com.digt.trusted.cms
Class CMSSignedDataGenerator

java.lang.Object
  extended by com.digt.trusted.cms.CMSSignedDataGenerator

public class CMSSignedDataGenerator
extends java.lang.Object

general class for generating a pkcs7-signature message.

A simple example of usage.

      CertStore               certs...
      CMSSignedDataGenerator    gen = new CMSSignedDataGenerator();

      gen.addSigner(privKey, cert, CMSSignedGenerator.DIGEST_SHA1);
      gen.addCertificatesAndCRLs(certs);

      CMSSignedData           data = gen.generate(content, "DIGT");
 


Field Summary
static java.lang.String DATA
          Default type for the signed data.
static java.lang.String DIGEST_GOST3411
           
static java.lang.String DIGEST_MD5
           
static java.lang.String DIGEST_SHA1
           
static java.lang.String DIGEST_SHA224
           
static java.lang.String DIGEST_SHA256
           
static java.lang.String DIGEST_SHA384
           
static java.lang.String DIGEST_SHA512
           
static java.lang.String ENCRYPTION_DSA
           
static java.lang.String ENCRYPTION_GOST3410
           
static java.lang.String ENCRYPTION_GOST3410EL
           
static java.lang.String ENCRYPTION_RSA
           
 
Constructor Summary
CMSSignedDataGenerator()
          base constructor
 
Method Summary
 void addCertificatesAndCRLs(java.security.cert.CertStore certStore)
          add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.
 void addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String digestOID)
          add a signer - no attributes other than the default ones will be provided here.
 void addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)
          add a signer with extra signed/unsigned attributes.
 void addSigners(SignerInformationStore signerStore)
          Add a store of precalculated signers to the generator.
 CMSSignedData generate(CMSProcessable content, boolean encapsulate, java.lang.String sigProvider)
          generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".
 CMSSignedData generate(CMSProcessable content, java.lang.String sigProvider)
          generate a signed object that for a CMS Signed Data object using the given provider.
 CMSSignedData generate(java.lang.String signedContentType, CMSProcessable content, boolean encapsulate, java.lang.String sigProvider)
          generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature.
 CMSSignedData generate(java.lang.String signedContentType, CMSProcessable content, boolean encapsulate, java.lang.String sigProvider, boolean addDefaultAttributes)
          Similar method to the other generate methods.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DATA

public static final java.lang.String DATA
Default type for the signed data.


DIGEST_SHA1

public static final java.lang.String DIGEST_SHA1
See Also:
Constant Field Values

DIGEST_SHA224

public static final java.lang.String DIGEST_SHA224

DIGEST_SHA256

public static final java.lang.String DIGEST_SHA256

DIGEST_SHA384

public static final java.lang.String DIGEST_SHA384

DIGEST_SHA512

public static final java.lang.String DIGEST_SHA512

DIGEST_MD5

public static final java.lang.String DIGEST_MD5
See Also:
Constant Field Values

DIGEST_GOST3411

public static final java.lang.String DIGEST_GOST3411
See Also:
Constant Field Values

ENCRYPTION_RSA

public static final java.lang.String ENCRYPTION_RSA
See Also:
Constant Field Values

ENCRYPTION_DSA

public static final java.lang.String ENCRYPTION_DSA
See Also:
Constant Field Values

ENCRYPTION_GOST3410

public static final java.lang.String ENCRYPTION_GOST3410
See Also:
Constant Field Values

ENCRYPTION_GOST3410EL

public static final java.lang.String ENCRYPTION_GOST3410EL
See Also:
Constant Field Values
Constructor Detail

CMSSignedDataGenerator

public CMSSignedDataGenerator()
base constructor

Method Detail

addSigner

public void addSigner(java.security.PrivateKey key,
                      java.security.cert.X509Certificate cert,
                      java.lang.String digestOID)
               throws java.lang.IllegalArgumentException
add a signer - no attributes other than the default ones will be provided here.

Throws:
java.lang.IllegalArgumentException

addSigner

public void addSigner(java.security.PrivateKey key,
                      java.security.cert.X509Certificate cert,
                      java.lang.String digestOID,
                      AttributeTable signedAttr,
                      AttributeTable unsignedAttr)
               throws java.lang.IllegalArgumentException
add a signer with extra signed/unsigned attributes.

Throws:
java.lang.IllegalArgumentException

addSigners

public void addSigners(SignerInformationStore signerStore)
Add a store of precalculated signers to the generator.

Parameters:
signerStore -

addCertificatesAndCRLs

public void addCertificatesAndCRLs(java.security.cert.CertStore certStore)
                            throws java.security.cert.CertStoreException,
                                   CMSException
add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.

Note: this assumes the CertStore will support null in the get methods.

Throws:
java.security.cert.CertStoreException
CMSException

generate

public CMSSignedData generate(CMSProcessable content,
                              java.lang.String sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              CMSException
generate a signed object that for a CMS Signed Data object using the given provider.

Throws:
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
CMSException

generate

public CMSSignedData generate(java.lang.String signedContentType,
                              CMSProcessable content,
                              boolean encapsulate,
                              java.lang.String sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              CMSException
generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature. The content type is set according to the OID represented by the string signedContentType.

Throws:
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
CMSException

generate

public CMSSignedData generate(java.lang.String signedContentType,
                              CMSProcessable content,
                              boolean encapsulate,
                              java.lang.String sigProvider,
                              boolean addDefaultAttributes)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              CMSException
Similar method to the other generate methods. The additional argument addDefaultAttributes indicates whether or not a default set of signed attributes need to be added automatically. If the argument is set to false, no attributes will get added at all.

Throws:
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
CMSException

generate

public CMSSignedData generate(CMSProcessable content,
                              boolean encapsulate,
                              java.lang.String sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              CMSException
generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".

Throws:
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
CMSException