Bouncy Castle Cryptography Library 1.44

org.bouncycastle.mail.smime.validator
Class SignedMailValidator

java.lang.Object
  extended by org.bouncycastle.mail.smime.validator.SignedMailValidator

public class SignedMailValidator
extends java.lang.Object


Nested Class Summary
 class SignedMailValidator.ValidationResult
           
 
Constructor Summary
SignedMailValidator(javax.mail.internet.MimeMessage message, java.security.cert.PKIXParameters param)
          Validates the signed MimeMessage message.
SignedMailValidator(javax.mail.internet.MimeMessage message, java.security.cert.PKIXParameters param, java.lang.Class certPathReviewerClass)
          Validates the signed MimeMessage message.
 
Method Summary
protected  void checkSignerCert(java.security.cert.X509Certificate cert, java.util.List errors, java.util.List notifications)
           
static java.security.cert.CertPath createCertPath(java.security.cert.X509Certificate signerCert, java.util.Set trustanchors, java.util.List certStores)
           
static java.lang.Object[] createCertPath(java.security.cert.X509Certificate signerCert, java.util.Set trustanchors, java.util.List systemCertStores, java.util.List userCertStores)
          Returns an Object array containing a CertPath and a List of Booleans.
 java.security.cert.CertStore getCertsAndCRLs()
           
static java.util.Set getEmailAddresses(java.security.cert.X509Certificate cert)
           
static java.util.Date getSignatureTime(SignerInformation signer)
           
 SignerInformationStore getSignerInformationStore()
           
 SignedMailValidator.ValidationResult getValidationResult(SignerInformation signer)
           
protected  void validateSignatures(java.security.cert.PKIXParameters pkixParam)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SignedMailValidator

public SignedMailValidator(javax.mail.internet.MimeMessage message,
                           java.security.cert.PKIXParameters param)
                    throws SignedMailValidatorException
Validates the signed MimeMessage message. The PKIXParameters from param are used for the certificate path validation. The actual PKIXParameters used for the certificate path validation is a copy of param with the followin changes:
- The validation date is changed to the signature time
- A CertStore with certificates and crls from the mail message is added to the CertStores.

In param it's also possible to add additional CertStores with intermediate Certificates and/or CRLs which then are also used for the validation.

Parameters:
message - the signed MimeMessage
param - the parameters for the certificate path validation
Throws:
SignedMailValidatorException - if the message is no signed message or if an exception occurs reading the message

SignedMailValidator

public SignedMailValidator(javax.mail.internet.MimeMessage message,
                           java.security.cert.PKIXParameters param,
                           java.lang.Class certPathReviewerClass)
                    throws SignedMailValidatorException
Validates the signed MimeMessage message. The PKIXParameters from param are used for the certificate path validation. The actual PKIXParameters used for the certificate path validation is a copy of param with the followin changes:
- The validation date is changed to the signature time
- A CertStore with certificates and crls from the mail message is added to the CertStores.

In param it's also possible to add additional CertStores with intermediate Certificates and/or CRLs which then are also used for the validation.

Parameters:
message - the signed MimeMessage
param - the parameters for the certificate path validation
certPathReviewerClass - a subclass of PKIXCertPathReviewer. The SignedMailValidator uses objects of this type for the cert path vailidation. The class must have an empty constructor.
Throws:
SignedMailValidatorException - if the message is no signed message or if an exception occurs reading the message
java.lang.IllegalArgumentException - if the certPathReviewerClass is not a subclass of PKIXCertPathReviewer or objects of certPathReviewerClass can not be instantiated
Method Detail

validateSignatures

protected void validateSignatures(java.security.cert.PKIXParameters pkixParam)

getEmailAddresses

public static java.util.Set getEmailAddresses(java.security.cert.X509Certificate cert)
                                       throws java.io.IOException,
                                              java.security.cert.CertificateEncodingException
Throws:
java.io.IOException
java.security.cert.CertificateEncodingException

checkSignerCert

protected void checkSignerCert(java.security.cert.X509Certificate cert,
                               java.util.List errors,
                               java.util.List notifications)

getSignatureTime

public static java.util.Date getSignatureTime(SignerInformation signer)

createCertPath

public static java.security.cert.CertPath createCertPath(java.security.cert.X509Certificate signerCert,
                                                         java.util.Set trustanchors,
                                                         java.util.List certStores)
                                                  throws java.security.GeneralSecurityException
Parameters:
signerCert - the end of the path
trustanchors - trust anchors for the path
certStores -
Returns:
the resulting certificate path.
Throws:
java.security.GeneralSecurityException

createCertPath

public static java.lang.Object[] createCertPath(java.security.cert.X509Certificate signerCert,
                                                java.util.Set trustanchors,
                                                java.util.List systemCertStores,
                                                java.util.List userCertStores)
                                         throws java.security.GeneralSecurityException
Returns an Object array containing a CertPath and a List of Booleans. The list contains the value true if the corresponding certificate in the CertPath was taken from the user provided CertStores.

Parameters:
signerCert - the end of the path
trustanchors - trust anchors for the path
systemCertStores - list of CertStore provided by the system
userCertStores - list of CertStore provided by the user
Returns:
a CertPath and a List of booleans.
Throws:
java.security.GeneralSecurityException

getCertsAndCRLs

public java.security.cert.CertStore getCertsAndCRLs()

getSignerInformationStore

public SignerInformationStore getSignerInformationStore()

getValidationResult

public SignedMailValidator.ValidationResult getValidationResult(SignerInformation signer)
                                                         throws SignedMailValidatorException
Throws:
SignedMailValidatorException

Bouncy Castle Cryptography Library 1.44