Class CMSSignedDataGenerator
java.lang.Object
org.bouncycastle.cms.CMSSignedGenerator
org.bouncycastle.cms.CMSSignedDataGenerator
general class for generating a pkcs7-signature message.
A simple example of usage, generating a detached signature.
List certList = new ArrayList();
CMSTypedData msg = new CMSProcessableByteArray("Hello world!".getBytes());
certList.add(signCert);
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(signKP.getPrivate());
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
.build(sha1Signer, signCert));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(msg, false);
-
Field Summary
Fields inherited from class CMSSignedGenerator
_signers, certs, crls, DATA, DIGEST_GOST3411, DIGEST_MD5, DIGEST_RIPEMD128, DIGEST_RIPEMD160, DIGEST_RIPEMD256, DIGEST_SHA1, DIGEST_SHA224, DIGEST_SHA256, DIGEST_SHA384, DIGEST_SHA512, digestAlgIdFinder, digests, ENCRYPTION_DSA, ENCRYPTION_ECDSA, ENCRYPTION_ECGOST3410, ENCRYPTION_ECGOST3410_2012_256, ENCRYPTION_ECGOST3410_2012_512, ENCRYPTION_GOST3410, ENCRYPTION_RSA, ENCRYPTION_RSA_PSS, signerGens -
Constructor Summary
ConstructorsConstructorDescriptionbase constructorCMSSignedDataGenerator(DigestAlgorithmIdentifierFinder digestAlgIdFinder) base constructor with a custom DigestAlgorithmIdentifierFinder -
Method Summary
Modifier and TypeMethodDescriptiongenerate(CMSTypedData content) Generate a CMS Signed Data object carrying a detached CMS signature.generate(CMSTypedData content, boolean encapsulate) Generate a CMS Signed Data object which can be carrying a detached CMS signature, or have encapsulated data, depending on the value of the encapsulated parameter.generate a set of one or more SignerInformation objects representing counter signatures on the passed in SignerInformation object.voidsetDefiniteLengthEncoding(boolean isDefiniteLength) Specify use of definite length rather than indefinite length encoding.
-
Constructor Details
-
CMSSignedDataGenerator
public CMSSignedDataGenerator()base constructor -
CMSSignedDataGenerator
base constructor with a custom DigestAlgorithmIdentifierFinder
-
-
Method Details
-
setDefiniteLengthEncoding
public void setDefiniteLengthEncoding(boolean isDefiniteLength) Specify use of definite length rather than indefinite length encoding.- Parameters:
isDefiniteLength- true use definite length, false use indefinite (default false).
-
generate
Generate a CMS Signed Data object carrying a detached CMS signature.- Parameters:
content- the content to be signed.- Throws:
CMSException
-
generate
Generate a CMS Signed Data object which can be carrying a detached CMS signature, or have encapsulated data, depending on the value of the encapsulated parameter.- Parameters:
content- the content to be signed.encapsulate- true if the content should be encapsulated in the signature, false otherwise.- Throws:
CMSException
-
generateCounterSigners
generate a set of one or more SignerInformation objects representing counter signatures on the passed in SignerInformation object.- Parameters:
signer- the signer to be countersigned- Returns:
- a store containing the signers.
- Throws:
CMSException
-