org.javasign.operators
Class CMSSignedDataGenerator

java.lang.Object
  |
  +--org.javasign.operators.CMSSignedDataGenerator

public class CMSSignedDataGenerator
extends java.lang.Object

general class for generating a pkcs7-signature message.

A simple example of usage.

      CertStore               certs...
      CMSSignedDataGenerator    gen = new CMSSignedDataGenerator();

      gen.addSigner(privKey, cert, CMSSignedGenerator.DIGEST_SHA1);
      gen.addCertificatesAndCRLs(certs);

      CMSSignedData           data = gen.generate(content, "BC");
 


Field Summary
static java.lang.String COUNTERSIGNATURE
           
static java.lang.String DATA
          Default type for the signed data.
static java.lang.String DIGEST_GOST3411
           
static java.lang.String DIGEST_MD5
           
static java.lang.String DIGEST_SHA1
           
static java.lang.String DIGEST_SHA224
           
static java.lang.String DIGEST_SHA256
           
static java.lang.String DIGEST_SHA384
           
static java.lang.String DIGEST_SHA512
           
static java.lang.String ENCRYPTION_DSA
           
static java.lang.String ENCRYPTION_ECGOST3410
           
static java.lang.String ENCRYPTION_GOST3410
           
static java.lang.String ENCRYPTION_RSA
           
 
Constructor Summary
CMSSignedDataGenerator()
          base constructor
 
Method Summary
static CMSSignedData addCertificate(CMSSignedData signedData, java.security.cert.X509Certificate certificate)
           
 void addCertificatesAndCRLs(java.security.cert.CertStore certStore)
          add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.
static SignerInformation addCountersigner(byte[] signatureData, SignerInformation signer, java.security.cert.X509Certificate certificate)
           
static SignerInformation addCounterSigner(SignerInformation parent, SignerInformation child)
           
static CMSSignedData addSignature(CMSSignedData signedData, byte[] signatureData, java.security.cert.X509Certificate certificate)
           
static CMSSignedData addSigner(CMSSignedData signedData, SignerInformation signer)
           
 void addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String digestOID)
          add a signer - no attributes other than the default ones will be provided here.
 void addSigner(java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)
          add a signer with extra signed/unsigned attributes.
 void addSigners(SignerInformationStore signerStore)
          Add a store of precalculated signers to the generator.
static SignerInformation buildSigner(java.lang.String contentType, CMSProcessable signedContent, byte[] signatureData, java.security.cert.X509Certificate certificate)
           
static SignerInfo buildSignerInfo(byte[] signatureData, java.security.cert.X509Certificate certificate)
           
 CMSSignedData generate(CMSProcessable content, boolean encapsulate, java.lang.String sigProvider)
          generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".
 CMSSignedData generate(CMSProcessable content, java.lang.String sigProvider)
          generate a signed object that for a CMS Signed Data object using the given provider.
 CMSSignedData generate(java.lang.String signedContentType, CMSProcessable content, boolean encapsulate, byte[] signatureData, java.security.cert.X509Certificate cert, java.lang.String sigProvider)
          method to generate signed data with a precalculated signature it doesn't add any default attribute
 CMSSignedData generate(java.lang.String signedContentType, CMSProcessable content, boolean encapsulate, java.lang.String sigProvider)
          generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature.
 CMSSignedData generate(java.lang.String signedContentType, CMSProcessable content, boolean encapsulate, java.lang.String sigProvider, boolean addDefaultAttributes)
          Similar method to the other generate methods.
static AttributeTable removeAllCounterSigners(AttributeTable table)
           
static SignerInformation removeAllCountersigners(SignerInformation signer)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DATA

public static final java.lang.String DATA
Default type for the signed data.


DIGEST_SHA1

public static final java.lang.String DIGEST_SHA1
See Also:
Constant Field Values

DIGEST_SHA224

public static final java.lang.String DIGEST_SHA224

DIGEST_SHA256

public static final java.lang.String DIGEST_SHA256

DIGEST_SHA384

public static final java.lang.String DIGEST_SHA384

DIGEST_SHA512

public static final java.lang.String DIGEST_SHA512

DIGEST_MD5

public static final java.lang.String DIGEST_MD5
See Also:
Constant Field Values

DIGEST_GOST3411

public static final java.lang.String DIGEST_GOST3411

ENCRYPTION_RSA

public static final java.lang.String ENCRYPTION_RSA
See Also:
Constant Field Values

ENCRYPTION_DSA

public static final java.lang.String ENCRYPTION_DSA
See Also:
Constant Field Values

ENCRYPTION_GOST3410

public static final java.lang.String ENCRYPTION_GOST3410

ENCRYPTION_ECGOST3410

public static final java.lang.String ENCRYPTION_ECGOST3410

COUNTERSIGNATURE

public static final java.lang.String COUNTERSIGNATURE
See Also:
Constant Field Values
Constructor Detail

CMSSignedDataGenerator

public CMSSignedDataGenerator()
base constructor

Method Detail

addSigner

public void addSigner(java.security.PrivateKey key,
                      java.security.cert.X509Certificate cert,
                      java.lang.String digestOID)
               throws java.lang.IllegalArgumentException
add a signer - no attributes other than the default ones will be provided here.

java.lang.IllegalArgumentException

addSigner

public void addSigner(java.security.PrivateKey key,
                      java.security.cert.X509Certificate cert,
                      java.lang.String digestOID,
                      AttributeTable signedAttr,
                      AttributeTable unsignedAttr)
               throws java.lang.IllegalArgumentException
add a signer with extra signed/unsigned attributes.

java.lang.IllegalArgumentException

addSigners

public void addSigners(SignerInformationStore signerStore)
Add a store of precalculated signers to the generator.

