org.bouncycastle.mail.smime.validator
Class SignedMailValidator
java.lang.Object
org.bouncycastle.mail.smime.validator.SignedMailValidator
public class SignedMailValidator
- extends java.lang.Object
Constructor Summary |
SignedMailValidator(javax.mail.internet.MimeMessage message,
java.security.cert.PKIXParameters param)
Validates the signed MimeMessage message. |
SignedMailValidator(javax.mail.internet.MimeMessage message,
java.security.cert.PKIXParameters param,
java.lang.Class certPathReviewerClass)
Validates the signed MimeMessage message. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SignedMailValidator
public SignedMailValidator(javax.mail.internet.MimeMessage message,
java.security.cert.PKIXParameters param)
throws SignedMailValidatorException
- Validates the signed
MimeMessage
message. The
PKIXParameters
from param are used for the certificate path
validation. The actual PKIXParameters used for the certificate path
validation is a copy of param with the followin changes:
- The
validation date is changed to the signature time
- A CertStore with
certificates and crls from the mail message is added to the CertStores.
In param
it's also possible to add additional CertStores
with intermediate Certificates and/or CRLs which then are also used for
the validation.
- Parameters:
message
- the signed MimeMessageparam
- the parameters for the certificate path validation
- Throws:
SignedMailValidatorException
- if the message is no signed message or if an exception occurs
reading the message
SignedMailValidator
public SignedMailValidator(javax.mail.internet.MimeMessage message,
java.security.cert.PKIXParameters param,
java.lang.Class certPathReviewerClass)
throws SignedMailValidatorException
- Validates the signed
MimeMessage
message. The
PKIXParameters
from param are used for the certificate path
validation. The actual PKIXParameters used for the certificate path
validation is a copy of param with the followin changes:
- The
validation date is changed to the signature time
- A CertStore with
certificates and crls from the mail message is added to the CertStores.
In param
it's also possible to add additional CertStores
with intermediate Certificates and/or CRLs which then are also used for
the validation.
- Parameters:
message
- the signed MimeMessageparam
- the parameters for the certificate path validationcertPathReviewerClass
- a subclass of PKIXCertPathReviewer
. The SignedMailValidator
uses objects of this type for the cert path vailidation. The class must
have an empty constructor.
- Throws:
SignedMailValidatorException
- if the message is no signed message or if an exception occurs
reading the message
java.lang.IllegalArgumentException
- if the certPathReviewerClass is not a
subclass of PKIXCertPathReviewer
or objects of
certPathReviewerClass can not be instantiated
validateSignatures
protected void validateSignatures(java.security.cert.PKIXParameters pkixParam)
getEmailAddresses
public static java.util.Set getEmailAddresses(java.security.cert.X509Certificate cert)
throws java.io.IOException,
java.security.cert.CertificateEncodingException
- Throws:
java.io.IOException
java.security.cert.CertificateEncodingException
checkSignerCert
protected void checkSignerCert(java.security.cert.X509Certificate cert,
java.util.List errors,
java.util.List notifications)
getSignatureTime
public static java.util.Date getSignatureTime(SignerInformation signer)
createCertPath
public static java.security.cert.CertPath createCertPath(java.security.cert.X509Certificate signerCert,
java.util.Set trustanchors,
java.util.List certStores)
throws java.security.GeneralSecurityException
- Parameters:
signerCert
- the end of the pathtrustanchors
- trust anchors for the pathcertStores
-
- Returns:
- the resulting certificate path.
- Throws:
java.security.GeneralSecurityException
createCertPath
public static java.lang.Object[] createCertPath(java.security.cert.X509Certificate signerCert,
java.util.Set trustanchors,
java.util.List systemCertStores,
java.util.List userCertStores)
throws java.security.GeneralSecurityException
- Returns an Object array containing a CertPath and a List of Booleans. The list contains the value
true
if the corresponding certificate in the CertPath was taken from the user provided CertStores.
- Parameters:
signerCert
- the end of the pathtrustanchors
- trust anchors for the pathsystemCertStores
- list of CertStore
provided by the systemuserCertStores
- list of CertStore
provided by the user
- Returns:
- a CertPath and a List of booleans.
- Throws:
java.security.GeneralSecurityException
getCertsAndCRLs
public java.security.cert.CertStore getCertsAndCRLs()
getSignerInformationStore
public SignerInformationStore getSignerInformationStore()
getValidationResult
public SignedMailValidator.ValidationResult getValidationResult(SignerInformation signer)
throws SignedMailValidatorException
- Throws:
SignedMailValidatorException