Bouncy Castle Cryptography Library 1.45

org.bouncycastle.mail.smime
Class SMIMESignedGenerator

java.lang.Object
  extended by org.bouncycastle.mail.smime.SMIMEGenerator
      extended by org.bouncycastle.mail.smime.SMIMESignedGenerator

public class SMIMESignedGenerator
extends SMIMEGenerator

general class for generating a pkcs7-signature message.

A simple example of usage.

      CertStore           certs...
      SMIMESignedGenerator  fact = new SMIMESignedGenerator();

      fact.addSigner(privKey, cert, SMIMESignedGenerator.DIGEST_SHA1);
      fact.addCertificatesAndCRLs(certs);

      MimeMultipart       smime = fact.generate(content, "BC");
 

Note: if you are using this class with AS2 or some other protocol that does not use "7bit" as the default content transfer encoding you will need to use the constructor that allows you to specify the default content transfer encoding, such as "binary".


Field Summary
static java.lang.String DIGEST_GOST3411
           
static java.lang.String DIGEST_MD5
           
static java.lang.String DIGEST_RIPEMD128
           
static java.lang.String DIGEST_RIPEMD160
           
static java.lang.String DIGEST_RIPEMD256
           
static java.lang.String DIGEST_SHA1
           
static java.lang.String DIGEST_SHA224
           
static java.lang.String DIGEST_SHA256
           
static java.lang.String DIGEST_SHA384
           
static java.lang.String DIGEST_SHA512
           
static java.lang.String ENCRYPTION_DSA
           
static java.lang.String ENCRYPTION_ECDSA
           
static java.lang.String ENCRYPTION_ECGOST3410
           
static java.lang.String ENCRYPTION_GOST3410
           
static java.lang.String ENCRYPTION_RSA
           
static java.lang.String ENCRYPTION_RSA_PSS
           
 
Fields inherited from class org.bouncycastle.mail.smime.SMIMEGenerator
encoding, useBase64
 
Constructor Summary
SMIMESignedGenerator()
          base constructor - default content transfer encoding 7bit
SMIMESignedGenerator(java.lang.String defaultContentTransferEncoding)
          base constructor - default content transfer encoding explicitly set
 
Method Summary
 void addAttributeCertificates(org.bouncycastle.x509.X509Store store)
          Add the attribute certificates contained in the passed in store to the generator.
 void addCertificatesAndCRLs(java.security.cert.CertStore certStore)
          add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.
 void addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String digestOID)
          add a signer - no attributes other than the default ones will be provided here.
 void addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String digestOID, org.bouncycastle.asn1.cms.AttributeTable signedAttr, org.bouncycastle.asn1.cms.AttributeTable unsignedAttr)
          Add a signer with extra signed/unsigned attributes or overrides for the standard attributes.
 void addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String encryptionOID, java.lang.String digestOID)
          add a signer - no attributes other than the default ones will be provided here.
 void addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String encryptionOID, java.lang.String digestOID, org.bouncycastle.asn1.cms.AttributeTable signedAttr, org.bouncycastle.asn1.cms.AttributeTable unsignedAttr)
          Add a signer with extra signed/unsigned attributes or overrides for the standard attributes and a digest encryption algorithm.
 void addSigners(SignerInformationStore signerStore)
          Add a store of precalculated signers to the generator.
 MimeMultipart generate(MimeBodyPart content, java.security.Provider sigProvider)
          generate a signed object that contains an SMIME Signed Multipart object using the given provider.
 MimeMultipart generate(MimeBodyPart content, java.lang.String sigProvider)
          generate a signed object that contains an SMIME Signed Multipart object using the given provider.
 MimeMultipart generate(MimeMessage message, java.security.Provider sigProvider)
          generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage
 MimeMultipart generate(MimeMessage message, java.lang.String sigProvider)
          generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage
 MimeBodyPart generateCertificateManagement(java.security.Provider provider)
          Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.
 MimeBodyPart generateCertificateManagement(java.lang.String provider)
          Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.
 MimeBodyPart generateEncapsulated(MimeBodyPart content, java.security.Provider sigProvider)
          generate a signed message with encapsulated content Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.
 MimeBodyPart generateEncapsulated(MimeBodyPart content, java.lang.String sigProvider)
          generate a signed message with encapsulated content Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.
 MimeBodyPart generateEncapsulated(MimeMessage message, java.security.Provider sigProvider)
          generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage.
 MimeBodyPart generateEncapsulated(MimeMessage message, java.lang.String sigProvider)
          generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage.
 java.util.Map getGeneratedDigests()
          Return a map of oids and byte arrays representing the digests calculated on the content during the last generate.
 
