CMSSignedDataGeneratorpublic class CMSSignedDataGenerator extends CMSSignedGenerator | general class for generating a pkcs7-signature message.
A simple example of usage.
CertStore certs...
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(privKey, cert, CMSSignedGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certs);
CMSSignedData data = gen.generate(content, "BC");
|
| Fields Summary |
|---|
| List | signerInfs |
| Constructors Summary |
|---|
public CMSSignedDataGenerator()base constructor
| public CMSSignedDataGenerator(SecureRandom rand)constructor allowing specific source of randomness
super(rand);
|
| Methods Summary |
|---|
| public void | addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String digestOID)add a signer - no attributes other than the default ones will be
provided here.
String encOID = getEncOID(key, digestOID);
signerInfs.add(new SignerInf(key, cert, digestOID, encOID, new DefaultSignedAttributeTableGenerator(), null, null));
| | public void | addSigner(java.security.PrivateKey key, byte[] subjectKeyID, java.lang.String digestOID)add a signer - no attributes other than the default ones will be
provided here.
String encOID = getEncOID(key, digestOID);
signerInfs.add(new SignerInf(key, subjectKeyID, digestOID, encOID, new DefaultSignedAttributeTableGenerator(), null, null));
| | public void | addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String digestOID, org.bouncycastle.asn1.cms.AttributeTable signedAttr, org.bouncycastle.asn1.cms.AttributeTable unsignedAttr)add a signer with extra signed/unsigned attributes.
String encOID = getEncOID(key, digestOID);
signerInfs.add(new SignerInf(key, cert, digestOID, encOID, new DefaultSignedAttributeTableGenerator(signedAttr), new SimpleAttributeTableGenerator(unsignedAttr), signedAttr));
| | public void | addSigner(java.security.PrivateKey key, byte[] subjectKeyID, java.lang.String digestOID, org.bouncycastle.asn1.cms.AttributeTable signedAttr, org.bouncycastle.asn1.cms.AttributeTable unsignedAttr)add a signer with extra signed/unsigned attributes.
String encOID = getEncOID(key, digestOID);
signerInfs.add(new SignerInf(key, subjectKeyID, digestOID, encOID, new DefaultSignedAttributeTableGenerator(signedAttr), new SimpleAttributeTableGenerator(unsignedAttr), signedAttr));
| | public void | addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String digestOID, CMSAttributeTableGenerator signedAttrGen, CMSAttributeTableGenerator unsignedAttrGen)add a signer with extra signed/unsigned attributes based on generators.
String encOID = getEncOID(key, digestOID);
signerInfs.add(new SignerInf(key, cert, digestOID, encOID, signedAttrGen, unsignedAttrGen, null));
| | public void | addSigner(java.security.PrivateKey key, byte[] subjectKeyID, java.lang.String digestOID, CMSAttributeTableGenerator signedAttrGen, CMSAttributeTableGenerator unsignedAttrGen)add a signer with extra signed/unsigned attributes based on generators.
String encOID = getEncOID(key, digestOID);
signerInfs.add(new SignerInf(key, subjectKeyID, digestOID, encOID, signedAttrGen, unsignedAttrGen, null));
| | public CMSSignedData | generate(CMSProcessable content, java.lang.String sigProvider)generate a signed object that for a CMS Signed Data
object using the given provider.
return generate(content, CMSUtils.getProvider(sigProvider));
| | public CMSSignedData | generate(CMSProcessable content, java.security.Provider sigProvider)generate a signed object that for a CMS Signed Data
object using the given provider.
return generate(content, false, sigProvider);
| | public CMSSignedData | generate(java.lang.String signedContentType, CMSProcessable content, boolean encapsulate, java.lang.String sigProvider)generate a signed object that for a CMS Signed Data
object using the given provider - if encapsulate is true a copy
of the message will be included in the signature. The content type
is set according to the OID represented by the string signedContentType.
return generate(signedContentType, content, encapsulate, CMSUtils.getProvider(sigProvider), true);
| | public CMSSignedData | generate(java.lang.String signedContentType, CMSProcessable content, boolean encapsulate, java.security.Provider sigProvider)generate a signed object that for a CMS Signed Data
object using the given provider - if encapsulate is true a copy
of the message will be included in the signature. The content type
is set according to the OID represented by the string signedContentType.
return generate(signedContentType, content, encapsulate, sigProvider, true);
| | public CMSSignedData | generate(java.lang.String signedContentType, CMSProcessable content, boolean encapsulate, java.lang.String sigProvider, boolean addDefaultAttributes)Similar method to the other generate methods. The additional argument
addDefaultAttributes indicates whether or not a default set of signed attributes
need to be added automatically. If the argument is set to false, no
attributes will get added at all.
return generate(signedContentType, content, encapsulate, CMSUtils.getProvider(sigProvider), addDefaultAttributes);
| | public CMSSignedData | generate(java.lang.String signedContentType, CMSProcessable content, boolean encapsulate, java.security.Provider sigProvider, boolean addDefaultAttributes)Similar method to the other generate methods. The additional argument
addDefaultAttributes indicates whether or not a default set of signed attributes
need to be added automatically. If the argument is set to false, no
attributes will get added at all.
