Package org.bouncycastle.cms

Class CMSSignedDataGenerator

java.lang.Object

org.bouncycastle.cms.CMSSignedGenerator

org.bouncycastle.cms.CMSSignedDataGenerator

public class CMSSignedDataGenerator
extends CMSSignedGenerator

general class for generating a pkcs7-signature message.

A simple example of usage, generating a detached signature.

      List             certList = new ArrayList();
      CMSTypedData     msg = new CMSProcessableByteArray("Hello world!".getBytes());

      certList.add(signCert);

      Store           certs = new JcaCertStore(certList);

      CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
      ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(signKP.getPrivate());

      gen.addSignerInfoGenerator(
                new JcaSignerInfoGeneratorBuilder(
                     new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
                     .build(sha1Signer, signCert));

      gen.addCertificates(certs);

      CMSSignedData sigData = gen.generate(msg, false);
 

Field Summary

Fields inherited from class org.bouncycastle.cms.CMSSignedGenerator

_signers, certs, crls, DATA, DIGEST_MD5, DIGEST_SHA1, DIGEST_SHA256, DIGEST_SHA384, DIGEST_SHA512, digests, ENCRYPTION_DSA, ENCRYPTION_ECDSA, ENCRYPTION_RSA, ENCRYPTION_RSA_PSS, rand, signerGens

Constructor Summary

Constructors

Constructor	Description
CMSSignedDataGenerator()	base constructor
CMSSignedDataGenerator(SecureRandom rand)	Deprecated. rand ignored in new API, use base constructor.

Method Summary

Modifier and Type	Method	Description
void	addSigner(PrivateKey key, byte[] subjectKeyID, String digestOID)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, byte[] subjectKeyID, String encryptionOID, String digestOID)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, byte[] subjectKeyID, String encryptionOID, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, byte[] subjectKeyID, String encryptionOID, String digestOID, CMSAttributeTableGenerator signedAttrGen, CMSAttributeTableGenerator unsignedAttrGen)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, byte[] subjectKeyID, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, byte[] subjectKeyID, String digestOID, CMSAttributeTableGenerator signedAttrGen, CMSAttributeTableGenerator unsignedAttrGen)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, X509Certificate cert, String digestOID)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, X509Certificate cert, String encryptionOID, String digestOID)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, X509Certificate cert, String encryptionOID, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, X509Certificate cert, String encryptionOID, String digestOID, CMSAttributeTableGenerator signedAttrGen, CMSAttributeTableGenerator unsignedAttrGen)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, X509Certificate cert, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)	Deprecated. use addSignerInfoGenerator
void	addSigner(PrivateKey key, X509Certificate cert, String digestOID, CMSAttributeTableGenerator signedAttrGen, CMSAttributeTableGenerator unsignedAttrGen)	Deprecated. use addSignerInfoGenerator
CMSSignedData	generate(String eContentType, CMSProcessable content, boolean encapsulate, String sigProvider)	Deprecated. use generate(CMSTypedData, boolean)
CMSSignedData	generate(String eContentType, CMSProcessable content, boolean encapsulate, String sigProvider, boolean addDefaultAttributes)	Deprecated. use generate(CMSTypedData, boolean)
CMSSignedData	generate(String eContentType, CMSProcessable content, boolean encapsulate, Provider sigProvider)	Deprecated. use generate(CMSTypedData, boolean)
CMSSignedData	generate(String eContentType, CMSProcessable content, boolean encapsulate, Provider sigProvider, boolean addDefaultAttributes)	Deprecated. use setDirectSignature() on SignerInformationGenerator.
CMSSignedData	generate(CMSProcessable content, boolean encapsulate, String sigProvider)	Deprecated. use generate(CMSTypedData, boolean)
CMSSignedData	generate(CMSProcessable content, boolean encapsulate, Provider sigProvider)	Deprecated. use generate(CMSTypedData, boolean)
CMSSignedData	generate(CMSProcessable content, String sigProvider)	Deprecated. use generate() method not taking provider.
CMSSignedData	generate(CMSProcessable content, Provider sigProvider)	Deprecated. use generate() method not taking provider.
CMSSignedData	generate(CMSTypedData content)
CMSSignedData	generate(CMSTypedData content, boolean encapsulate)
SignerInformationStore	generateCounterSigners(SignerInformation signer)	generate a set of one or more SignerInformation objects representing counter signatures on the passed in SignerInformation object.
SignerInformationStore	generateCounterSigners(SignerInformation signer, String sigProvider)	Deprecated. use generateCounterSigners(SignerInformation)
SignerInformationStore	generateCounterSigners(SignerInformation signer, Provider sigProvider)	Deprecated. use generateCounterSigners(SignerInformation)

