_AES256_CBC, ALG_DES_EDE3_CBC, ALG_MD5, ALG_RC2_40_CBC, ALG_RC2_CBC, ALG_SHA, ALG_SHA256, ALG_SHA512, INC_CERT_CHAIN, INC_CERT_CHAIN_ROOT, INC_CERT_NONE, INC_CERT_OWN, PS_OAEP, PS_OAEPWithSHA256AndMGF1Padding
Constructor and Description |
---|
SsfDataSMIME(InputStream is,
Session sess)
Constructs SsfDataSMIME object from an InputStream
|
SsfDataSMIME(MimeMessage mess,
Session sess)
Constructs SsfDataSMIME object from a MimeMessage
|
Modifier and Type | Method and Description |
---|---|
boolean |
decrypt(ISsfProfile profile)
Decrypts the given data.
|
boolean |
encrypt(SsfSigRcpList rcpList,
ISsfPab pab)
Encrypts the given data.
|
boolean |
encrypt(SsfSigRcpList rcpList,
ISsfPab pab,
String symAlg)
Encrypts the given data.
|
MimeMessage |
getDataSMIME()
Get message which results from previous operations
|
void |
setNewContentTypes(boolean newContentTypes)
Sets the parameter
newContentTypes . |
boolean |
sign(ISsfProfile profile)
Creates a digital siganture of the given data.
|
boolean |
sign(ISsfProfile profile,
String mdAlg,
int incCerts,
boolean detached)
Creates a digital siganture of the given data.
|
String |
toString()
Get information about the S/MIME data
|
boolean |
verify(ISsfPab pab,
SsfSigRcpList sigList)
Verifies a digital signature of the given data.
|
boolean |
verify(ISsfPab pab,
SsfSigRcpList sigList,
ISsfData input,
X509Certificate cert)
Verifies a digital signature of the given data.
|
boolean |
verify(ISsfPab pab,
SsfSigRcpList sigList,
X509Certificate cert)
Verifies a digital signature of the given data.
|
boolean |
writeTo(OutputStream out)
Writes the changed data to an output stream
|
public SsfDataSMIME(InputStream is, Session sess) throws SsfInvalidDataException
is
- InputStream containing the datasess
- Session of MimeMessage (may be null
)SsfInvalidDataException
- if no MIME data is suppliedpublic SsfDataSMIME(MimeMessage mess, Session sess) throws SsfInvalidDataException
mess
- MimeMessage objectsess
- Session of MimeMessage (may be null
)SsfInvalidDataException
- if no MIME data is suppliedpublic boolean sign(ISsfProfile profile) throws SsfInvalidKeyException
ISsfData
sign
in interface ISsfData
profile
- containing the secret key of the signersign(profile, ALG_SHA, INC_CERT_CHAIN, false)
SsfInvalidKeyException
- if invalid key is usedISsfData.sign(com.sap.security.api.ssf.ISsfProfile)
public boolean sign(ISsfProfile profile, String mdAlg, int incCerts, boolean detached) throws SsfInvalidKeyException, SsfInvalidAlgException
ISsfData
sign
in interface ISsfData
profile
- containing the secret key of the signermdAlg
- message digest algorithm used to hash the dataincCerts
- determine if certificates should be includeddetached
- if true
do not include data into signaturetrue
if signature could be createdSsfInvalidKeyException
- if invalid key is usedSsfInvalidAlgException
- if invalid algorithm is usedISsfData.sign(com.sap.security.api.ssf.ISsfProfile)
public boolean verify(ISsfPab pab, SsfSigRcpList sigList) throws SsfInvalidDataException
ISsfData
verify
in interface ISsfData
pab
- personal address book containing trusted certificates (if
null
, all certificates are considered as trusted, i.e.
the signer certificates must be validated by the caller)sigList
- list of signer informationverify(pab, null, signer)
SsfInvalidDataException
- if given data is not digitally signedISsfData.verify(com.sap.security.api.ssf.ISsfPab, com.sap.security.core.server.ssf.SsfSigRcpList)
public boolean verify(ISsfPab pab, SsfSigRcpList sigList, ISsfData input, X509Certificate cert) throws SsfInvalidDataException
verify
in interface ISsfData
pab
- personal address book containing trusted certificates (if
null
, all certificates are considered as trusted, i.e.
the signer certificates must be validated by the caller)sigList
- list of signer informationinput
- ignored parameter, pass null
)cert
- certificate to be used for verification (if null
, use
certificate included in signed data)verify(pab, signer, (X509Certificate[]) null)
SsfInvalidDataException
- if given data is not digitally signedpublic boolean verify(ISsfPab pab, SsfSigRcpList sigList, X509Certificate cert) throws SsfInvalidDataException
pab
- personal address book containing trusted certificates (if
null
, all certificates are considered as trusted, i.e.
the signer certificates must be validated by the caller)sigList
- list of signer informationcert
- certificate to be used for verification (if null
, use
certificate included in signed data)true
if (at least one) signature could be verifiedSsfInvalidDataException
- if given data is not digitally signedpublic boolean encrypt(SsfSigRcpList rcpList, ISsfPab pab) throws SsfInvalidKeyException
ISsfData
encrypt
in interface ISsfData
rcpList
- list of recipients of encrypted datapab
- personal address book containing trusted certificatesencrypt(rcp, pab, ALG_AES128_CBC)
SsfInvalidKeyException
- if invalid key is usedISsfData.encrypt(com.sap.security.core.server.ssf.SsfSigRcpList, com.sap.security.api.ssf.ISsfPab)
public boolean encrypt(SsfSigRcpList rcpList, ISsfPab pab, String symAlg) throws SsfInvalidKeyException, SsfInvalidAlgException
ISsfData
encrypt
in interface ISsfData
rcpList
- list of recipients of encrypted datapab
- personal address book containing the certificate of the recipient
(if null
, all certificates are considered as trusted)symAlg
- name of symmetric encryption algorithmtrue
if data could be encrypted for all recipientsSsfInvalidKeyException
- if invalid key is usedSsfInvalidAlgException
- if invalid algorithm is usedISsfData.encrypt(com.sap.security.core.server.ssf.SsfSigRcpList, com.sap.security.api.ssf.ISsfPab)
public boolean decrypt(ISsfProfile profile) throws SsfInvalidKeyException, SsfInvalidDataException
ISsfData
decrypt
in interface ISsfData
profile
- containing the secret key of the recipienttrue
if encrypted data could be decryptedSsfInvalidKeyException
- if invalid key is usedSsfInvalidDataException
- if given data is not encryptedISsfData.decrypt(com.sap.security.api.ssf.ISsfProfile)
public void setNewContentTypes(boolean newContentTypes)
newContentTypes
. If this parameter is
true
, use the new content types (application/pkcs7-signature
and application/pkcs7-mime). As default the old content types
(application/x-pkcs7-signature and application/x-pkcs7-mime) are used.newContentTypes
- boolean that indicates if the new or old content
types are usedpublic boolean writeTo(OutputStream out) throws IOException
ISsfData
writeTo
in interface ISsfData
out
- output streamtrue
if data could be writtenIOException
- if an I/O error occursISsfData.writeTo(java.io.OutputStream)
public MimeMessage getDataSMIME()
Access Rights |
---|
SC | DC | Public Part | ACH |
---|---|---|---|
[sap.com] CORE-TOOLS
|
[sap.com]
|
default
|
BC-JAS
|
[sap.com] ENGFACADE
|
[sap.com] tc/bl/security/lib
|
api
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
-
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
default
|
BC-JAS-SEC
|
Copyright 2018 SAP AG Complete Copyright Notice