ASN1EncodableVector digestAlgs = new ASN1EncodableVector();
ASN1EncodableVector signerInfos = new ASN1EncodableVector();
_digests.clear(); // clear the current preserved digest state
//
// add the precalculated SignerInfo objects.
//
Iterator it = _signers.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
AlgorithmIdentifier digAlgId;
try
{
digAlgId = makeAlgId(signer.getDigestAlgOID(),
signer.getDigestAlgParams());
}
catch (IOException e)
{
throw new CMSException("encoding error.", e);
}
digestAlgs.add(digAlgId);
signerInfos.add(signer.toSignerInfo());
}
//
// add the SignerInfo objects
//
DERObjectIdentifier contentTypeOID;
boolean isCounterSignature;
if (signedContentType != null)
{
contentTypeOID = new DERObjectIdentifier(signedContentType);
isCounterSignature = false;
}
else
{
contentTypeOID = CMSObjectIdentifiers.data;
isCounterSignature = true;
}
it = signerInfs.iterator();
while (it.hasNext())
{
SignerInf signer = (SignerInf)it.next();
AlgorithmIdentifier digAlgId;
try
{
digAlgId = makeAlgId(signer.getDigestAlgOID(),
signer.getDigestAlgParams());
digestAlgs.add(digAlgId);
signerInfos.add(signer.toSignerInfo(contentTypeOID, content, rand, sigProvider, addDefaultAttributes, isCounterSignature));
}
catch (IOException e)
{
throw new CMSException("encoding error.", e);
}
catch (InvalidKeyException e)
{
throw new CMSException("key inappropriate for signature.", e);
}
catch (SignatureException e)
{
throw new CMSException("error creating signature.", e);
}
catch (CertificateEncodingException e)
{
throw new CMSException("error creating sid.", e);
}
}
ASN1Set certificates = null;
if (_certs.size() != 0)
{
certificates = CMSUtils.createBerSetFromList(_certs);
}
ASN1Set certrevlist = null;
if (_crls.size() != 0)
{
certrevlist = CMSUtils.createBerSetFromList(_crls);
}
ContentInfo encInfo;
if (encapsulate)
{
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
try
{
content.write(bOut);
}
catch (IOException e)
{
throw new CMSException("encapsulation error.", e);
}
ASN1OctetString octs = new BERConstructedOctetString(
bOut.toByteArray());
encInfo = new ContentInfo(contentTypeOID, octs);
}
else
{
encInfo = new ContentInfo(contentTypeOID, null);
}
SignedData sd = new SignedData(
new DERSet(digestAlgs),
encInfo,
certificates,
certrevlist,
new DERSet(signerInfos));
ContentInfo contentInfo = new ContentInfo(
PKCSObjectIdentifiers.signedData, sd);
return new CMSSignedData(content, contentInfo);
| | public CMSSignedData | generate(CMSProcessable content, boolean encapsulate, java.lang.String sigProvider)generate a signed object that for a CMS Signed Data
object using the given provider - if encapsulate is true a copy
of the message will be included in the signature with the
default content type "data".
return this.generate(DATA, content, encapsulate, sigProvider);
| | public CMSSignedData | generate(CMSProcessable content, boolean encapsulate, java.security.Provider sigProvider)generate a signed object that for a CMS Signed Data
object using the given provider - if encapsulate is true a copy
of the message will be included in the signature with the
default content type "data".
return this.generate(DATA, content, encapsulate, sigProvider);
| | public SignerInformationStore | generateCounterSigners(SignerInformation signer, java.security.Provider sigProvider)generate a set of one or more SignerInformation objects representing counter signatures on
the passed in SignerInformation object.
return this.generate(null, new CMSProcessableByteArray(signer.getSignature()), false, sigProvider).getSignerInfos();
| | public SignerInformationStore | generateCounterSigners(SignerInformation signer, java.lang.String sigProvider)generate a set of one or more SignerInformation objects representing counter signatures on
the passed in SignerInformation object.
return this.generate(null, new CMSProcessableByteArray(signer.getSignature()), false, CMSUtils.getProvider(sigProvider)).getSignerInfos();
| | private org.bouncycastle.asn1.x509.AlgorithmIdentifier | makeAlgId(java.lang.String oid, byte[] params)
if (params != null)
{
return new AlgorithmIdentifier(
new DERObjectIdentifier(oid), makeObj(params));
}
else
{
return new AlgorithmIdentifier(
new DERObjectIdentifier(oid), new DERNull());
}
| | private org.bouncycastle.asn1.DERObject | makeObj(byte[] encoding)
if (encoding == null)
{
return null;
}
ByteArrayInputStream bIn = new ByteArrayInputStream(encoding);
ASN1InputStream aIn = new ASN1InputStream(bIn);
return aIn.readObject();
|
|