Methods inherited from class org.bouncycastle.cms.CMSSignedGenerator

addAttributeCertificate, addAttributeCertificates, addAttributeCertificates, addCertificate, addCertificates, addCertificatesAndCRLs, addCRL, addCRLs, addSignerInfoGenerator, addSigners, getAttributeSet, getBaseParameters, getEncOID, getGeneratedDigests

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CMSSignedDataGenerator

public CMSSignedDataGenerator()

base constructor

CMSSignedDataGenerator

public CMSSignedDataGenerator(SecureRandom rand)

Deprecated.

rand ignored in new API, use base constructor.

constructor allowing specific source of randomness

Parameters:

rand - instance of SecureRandom to use

Method Details

addSigner

public void addSigner(PrivateKey key,
X509Certificate cert,
String digestOID)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer - no attributes other than the default ones will be provided here.

Parameters:

key - signing key to use

cert - certificate containing corresponding public key

digestOID - digest algorithm OID

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
X509Certificate cert,
String encryptionOID,
String digestOID)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer, specifying the digest encryption algorithm to use - no attributes other than the default ones will be provided here.

Parameters:

key - signing key to use

cert - certificate containing corresponding public key

encryptionOID - digest encryption algorithm OID

digestOID - digest algorithm OID

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
byte[] subjectKeyID,
String digestOID)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer - no attributes other than the default ones will be provided here.

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
byte[] subjectKeyID,
String encryptionOID,
String digestOID)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer, specifying the digest encryption algorithm to use - no attributes other than the default ones will be provided here.

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
X509Certificate cert,
String digestOID,
AttributeTable signedAttr,
AttributeTable unsignedAttr)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer with extra signed/unsigned attributes.

Parameters:

key - signing key to use

cert - certificate containing corresponding public key

digestOID - digest algorithm OID

signedAttr - table of attributes to be included in signature

unsignedAttr - table of attributes to be included as unsigned

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
X509Certificate cert,
String encryptionOID,
String digestOID,
AttributeTable signedAttr,
AttributeTable unsignedAttr)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes.

Parameters:

key - signing key to use

cert - certificate containing corresponding public key

encryptionOID - digest encryption algorithm OID

digestOID - digest algorithm OID

signedAttr - table of attributes to be included in signature

unsignedAttr - table of attributes to be included as unsigned

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
byte[] subjectKeyID,
String digestOID,
AttributeTable signedAttr,
AttributeTable unsignedAttr)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer with extra signed/unsigned attributes.

Parameters:

key - signing key to use

subjectKeyID - subjectKeyID of corresponding public key

digestOID - digest algorithm OID

signedAttr - table of attributes to be included in signature

unsignedAttr - table of attributes to be included as unsigned

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
byte[] subjectKeyID,
String encryptionOID,
String digestOID,
AttributeTable signedAttr,
AttributeTable unsignedAttr)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes.

Parameters:

key - signing key to use

subjectKeyID - subjectKeyID of corresponding public key

encryptionOID - digest encryption algorithm OID

digestOID - digest algorithm OID

signedAttr - table of attributes to be included in signature

unsignedAttr - table of attributes to be included as unsigned

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
X509Certificate cert,
String digestOID,
CMSAttributeTableGenerator signedAttrGen,
CMSAttributeTableGenerator unsignedAttrGen)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer with extra signed/unsigned attributes based on generators.

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
X509Certificate cert,
String encryptionOID,
String digestOID,
CMSAttributeTableGenerator signedAttrGen,
CMSAttributeTableGenerator unsignedAttrGen)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes based on generators.

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
byte[] subjectKeyID,
String digestOID,
CMSAttributeTableGenerator signedAttrGen,
CMSAttributeTableGenerator unsignedAttrGen)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer with extra signed/unsigned attributes based on generators.

Throws:

IllegalArgumentException

addSigner

public void addSigner(PrivateKey key,
byte[] subjectKeyID,
String encryptionOID,
String digestOID,
CMSAttributeTableGenerator signedAttrGen,
CMSAttributeTableGenerator unsignedAttrGen)
               throws IllegalArgumentException

Deprecated.

use addSignerInfoGenerator

add a signer, including digest encryption algorithm, with extra signed/unsigned attributes based on generators.

Throws:

IllegalArgumentException

generate

public CMSSignedData generate(CMSProcessable content,
String sigProvider)
                       throws NoSuchAlgorithmException,
NoSuchProviderException,
CMSException

Deprecated.

use generate() method not taking provider.

generate a signed object that for a CMS Signed Data object using the given provider.