Methods inherited from class org.bouncycastle.mail.smime.SMIMEGenerator
createSymmetricKeyGenerator, makeContentBodyPart, makeContentBodyPart, setContentTransferEncoding
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DIGEST_SHA1

public static final java.lang.String DIGEST_SHA1

DIGEST_MD5

public static final java.lang.String DIGEST_MD5

DIGEST_SHA224

public static final java.lang.String DIGEST_SHA224

DIGEST_SHA256

public static final java.lang.String DIGEST_SHA256

DIGEST_SHA384

public static final java.lang.String DIGEST_SHA384

DIGEST_SHA512

public static final java.lang.String DIGEST_SHA512

DIGEST_GOST3411

public static final java.lang.String DIGEST_GOST3411

DIGEST_RIPEMD128

public static final java.lang.String DIGEST_RIPEMD128

DIGEST_RIPEMD160

public static final java.lang.String DIGEST_RIPEMD160

DIGEST_RIPEMD256

public static final java.lang.String DIGEST_RIPEMD256

ENCRYPTION_RSA

public static final java.lang.String ENCRYPTION_RSA

ENCRYPTION_DSA

public static final java.lang.String ENCRYPTION_DSA

ENCRYPTION_ECDSA

public static final java.lang.String ENCRYPTION_ECDSA

ENCRYPTION_RSA_PSS

public static final java.lang.String ENCRYPTION_RSA_PSS

ENCRYPTION_GOST3410

public static final java.lang.String ENCRYPTION_GOST3410

ENCRYPTION_ECGOST3410

public static final java.lang.String ENCRYPTION_ECGOST3410
Constructor Detail

SMIMESignedGenerator

public SMIMESignedGenerator()
base constructor - default content transfer encoding 7bit


SMIMESignedGenerator

public SMIMESignedGenerator(java.lang.String defaultContentTransferEncoding)
base constructor - default content transfer encoding explicitly set

Parameters:
defaultContentTransferEncoding - new default to use.
Method Detail

addSigner

public void addSigner(java.security.PrivateKey key,
                      java.security.cert.X509Certificate cert,
                      java.lang.String digestOID)
               throws java.lang.IllegalArgumentException
add a signer - no attributes other than the default ones will be provided here.

Parameters:
key - key to use to generate the signature
cert - the public key certificate associated with the signer's key.
digestOID - object ID of the digest algorithm to use.
Throws:
java.lang.IllegalArgumentException - any of the arguments are inappropriate

addSigner

public void addSigner(java.security.PrivateKey key,
                      java.security.cert.X509Certificate cert,
                      java.lang.String encryptionOID,
                      java.lang.String digestOID)
               throws java.lang.IllegalArgumentException
add a signer - no attributes other than the default ones will be provided here.

Parameters:
key - key to use to generate the signature
cert - the public key certificate associated with the signer's key.
encryptionOID - object ID of the digest ecnryption algorithm to use.
digestOID - object ID of the digest algorithm to use.
Throws:
java.lang.IllegalArgumentException - any of the arguments are inappropriate

addSigner

public void addSigner(java.security.PrivateKey key,
                      java.security.cert.X509Certificate cert,
                      java.lang.String digestOID,
                      org.bouncycastle.asn1.cms.AttributeTable signedAttr,
                      org.bouncycastle.asn1.cms.AttributeTable unsignedAttr)
               throws java.lang.IllegalArgumentException
Add a signer with extra signed/unsigned attributes or overrides for the standard attributes. For example this method can be used to explictly set default attributes such as the signing time.

Parameters:
key - key to use to generate the signature
cert - the public key certificate associated with the signer's key.
digestOID - object ID of the digest algorithm to use.
signedAttr - signed attributes to be included in the signature.
unsignedAttr - unsigned attribitues to be included.
Throws:
java.lang.IllegalArgumentException - any of the arguments are inappropriate

addSigner

public void addSigner(java.security.PrivateKey key,
                      java.security.cert.X509Certificate cert,
                      java.lang.String encryptionOID,
                      java.lang.String digestOID,
                      org.bouncycastle.asn1.cms.AttributeTable signedAttr,
                      org.bouncycastle.asn1.cms.AttributeTable unsignedAttr)
               throws java.lang.IllegalArgumentException
Add a signer with extra signed/unsigned attributes or overrides for the standard attributes and a digest encryption algorithm. For example this method can be used to explictly set default attributes such as the signing time.

Parameters:
key - key to use to generate the signature
cert - the public key certificate associated with the signer's key.
encryptionOID - the digest encryption algorithm OID.
digestOID - object ID of the digest algorithm to use.
signedAttr - signed attributes to be included in the signature.
unsignedAttr - unsigned attribitues to be included.
Throws:
java.lang.IllegalArgumentException - any of the arguments are inappropriate

addSigners

public void addSigners(SignerInformationStore signerStore)
Add a store of precalculated signers to the generator.

