Class: SignedData
Represents the SignedData structure described in RFC5652
Example
The following example demonstrates how to create and sign CMS Signed Data
// Create a new CMS Signed Data
const cmsSigned = new pkijs.SignedData({
encapContentInfo: new pkijs.EncapsulatedContentInfo({
eContentType: pkijs.ContentInfo.DATA,, // "data" content type
eContent: new asn1js.OctetString({ valueHex: buffer })
}),
signerInfos: [
new pkijs.SignerInfo({
sid: new pkijs.IssuerAndSerialNumber({
issuer: cert.issuer,
serialNumber: cert.serialNumber
})
})
],
// Signer certificate for chain validation
certificates: [cert]
});
await cmsSigned.sign(keys.privateKey, 0, "SHA-256");
// Add Signed Data to Content Info
const cms = new pkijs.ContentInfo({
contentType: pkijs.ContentInfo.SIGNED_DATA,,
content: cmsSigned.toSchema(true),
});
// Encode CMS to ASN.1
const cmsRaw = cms.toSchema().toBER();
Example
The following example demonstrates how to verify CMS Signed Data
// Parse CMS and detect it's Signed Data
const cms = pkijs.ContentInfo.fromBER(cmsRaw);
if (cms.contentType !== pkijs.ContentInfo.SIGNED_DATA) {
throw new Error("CMS is not Signed Data");
}
// Read Signed Data
const signedData = new pkijs.SignedData({ schema: cms.content });
// Verify Signed Data signature
const ok = await signedData.verify({
signer: 0,
checkChain: true,
trustedCerts: [trustedCert],
});
if (!ok) {
throw new Error("CMS signature is invalid")
}
Hierarchy
-
↳
SignedData
Implements
Constructors
constructor
• new SignedData(parameters?
): SignedData
Initializes a new instance of the SignedData class
Parameters
Name | Type | Description |
---|---|---|
parameters | SignedDataParameters | Initialization parameters |
Returns
Overrides
Properties
certificates
• Optional
certificates: CertificateSetItem
[]
Implementation of
crls
• Optional
crls: SignedDataCRL
[]
Implementation of
digestAlgorithms
• digestAlgorithms: AlgorithmIdentifier
[]
Implementation of
encapContentInfo
• encapContentInfo: EncapsulatedContentInfo
Implementation of
ocsps
• Optional
ocsps: BasicOCSPResponse
[]
Implementation of
signerInfos
• signerInfos: SignerInfo
[]
Implementation of
version
• version: number
Implementation of
CLASS_NAME
▪ Static
CLASS_NAME: string
= "SignedData"
Name of the class
Overrides
ID_DATA
▪ Static
ID_DATA: "1.2.840.113549.1.7.1"
Accessors
className
• get
className(): string
Returns
string
Inherited from
PkiObject.className
Methods
fromSchema
▸ fromSchema(schema
): void
Converts parsed ASN.1 object into current class
Parameters
Name | Type | Description |
---|---|---|
schema | any | ASN.1 schema |
Returns
void
Overrides
sign
▸ sign(privateKey
, signerIndex
, hashAlgorithm?
, data?
, crypto?
): Promise
<void
>
Signing current SignedData
Parameters
Name | Type | Default value | Description |
---|---|---|---|
privateKey | CryptoKey | undefined | Private key for "subjectPublicKeyInfo" structure |
signerIndex | number | undefined | Index number (starting from 0) of signer index to make signature for |
hashAlgorithm | string | "SHA-1" | Hashing algorithm. Default SHA-1 |
data | BufferSource | undefined | Detached data |
crypto | ICryptoEngine | undefined | Crypto engine |
Returns
Promise
<void
>
toJSON
▸ toJSON(): SignedDataJson
Converts the class to JSON object
Returns
JSON object
Overrides
toSchema
▸ toSchema(encodeFlag?
): any
Converts current object to ASN.1 object and sets correct values
Parameters
Name | Type | Default value | Description |
---|---|---|---|
encodeFlag | boolean | false | If param equal to false then creates schema via decoding stored value. In other case creates schema via assembling from cached parts |
Returns
any
ASN.1 object
Overrides
toString
▸ toString(encoding?
): string
Parameters
Name | Type | Default value |
---|---|---|
encoding | "base64" | "base64url" | "hex" | "hex" |
Returns
string
Inherited from
verify
▸ verify(params?
, crypto?
): Promise
<boolean
>
Parameters
Name | Type |
---|---|
params? | SignedDataVerifyParams & { extendedMode? : false } |
crypto? | ICryptoEngine |
Returns
Promise
<boolean
>
▸ verify(params
, crypto?
): Promise
<SignedDataVerifyResult
>
Parameters
Name | Type |
---|---|
params | SignedDataVerifyParams & { extendedMode : true } |
crypto? | ICryptoEngine |
Returns
Promise
<SignedDataVerifyResult
>
blockName
▸ blockName(): string
Returns block name
Returns
string
Returns string block name
Inherited from
compareWithDefault
▸ compareWithDefault(memberName
, memberValue
): boolean
Compare values with default values for all class members
Parameters
Name | Type | Description |
---|---|---|
memberName | string | String name for a class member |
memberValue | any | Value to compare with default value |
Returns
boolean
defaultValues
▸ defaultValues(memberName
): number
Returns default values for all class members
Parameters
Name | Type | Description |
---|---|---|
memberName | "version" | String name for a class member |
Returns
number
Default value
Overrides
▸ defaultValues(memberName
): AlgorithmIdentifier
[]
Parameters
Name | Type |
---|---|
memberName | "digestAlgorithms" |
Returns
Overrides
PkiObject.defaultValues
▸ defaultValues(memberName
): EncapsulatedContentInfo
Parameters
Name | Type |
---|---|
memberName | "encapContentInfo" |
Returns
Overrides
PkiObject.defaultValues
▸ defaultValues(memberName
): CertificateSetItem
[]
Parameters
Name | Type |
---|---|
memberName | "certificates" |
Returns
Overrides
PkiObject.defaultValues
▸ defaultValues(memberName
): SignedDataCRL
[]
Parameters
Name | Type |
---|---|
memberName | "crls" |
Returns
Overrides
PkiObject.defaultValues
▸ defaultValues(memberName
): BasicOCSPResponse
[]
Parameters
Name | Type |
---|---|
memberName | "ocsps" |
Returns
Overrides
PkiObject.defaultValues
▸ defaultValues(memberName
): SignerInfo
[]
Parameters
Name | Type |
---|---|
memberName | "signerInfos" |
Returns
Overrides
PkiObject.defaultValues
fromBER
▸ fromBER<T
>(this
, raw
): T
Creates PKI object from the raw data
Type parameters
Name | Type |
---|---|
T | extends PkiObject |
Parameters
Name | Type | Description |
---|---|---|
this | PkiObjectConstructor <T > | - |
raw | BufferSource | ASN.1 encoded raw data |
Returns
T
Initialized and filled current class object
Inherited from
schema
▸ schema(parameters?
): any
Returns value of pre-defined ASN.1 schema for current class
Parameters
Name | Type | Description |
---|---|---|
parameters | SchemaParameters <{ certificates? : string ; crls? : RevocationInfoChoicesSchema ; digestAlgorithms? : string ; encapContentInfo? : EncapsulatedContentInfoSchema ; signerInfos? : string ; version? : string }> | Input parameters for the schema |
Returns
any
ASN.1 schema object