Throws:

NoSuchAlgorithmException

NoSuchProviderException

CMSException

generate

public CMSSignedData generate(CMSProcessable content,
Provider sigProvider)
                       throws NoSuchAlgorithmException,
CMSException

Deprecated.

use generate() method not taking provider.

generate a signed object that for a CMS Signed Data object using the given provider.

Throws:

NoSuchAlgorithmException

CMSException

generate

public CMSSignedData generate(String eContentType,
CMSProcessable content,
boolean encapsulate,
String sigProvider)
                       throws NoSuchAlgorithmException,
NoSuchProviderException,
CMSException

Deprecated.

use generate(CMSTypedData, boolean)

generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature. The content type is set according to the OID represented by the string signedContentType.

Throws:

NoSuchAlgorithmException

NoSuchProviderException

CMSException

generate

public CMSSignedData generate(String eContentType,
CMSProcessable content,
boolean encapsulate,
Provider sigProvider)
                       throws NoSuchAlgorithmException,
CMSException

Deprecated.

use generate(CMSTypedData, boolean)

generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature. The content type is set according to the OID represented by the string signedContentType.

Throws:

NoSuchAlgorithmException

CMSException

generate

public CMSSignedData generate(String eContentType,
CMSProcessable content,
boolean encapsulate,
String sigProvider,
boolean addDefaultAttributes)
                       throws NoSuchAlgorithmException,
NoSuchProviderException,
CMSException

Deprecated.

use generate(CMSTypedData, boolean)

Similar method to the other generate methods. The additional argument addDefaultAttributes indicates whether or not a default set of signed attributes need to be added automatically. If the argument is set to false, no attributes will get added at all.

Throws:

NoSuchAlgorithmException

NoSuchProviderException

CMSException

generate

public CMSSignedData generate(String eContentType,
CMSProcessable content,
boolean encapsulate,
Provider sigProvider,
boolean addDefaultAttributes)
                       throws NoSuchAlgorithmException,
CMSException

Deprecated.

use setDirectSignature() on SignerInformationGenerator.

Similar method to the other generate methods. The additional argument addDefaultAttributes indicates whether or not a default set of signed attributes need to be added automatically. If the argument is set to false, no attributes will get added at all.

Throws:

NoSuchAlgorithmException

CMSException

generate

public CMSSignedData generate(CMSProcessable content,
boolean encapsulate,
String sigProvider)
                       throws NoSuchAlgorithmException,
NoSuchProviderException,
CMSException

Deprecated.

use generate(CMSTypedData, boolean)

generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".

Throws:

NoSuchAlgorithmException

NoSuchProviderException

CMSException

generate

public CMSSignedData generate(CMSProcessable content,
boolean encapsulate,
Provider sigProvider)
                       throws NoSuchAlgorithmException,
CMSException

Deprecated.

use generate(CMSTypedData, boolean)

generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".

Throws:

NoSuchAlgorithmException

CMSException

generate

public CMSSignedData generate(CMSTypedData content)
                       throws CMSException

Throws:

CMSException

generate

public CMSSignedData generate(CMSTypedData content,
boolean encapsulate)
                       throws CMSException

Throws:

CMSException

generateCounterSigners

public SignerInformationStore generateCounterSigners(SignerInformation signer,
Provider sigProvider)
                                              throws NoSuchAlgorithmException,
CMSException

Deprecated.

use generateCounterSigners(SignerInformation)

generate a set of one or more SignerInformation objects representing counter signatures on the passed in SignerInformation object.

Parameters:

signer - the signer to be countersigned

sigProvider - the provider to be used for counter signing.

Returns:

a store containing the signers.

Throws:

NoSuchAlgorithmException

CMSException

generateCounterSigners

public SignerInformationStore generateCounterSigners(SignerInformation signer,
String sigProvider)
                                              throws NoSuchAlgorithmException,
NoSuchProviderException,
CMSException

Deprecated.

use generateCounterSigners(SignerInformation)

generate a set of one or more SignerInformation objects representing counter signatures on the passed in SignerInformation object.

Parameters:

signer - the signer to be countersigned

sigProvider - the provider to be used for counter signing.

Returns:

a store containing the signers.

Throws:

NoSuchAlgorithmException

NoSuchProviderException

CMSException

generateCounterSigners

public SignerInformationStore generateCounterSigners(SignerInformation signer)
                                              throws CMSException

generate a set of one or more SignerInformation objects representing counter signatures on the passed in SignerInformation object.

Parameters:

signer - the signer to be countersigned

Returns:

a store containing the signers.

Throws:

CMSException