signature | byte[ ] Optional. Signature to use to determine whether the signed data is intact (a DER-encoded representation of the SignedData object as specified in PKCS#7) where the signature is in the form of a byte array. If you are processing a detached signature, pass the signature in signature. If you are processing an implicit signature, pass the entire signed message in signature. Note: If both signature and signatureAsStream are provided, signatureAsStream takes precedence. |
signatureAsStream | java.io.InputStream Optional. Signature to use to determine whether the signed data is intact where the signature is in the form of an input stream. Note: If both signature and signatureAsStream are provided, signatureAsStream takes precedence. |
data | byte[ ] Optional. Data in the form of a byte array that was signed. If you are processing a detached signature, you must supply data. If you are only processing an implicitly signed data as a byte array, you do not need to supply data because both the data and the signature reside in signature. If you are processing a detached signature and an implicitly signed data as a byte array, you must supply data. Note: If both data and dataAsStream are provided, dataAsStream takes precedence. |
dataAsStream | java.io.InputStream Optional. Data in the form of an input stream that was signed. If you are processing a detached signature, you must supply dataAsStream. If you are only processing an implicitly signed data as an input stream, you do not need to supply dataAsStream because both the data and the signature reside in signatureAsStream. If you are processing a detached signature and an implicitly signed data as an input stream, you must supply dataAsStream. Note: If both data and dataAsStream are provided, dataAsStream takes precedence. |
detachedSignature | String Optional. Flag indicating whether the message has a detached signature. Set to: true when the message has a detached signature. false when the message has an implicit signature. This is the default. If detachedSignature is true and signature is provided, then data should be provided. If detachedSignature is true and signatureAsStream is provided, then dataAsStream should be provided. |
signerCertChain | byte[ ][ ] Optional. Certificate chains of the parties that signed the message. Note: If the signers included the certificate chain with the digital signature, you do not need to supply signerCertChain. |
content | byte[ ] Conditional. The data (for example, the document that was originally signed) extracted in the form of a byte array from an implicit signature. If you are verifying a detached signature, content is not returned. Note: The extracted data is returned in content even if signature verification fails. content is returned when the input parameter data is provided. | |
contentAsStream | java.io.OutputStream Conditional. The data extracted in the form of an output stream from an implicit signature. contentAsStream is returned when the input parameter dataAsStream is provided. | |
signerInfo | Document List Information about the signers. Each document in the list provides the following information about a single signer: | |
Key | Description | |
certChain | java.security.cert.X509Certificate[ ] Certificate chain of the signer. The chain will appear in hierarchical order, starting with the signer's X.509 certificate in element 0. | |
timeStamp | java.util.Date Time at which the signer signed the data. | |
trusted | String Flag indicating whether the certificate chain presented by the signer is trusted. A value of: true indicates that the chain is trusted. false indicates that the chain is not trusted. | |
status | String Flag indicating whether the signatures were successfully verified. If successful, status contains verified. If the signatures were not successfully verified, status contains an error message. |