Package se.digg.dgc.signatures.cose

Class CoseSign1_Object

  • public class CoseSign1_Object
extends Object
    A representation of a COSE_Sign1 object.
    Author:
    Martin Lindström (martin@idsec.se), Henrik Bengtsson (extern.henrik.bengtsson@digg.se), Henric Norlander (extern.henric.norlander@digg.se)

    • Field Detail

      • MESSAGE_TAG

        public static final int MESSAGE_TAG
        The COSE_Sign1 message tag.
        See Also:
        Constant Field Values

    • Constructor Detail

      • CoseSign1_Object

        public CoseSign1_Object()
        Default constructor.

      • CoseSign1_Object

        public CoseSign1_Object​(byte[] data)
                 throws com.upokecenter.cbor.CBORException
        Constructor that accepts the binary representation of a signed COSE_Sign1 object.
        Parameters:
        data - the binary representation of the COSE_Sign1 object
        Throws:
        com.upokecenter.cbor.CBORException - for invalid data

    • Method Detail

      • decode

        public static CoseSign1_Object decode​(byte[] data)
                               throws com.upokecenter.cbor.CBORException
        Decodes the supplied data into a CoseSign1_Object object.
        Parameters:
        data - the encoded data
        Returns:
        a CoseSign1_Object object
        Throws:
        com.upokecenter.cbor.CBORException - if the supplied encoding is not a valid CoseSign1_Object

      • encode

        public byte[] encode()
              throws com.upokecenter.cbor.CBORException
        Gets the binary representation of this object.

        Note: Only complete objects that have been signed may be encoded.

        Returns:
        the bytes for the binary representation
        Throws:
        com.upokecenter.cbor.CBORException - for encoding errors

      • sign

        public void sign​(PrivateKey signingKey,
                 Provider provider)
          throws SignatureException,
                 com.upokecenter.cbor.CBORException
        Signs the COSE_Sign1 object using the supplied key.
        Parameters:
        signingKey - the signing key
        provider - the security provider to use (may be null)
        Throws:
        SignatureException - for signature errors
        com.upokecenter.cbor.CBORException - for CBOR coding errors

      • getKeyIdentifier

        public byte[] getKeyIdentifier()
        A utility method that looks for the key identifier (kid) in the protected (and unprotected) attributes.
        Returns:
        the key identifier as a byte string

      • getCwt

        public Cwt getCwt()
           throws com.upokecenter.cbor.CBORException
        A utility method that gets the contents as a Cwt.
        Returns:
        the CWT or null if no contents is available
        Throws:
        com.upokecenter.cbor.CBORException - if the contents do not hold a valid CWT

      • getSignature

        public byte[] getSignature()
        A utility method that gets a copy of the signature
        Returns:
        a Signature copy or null if no signature is available

      • getSignatureAlgorithm

        public SignatureAlgorithm getSignatureAlgorithm()
        A utility method that gets the signature algorithm
        Returns:
        the SignatureAlgorithm or null if no signature algorithm is available

      • verifySignature

        public void verifySignature​(PublicKey publicKey)
                     throws SignatureException
        Verifies the signature of the COSE_Sign1 object.

        Note: This method only verifies the signature. Not the payload.

        Parameters:
        publicKey - the key to use when verifying the signature
        Throws:
        SignatureException - for signature verification errors

      • addProtectedAttribute

        public void addProtectedAttribute​(com.upokecenter.cbor.CBORObject label,
                                  com.upokecenter.cbor.CBORObject value)
                           throws com.upokecenter.cbor.CBORException
        Adds a protected attribute.
        Parameters:
        label - the attribute label
        value - the attribute value
        Throws:
        com.upokecenter.cbor.CBORException - if the object already has been signed

      • removeProtectedAttribute

        public void removeProtectedAttribute​(com.upokecenter.cbor.CBORObject label)
                              throws com.upokecenter.cbor.CBORException
        Removes a protected attribute.
        Parameters:
        label - the attribute label
        Throws:
        com.upokecenter.cbor.CBORException - if the object already has been signed

      • addUnprotectedAttribute

        public void addUnprotectedAttribute​(com.upokecenter.cbor.CBORObject label,
                                    com.upokecenter.cbor.CBORObject value)
        Adds an unprotected attribute.
        Parameters:
        label - the attribute label
        value - the attribute value

      • removeUnprotectedAttribute

        public void removeUnprotectedAttribute​(com.upokecenter.cbor.CBORObject label)
        Removes an unprotected attribute.
        Parameters:
        label - the attribute label
        Throws:
        com.upokecenter.cbor.CBORException - if the object already has been signed

      • setContent

        public void setContent​(byte[] content)
        Assigns the payload/content (usually a CWT).
        Parameters:
        content - the binary representation of the payload

      • setIncludeMessageTag

        public void setIncludeMessageTag​(boolean includeMessageTag)
        Tells whether to include the COSE_Sign1 message tag in encodings. The default is true.
        Parameters:
        includeMessageTag - whether to include the message tag