File Doc Category Size Date Package
CMSSignedGenerator.java API Doc Bouncy Castle Crypto API 1.41 (Java 1.5) 9902 Wed Oct 01 10:55:28 BST 2008 org.bouncycastle.cms

CMSSignedGenerator

java.lang.Object

public class CMSSignedGenerator extends Object

Fields Summary
public static final String
DATA
Default type for the signed data.
public static final String
DIGEST_SHA1
public static final String
DIGEST_SHA224
public static final String
DIGEST_SHA256
public static final String
DIGEST_SHA384
public static final String
DIGEST_SHA512
public static final String
DIGEST_MD5
public static final String
DIGEST_GOST3411
public static final String
DIGEST_RIPEMD128
public static final String
DIGEST_RIPEMD160
public static final String
DIGEST_RIPEMD256
public static final String
ENCRYPTION_RSA
public static final String
ENCRYPTION_DSA
public static final String
ENCRYPTION_ECDSA
public static final String
ENCRYPTION_RSA_PSS
public static final String
ENCRYPTION_GOST3410
public static final String
ENCRYPTION_ECGOST3410
private static final String
ENCRYPTION_ECDSA_WITH_SHA1
private static final String
ENCRYPTION_ECDSA_WITH_SHA224
private static final String
ENCRYPTION_ECDSA_WITH_SHA256
private static final String
ENCRYPTION_ECDSA_WITH_SHA384
private static final String
ENCRYPTION_ECDSA_WITH_SHA512
private static final Set
NO_PARAMS
private static final Map
EC_ALGORITHMS
protected List
_certs
protected List
_crls
protected List
_signers
protected Map
_digests
protected final SecureRandom
rand
Constructors Summary
protected CMSSignedGenerator()
base constructor
this(new SecureRandom());
protected CMSSignedGenerator(SecureRandom rand)
constructor allowing specific source of randomness
param
rand instance of SecureRandom to use
this.rand = rand;
Methods Summary
public void addAttributeCertificates(org.bouncycastle.x509.X509Store store)
Add the attribute certificates contained in the passed in store to the generator.
param
store a store of Version 2 attribute certificates
throws
CMSException if an error occurse processing the store.
try { for (Iterator it = store.getMatches(null).iterator(); it.hasNext();) { X509AttributeCertificate attrCert = (X509AttributeCertificate)it.next(); _certs.add(new DERTaggedObject(false, 2, AttributeCertificate.getInstance(ASN1Object.fromByteArray(attrCert.getEncoded())))); } } catch (IllegalArgumentException e) { throw new CMSException("error processing attribute certs", e); } catch (IOException e) { throw new CMSException("error processing attribute certs", e); }
public void addCertificatesAndCRLs(java.security.cert.CertStore certStore)
add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.
Note: this assumes the CertStore will support null in the get methods.
param
certStore CertStore containing the public key certificates and CRLs
throws
java.security.cert.CertStoreException if an issue occurs processing the CertStore
throws
CMSException if an issue occurse transforming data from the CertStore into the message
_certs.addAll(CMSUtils.getCertificatesFromStore(certStore)); _crls.addAll(CMSUtils.getCRLsFromStore(certStore));
public void addSigners(SignerInformationStore signerStore)
Add a store of precalculated signers to the generator.
param
signerStore store of signers
Iterator it = signerStore.getSigners().iterator(); while (it.hasNext()) { _signers.add(it.next()); }
protected org.bouncycastle.asn1.ASN1Set getAttributeSet(org.bouncycastle.asn1.cms.AttributeTable attr)
if (attr != null) { return new DERSet(attr.toASN1EncodableVector()); } return null;
protected java.util.Map getBaseParameters(org.bouncycastle.asn1.DERObjectIdentifier contentType, org.bouncycastle.asn1.x509.AlgorithmIdentifier digAlgId, byte[] hash)
Map param = new HashMap(); param.put(CMSAttributeTableGenerator.CONTENT_TYPE, contentType); param.put(CMSAttributeTableGenerator.DIGEST_ALGORITHM_IDENTIFIER, digAlgId); if (hash != null) { param.put(CMSAttributeTableGenerator.DIGEST, hash.clone()); } return param;
protected org.bouncycastle.asn1.x509.AlgorithmIdentifier getEncAlgorithmIdentifier(java.lang.String encOid)
if (NO_PARAMS.contains(encOid)) { return new AlgorithmIdentifier( new DERObjectIdentifier(encOid)); } else { return new AlgorithmIdentifier( new DERObjectIdentifier(encOid), new DERNull()); }
protected java.lang.String getEncOID(java.security.PrivateKey key, java.lang.String digestOID)
String encOID = null; if (key instanceof RSAPrivateKey || "RSA".equalsIgnoreCase(key.getAlgorithm())) { encOID = ENCRYPTION_RSA; } else if (key instanceof DSAPrivateKey || "DSA".equalsIgnoreCase(key.getAlgorithm())) { encOID = ENCRYPTION_DSA; if (!digestOID.equals(DIGEST_SHA1)) { throw new IllegalArgumentException("can't mix DSA with anything but SHA1"); } } else if ("ECDSA".equalsIgnoreCase(key.getAlgorithm()) || "EC".equalsIgnoreCase(key.getAlgorithm())) { encOID = (String)EC_ALGORITHMS.get(digestOID); if (encOID == null) { throw new IllegalArgumentException("can't mix ECDSA with anything but SHA family digests"); } } else if (key instanceof GOST3410PrivateKey || "GOST3410".equalsIgnoreCase(key.getAlgorithm())) { encOID = ENCRYPTION_GOST3410; } else if ("ECGOST3410".equalsIgnoreCase(key.getAlgorithm())) { encOID = ENCRYPTION_ECGOST3410; } return encOID;
public java.util.Map getGeneratedDigests()
Return a map of oids and byte arrays representing the digests calculated on the content during the last generate.
return
a map of oids (as String objects) and byte[] representing digests.
return new HashMap(_digests);