PKI-Lite - v1.0.5
    Preparing search index...

    Class SignedData

    Represents a CMS/PKCS#7 SignedData structure.

    SignedData is used to digitally sign content. It can contain the signed content (attached signature) or just the signature information (detached signature). Multiple signers can sign the same content, and certificates and CRLs can be included for signature verification.

    SignedData ::= SEQUENCE {
     version CMSVersion,
     digestAlgorithms DigestAlgorithmIdentifiers,
     encapContentInfo EncapsulatedContentInfo,
     certificates [0] IMPLICIT CertificateSet OPTIONAL,
     crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
     signerInfos SignerInfos
}
CMSVersion ::= INTEGER
DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
DigestAlgorithmIdentifier ::= AlgorithmIdentifier
SignerInfos ::= SET OF SignerInfo
CertificateSet ::= SET OF Certificate
RevocationInfoChoices ::= SET OF RevocationInfoChoice

    // Create signed data with builder
    const signedData = await SignedData.builder()
       .setContent(new Uint8Array([0x01, 0x02, 0x03, 0x04]))
       .addSigner({
           certificate: signerCert,
           privateKey: signerPrivateKey
       })
       .addCertificate(signerCert)
       .build()

    // Verify signatures
    const isValid = await signedData.verify({
        data: originalData,
    })

    Hierarchy (View Summary)

    Index

    Constructors

    constructor

    Properties

    certificates? crls? digestAlgorithms encapContentInfo signerInfos version CertificateSet DigestAlgorithmIdentifier DigestAlgorithmIdentifiers RevocationInfoChoices SignerInfos

    Accessors

    pemHeader pkiType

    Methods

    addCrl addOcsp equals parseAs toAsn1 toCms toDer toHumanString toJSON toPem toString verify builder fromAsn1 fromCms fromDer

    Constructors

    Properties

    certificates?: CertificateSet

    Optional set of certificates for signature verification.

    crls?: RevocationInfoChoices

    Optional set of certificate revocation information.

    digestAlgorithms: DigestAlgorithmIdentifiers

    Set of digest algorithms used by signers.

    encapContentInfo: EncapsulatedContentInfo

    Information about the encapsulated content being signed.

    signerInfos: SignerInfos
    version: number

    Version of the CMS structure.

    CertificateSet: typeof CertificateSet = CertificateSet

    Reference to CertificateSet class.

    DigestAlgorithmIdentifier: typeof DigestAlgorithmIdentifier = DigestAlgorithmIdentifier

    Reference to DigestAlgorithmIdentifier class.

    DigestAlgorithmIdentifiers: typeof DigestAlgorithmIdentifiers = DigestAlgorithmIdentifiers

    Reference to DigestAlgorithmIdentifiers class.

    RevocationInfoChoices: typeof RevocationInfoChoices = RevocationInfoChoices

    Reference to RevocationInfoChoices class.

    SignerInfos: typeof SignerInfos = SignerInfos

    Reference to SignerInfos class.

    Accessors

    • get pemHeader(): string

      Gets the PEM header name for this object type. Converts the class name to uppercase for use in PEM encoding.

      Returns string

    • get pkiType(): string

      Gets the PKI type name for this object (typically the class name). Used for PEM headers and debugging output.

      Returns string

    Methods

    • Compares this PKI object with another for equality. Two objects are considered equal if their DER encodings are identical.

      Parameters

      • other: PkiBase<any>

        The other PKI object to compare with

      Returns boolean

      true if the objects are equal, false otherwise

    • Returns a human-readable string representation of this object. By default, returns the same as toString(), but subclasses can override for more user-friendly output.

      Returns string

      A human-readable string representation

    • Verifies the signatures in the SignedData object.

      Parameters

      • options: {
            certificateValidation?: true | CertificateValidationOptions;
            data?: Uint8Array<ArrayBufferLike>;
        }

        Verification options

        • OptionalcertificateValidation?: true | CertificateValidationOptions

          Certificate validation options or true for default validation

        • Optionaldata?: Uint8Array<ArrayBufferLike>

          Optional original data for detached signatures

      Returns Promise<
          | { signerInfo: SignerInfo; valid: true }
          | { reasons: string[]; valid: false },
      >

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Accessors
    Methods