org.bouncycastle.cms

Class CMSSignedDataGenerator


public class CMSSignedDataGenerator
extends java.lang.Object

general class for generating a pkcs7-signature message.

A simple example of usage.

      CertStore               certs...
      CMSSignedDataGenerator    gen = new CMSSignedDataGenerator();

      gen.addSigner(privKey, cert, CMSSignedGenerator.DIGEST_SHA1);
      gen.addCertificatesAndCRLs(certs);

      CMSSignedData           data = gen.generate(content, "BC");
 

Field Summary

static String
DATA
Default type for the signed data.
static String
DIGEST_MD5
static String
DIGEST_SHA1
static String
DIGEST_SHA224
static String
DIGEST_SHA256
static String
DIGEST_SHA384
static String
DIGEST_SHA512
static String
ENCRYPTION_DSA
static String
ENCRYPTION_RSA

Constructor Summary

CMSSignedDataGenerator()
base constructor

Method Summary

void
addCertificatesAndCRLs(CertStore certStore)
add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.
void
addSigner(PrivateKey key, X509Certificate cert, String digestOID)
add a signer - no attributes other than the default ones will be provided here.
void
addSigner(PrivateKey key, X509Certificate cert, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)
add a signer with extra signed/unsigned attributes.
void
addSigners(SignerInformationStore signerStore)
Add a store of precalculated signers to the generator.
CMSSignedData
generate(String signedContentType, CMSProcessable content, boolean encapsulate, String sigProvider)
generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature.
CMSSignedData
generate(String signedContentType, CMSProcessable content, boolean encapsulate, String sigProvider, boolean addDefaultAttributes)
Similar method to the other generate methods.
CMSSignedData
generate(CMSProcessable content, String sigProvider)
generate a signed object that for a CMS Signed Data object using the given provider.
CMSSignedData
generate(CMSProcessable content, boolean encapsulate, String sigProvider)
generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".

Field Details

DATA

public static final String DATA
Default type for the signed data.


DIGEST_MD5

public static final String DIGEST_MD5


DIGEST_SHA1

public static final String DIGEST_SHA1


DIGEST_SHA224

public static final String DIGEST_SHA224


DIGEST_SHA256

public static final String DIGEST_SHA256


DIGEST_SHA384

public static final String DIGEST_SHA384


DIGEST_SHA512

public static final String DIGEST_SHA512


ENCRYPTION_DSA

public static final String ENCRYPTION_DSA


ENCRYPTION_RSA

public static final String ENCRYPTION_RSA

Constructor Details

CMSSignedDataGenerator

public CMSSignedDataGenerator()
base constructor

Method Details

addCertificatesAndCRLs

public void addCertificatesAndCRLs(CertStore certStore)
            throws CertStoreException,
                   CMSException
add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.

Note: this assumes the CertStore will support null in the get methods.


addSigner

public void addSigner(PrivateKey key,
                      X509Certificate cert,
                      String digestOID)
            throws IllegalArgumentException
add a signer - no attributes other than the default ones will be provided here.


addSigner

public void addSigner(PrivateKey key,
                      X509Certificate cert,
                      String digestOID,
                      AttributeTable signedAttr,
                      AttributeTable unsignedAttr)
            throws IllegalArgumentException
add a signer with extra signed/unsigned attributes.


addSigners

public void addSigners(SignerInformationStore signerStore)
Add a store of precalculated signers to the generator.

Parameters:
signerStore -


generate

public CMSSignedData generate(String signedContentType,
                              CMSProcessable content,
                              boolean encapsulate,
                              String sigProvider)
            throws NoSuchAlgorithmException,
                   NoSuchProviderException,
                   CMSException
generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature. The content type is set according to the OID represented by the string signedContentType.


generate

public CMSSignedData generate(String signedContentType,
                              CMSProcessable content,
                              boolean encapsulate,
                              String sigProvider,
                              boolean addDefaultAttributes)
            throws NoSuchAlgorithmException,
                   NoSuchProviderException,
                   CMSException
Similar method to the other generate methods. The additional argument addDefaultAttributes indicates whether or not a default set of signed attributes need to be added automatically. If the argument is set to false, no attributes will get added at all.


generate

public CMSSignedData generate(CMSProcessable content,
                              String sigProvider)
            throws NoSuchAlgorithmException,
                   NoSuchProviderException,
                   CMSException
generate a signed object that for a CMS Signed Data object using the given provider.


generate

public CMSSignedData generate(CMSProcessable content,
                              boolean encapsulate,
                              String sigProvider)
            throws NoSuchAlgorithmException,
                   NoSuchProviderException,
                   CMSException
generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".