Parameters:
signerStore -

addCertificatesAndCRLs

public void addCertificatesAndCRLs(java.security.cert.CertStore certStore)
                            throws java.security.cert.CertStoreException,
                                   CMSException
add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.

Note: this assumes the CertStore will support null in the get methods.

java.security.cert.CertStoreException
CMSException

generate

public CMSSignedData generate(CMSProcessable content,
                              java.lang.String sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              CMSException
generate a signed object that for a CMS Signed Data object using the given provider.

java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
CMSException

generate

public CMSSignedData generate(java.lang.String signedContentType,
                              CMSProcessable content,
                              boolean encapsulate,
                              java.lang.String sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              CMSException
generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature. The content type is set according to the OID represented by the string signedContentType.

java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
CMSException

generate

public CMSSignedData generate(java.lang.String signedContentType,
                              CMSProcessable content,
                              boolean encapsulate,
                              java.lang.String sigProvider,
                              boolean addDefaultAttributes)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              CMSException
Similar method to the other generate methods. The additional argument addDefaultAttributes indicates whether or not a default set of signed attributes need to be added automatically. If the argument is set to false, no attributes will get added at all.

java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
CMSException

generate

public CMSSignedData generate(CMSProcessable content,
                              boolean encapsulate,
                              java.lang.String sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              CMSException
generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".

java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
CMSException

generate

public CMSSignedData generate(java.lang.String signedContentType,
                              CMSProcessable content,
                              boolean encapsulate,
                              byte[] signatureData,
                              java.security.cert.X509Certificate cert,
                              java.lang.String sigProvider)
                       throws java.security.NoSuchAlgorithmException,
                              java.security.NoSuchProviderException,
                              CMSException
method to generate signed data with a precalculated signature it doesn't add any default attribute

java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
CMSException

buildSigner

public static SignerInformation buildSigner(java.lang.String contentType,
                                            CMSProcessable signedContent,
                                            byte[] signatureData,
                                            java.security.cert.X509Certificate certificate)
                                     throws java.security.cert.CertificateEncodingException,
                                            java.io.IOException
java.security.cert.CertificateEncodingException
java.io.IOException

buildSignerInfo

public static SignerInfo buildSignerInfo(byte[] signatureData,
                                         java.security.cert.X509Certificate certificate)
                                  throws java.security.cert.CertificateEncodingException,
                                         java.io.IOException
java.security.cert.CertificateEncodingException
java.io.IOException

addSignature

public static CMSSignedData addSignature(CMSSignedData signedData,
                                         byte[] signatureData,
                                         java.security.cert.X509Certificate certificate)
                                  throws java.security.cert.CertificateEncodingException,
                                         java.io.IOException,
                                         java.security.NoSuchProviderException,
                                         CMSException,
                                         java.security.NoSuchAlgorithmException,
                                         java.security.cert.CertStoreException,
                                         java.security.InvalidAlgorithmParameterException
java.security.cert.CertificateEncodingException
java.io.IOException
java.security.NoSuchProviderException
CMSException
java.security.NoSuchAlgorithmException
java.security.cert.CertStoreException
java.security.InvalidAlgorithmParameterException

addSigner

public static CMSSignedData addSigner(CMSSignedData signedData,
                                      SignerInformation signer)
                               throws java.security.cert.CertificateEncodingException,
                                      java.io.IOException,
                                      java.security.NoSuchProviderException,
                                      CMSException,
                                      java.security.NoSuchAlgorithmException,
                                      java.security.cert.CertStoreException,
                                      java.security.InvalidAlgorithmParameterException
java.security.cert.CertificateEncodingException
java.io.IOException
java.security.NoSuchProviderException
CMSException
java.security.NoSuchAlgorithmException
java.security.cert.CertStoreException
java.security.InvalidAlgorithmParameterException

addCertificate

public static CMSSignedData addCertificate(CMSSignedData signedData,
                                           java.security.cert.X509Certificate certificate)
                                    throws java.security.cert.CertificateEncodingException,
                                           java.io.IOException,
                                           java.security.NoSuchProviderException,
                                           CMSException,
                                           java.security.NoSuchAlgorithmException,
                                           java.security.cert.CertStoreException,
                                           java.security.InvalidAlgorithmParameterException
java.security.cert.CertificateEncodingException
java.io.IOException
java.security.NoSuchProviderException
CMSException
java.security.NoSuchAlgorithmException
java.security.cert.CertStoreException
java.security.InvalidAlgorithmParameterException

addCountersigner

public static SignerInformation addCountersigner(byte[] signatureData,
                                                 SignerInformation signer,
                                                 java.security.cert.X509Certificate certificate)
                                          throws java.io.IOException,
                                                 java.security.cert.CertificateEncodingException
java.io.IOException
java.security.cert.CertificateEncodingException

removeAllCountersigners

public static SignerInformation removeAllCountersigners(SignerInformation signer)
                                                 throws java.io.IOException,
                                                        java.security.cert.CertificateEncodingException
java.io.IOException
java.security.cert.CertificateEncodingException

addCounterSigner

public static SignerInformation addCounterSigner(SignerInformation parent,
                                                 SignerInformation child)

removeAllCounterSigners

public static AttributeTable removeAllCounterSigners(AttributeTable table)