Parameters:
signerStore - store of signers

addCertificatesAndCRLs

public void addCertificatesAndCRLs(java.security.cert.CertStore certStore)
                            throws java.security.cert.CertStoreException,
                                   SMIMEException
add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.

Note: this assumes the CertStore will support null in the get methods.

Parameters:
certStore - CertStore containing the certificates and CRLs to be added.
Throws:
java.security.cert.CertStoreException
SMIMEException

addAttributeCertificates

public void addAttributeCertificates(org.bouncycastle.x509.X509Store store)
                              throws CMSException
Add the attribute certificates contained in the passed in store to the generator.

Parameters:
store - a store of Version 2 attribute certificates
Throws:
CMSException - if an error occurse processing the store.

getGeneratedDigests

public java.util.Map getGeneratedDigests()
Return a map of oids and byte arrays representing the digests calculated on the content during the last generate.

Returns:
a map of oids (as String objects) and byte[] representing digests.

generate

public MimeMultipart generate(MimeBodyPart content,
                              java.lang.String sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              SMIMEException
generate a signed object that contains an SMIME Signed Multipart object using the given provider.

Parameters:
content - the MimeBodyPart to be signed.
sigProvider - the provider to be used for the signature.
Returns:
a Multipart containing the content and signature.
Throws:
java.security.NoSuchAlgorithmException - if the required algorithms for the signature cannot be found.
java.security.NoSuchProviderException - if no provider can be found.
SMIMEException - if an exception occurs in processing the signature.

generate

public MimeMultipart generate(MimeBodyPart content,
                              java.security.Provider sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              SMIMEException
generate a signed object that contains an SMIME Signed Multipart object using the given provider.

Parameters:
content - the MimeBodyPart to be signed.
sigProvider - the provider to be used for the signature.
Returns:
a Multipart containing the content and signature.
Throws:
java.security.NoSuchAlgorithmException - if the required algorithms for the signature cannot be found.
SMIMEException - if an exception occurs in processing the signature.

generate

public MimeMultipart generate(MimeMessage message,
                              java.lang.String sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              SMIMEException
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage

Throws:
java.security.NoSuchAlgorithmException - if the required algorithms for the signature cannot be found.
java.security.NoSuchProviderException - if no provider can be found.
SMIMEException - if an exception occurs in processing the signature.

generate

public MimeMultipart generate(MimeMessage message,
                              java.security.Provider sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              SMIMEException
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage

Throws:
java.security.NoSuchAlgorithmException - if the required algorithms for the signature cannot be found.
java.security.NoSuchProviderException - if no provider can be found.
SMIMEException - if an exception occurs in processing the signature.

generateEncapsulated

public MimeBodyPart generateEncapsulated(MimeBodyPart content,
                                         java.lang.String sigProvider)
                                  throws java.security.NoSuchAlgorithmException,
                                         java.security.NoSuchProviderException,
                                         SMIMEException
generate a signed message with encapsulated content

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

Throws:
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
SMIMEException

generateEncapsulated

public MimeBodyPart generateEncapsulated(MimeBodyPart content,
                                         java.security.Provider sigProvider)
                                  throws java.security.NoSuchAlgorithmException,
                                         java.security.NoSuchProviderException,
                                         SMIMEException
generate a signed message with encapsulated content

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

Throws:
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
SMIMEException

generateEncapsulated

public MimeBodyPart generateEncapsulated(MimeMessage message,
                                         java.lang.String sigProvider)
                                  throws java.security.NoSuchAlgorithmException,
                                         java.security.NoSuchProviderException,
                                         SMIMEException
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage.

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

Throws:
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
SMIMEException

generateEncapsulated

public MimeBodyPart generateEncapsulated(MimeMessage message,
                                         java.security.Provider sigProvider)
                                  throws java.security.NoSuchAlgorithmException,
                                         SMIMEException
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage.

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

Throws:
java.security.NoSuchAlgorithmException
SMIMEException

generateCertificateManagement

public MimeBodyPart generateCertificateManagement(java.lang.String provider)
                                           throws SMIMEException,
                                                  java.security.NoSuchProviderException
Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.

Returns:
a MimeBodyPart containing the certs and CRLs.
Throws:
SMIMEException
java.security.NoSuchProviderException

generateCertificateManagement

public MimeBodyPart generateCertificateManagement(java.security.Provider provider)
                                           throws SMIMEException
Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.

Returns:
a MimeBodyPart containing the certs and CRLs.
Throws:
SMIMEException

Bouncy Castle Cryptography Library 1.45