org.bouncycastle.mail.smime

Class SMIMESignedGenerator

public class SMIMESignedGenerator extends SMIMEGenerator

general class for generating a pkcs7-signature message.

A simple example of usage.

      CertStore           certs...
      SMIMESignedGenerator  fact = new SMIMESignedGenerator();

      fact.addSigner(privKey, cert, SMIMESignedGenerator.DIGEST_SHA1);
      fact.addCertificatesAndCRLs(certs);

      MimeMultipart       smime = fact.generate(content, "BC");
 

Note: if you are using this class with AS2 or some other protocol that does not use "7bit" as the default content transfer encoding you will need to use the constructor that allows you to specify the default content transfer encoding, such as "binary".

Field Summary
static StringDIGEST_GOST3411
static StringDIGEST_MD5
static StringDIGEST_RIPEMD128
static StringDIGEST_RIPEMD160
static StringDIGEST_RIPEMD256
static StringDIGEST_SHA1
static StringDIGEST_SHA224
static StringDIGEST_SHA256
static StringDIGEST_SHA384
static StringDIGEST_SHA512
static StringENCRYPTION_DSA
static StringENCRYPTION_ECDSA
static StringENCRYPTION_ECGOST3410
static StringENCRYPTION_GOST3410
static StringENCRYPTION_RSA
static StringENCRYPTION_RSA_PSS
Constructor Summary
SMIMESignedGenerator()
base constructor - default content transfer encoding 7bit
SMIMESignedGenerator(String defaultContentTransferEncoding)
base constructor - default content transfer encoding explicitly set
Method Summary
voidaddAttributeCertificates(X509Store store)
Add the attribute certificates contained in the passed in store to the generator.
voidaddCertificatesAndCRLs(CertStore certStore)
add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.
voidaddSigner(PrivateKey key, X509Certificate cert, String digestOID)
add a signer - no attributes other than the default ones will be provided here.
voidaddSigner(PrivateKey key, X509Certificate cert, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)
Add a signer with extra signed/unsigned attributes or overrides for the standard attributes.
MimeMultipartgenerate(MimeBodyPart content, String sigProvider)
generate a signed object that contains an SMIME Signed Multipart object using the given provider.
MimeMultipartgenerate(MimeMessage message, String sigProvider)
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage
MimeBodyPartgenerateCertificateManagement(String provider)
Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.
MimeBodyPartgenerateEncapsulated(MimeBodyPart content, String sigProvider)
generate a signed message with encapsulated content

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

MimeBodyPartgenerateEncapsulated(MimeMessage message, String sigProvider)
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage.
MapgetGeneratedDigests()
Return a map of oids and byte arrays representing the digests calculated on the content during the last generate.

Field Detail

DIGEST_GOST3411

public static final String DIGEST_GOST3411

DIGEST_MD5

public static final String DIGEST_MD5

DIGEST_RIPEMD128

public static final String DIGEST_RIPEMD128

DIGEST_RIPEMD160

public static final String DIGEST_RIPEMD160

DIGEST_RIPEMD256

public static final String DIGEST_RIPEMD256

DIGEST_SHA1

public static final String DIGEST_SHA1

DIGEST_SHA224

public static final String DIGEST_SHA224

DIGEST_SHA256

public static final String DIGEST_SHA256

DIGEST_SHA384

public static final String DIGEST_SHA384

DIGEST_SHA512

public static final String DIGEST_SHA512

ENCRYPTION_DSA

public static final String ENCRYPTION_DSA

ENCRYPTION_ECDSA

public static final String ENCRYPTION_ECDSA

ENCRYPTION_ECGOST3410

public static final String ENCRYPTION_ECGOST3410

ENCRYPTION_GOST3410

public static final String ENCRYPTION_GOST3410

ENCRYPTION_RSA

public static final String ENCRYPTION_RSA

ENCRYPTION_RSA_PSS

public static final String ENCRYPTION_RSA_PSS

Constructor Detail

SMIMESignedGenerator

public SMIMESignedGenerator()
base constructor - default content transfer encoding 7bit

SMIMESignedGenerator

public SMIMESignedGenerator(String defaultContentTransferEncoding)
base constructor - default content transfer encoding explicitly set

Parameters: defaultContentTransferEncoding new default to use.

Method Detail

addAttributeCertificates

public void addAttributeCertificates(X509Store store)
Add the attribute certificates contained in the passed in store to the generator.

Parameters: store a store of Version 2 attribute certificates

Throws: CMSException if an error occurse processing the store.

addCertificatesAndCRLs

public void addCertificatesAndCRLs(CertStore certStore)
add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.

Note: this assumes the CertStore will support null in the get methods.

Parameters: certStore CertStore containing the certificates and CRLs to be added.

addSigner

public void addSigner(PrivateKey key, X509Certificate cert, String digestOID)
add a signer - no attributes other than the default ones will be provided here.

Parameters: key key to use to generate the signature cert the public key certificate associated with the signer's key. digestOID object ID of the digest algorithm to use.

Throws: IllegalArgumentException any of the arguments are inappropriate

addSigner

public void addSigner(PrivateKey key, X509Certificate cert, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)
Add a signer with extra signed/unsigned attributes or overrides for the standard attributes. For example this method can be used to explictly set default attributes such as the signing time.

Parameters: key key to use to generate the signature cert the public key certificate associated with the signer's key. digestOID object ID of the digest algorithm to use. signedAttr signed attributes to be included in the signature. unsignedAttr unsigned attribitues to be included.

Throws: IllegalArgumentException any of the arguments are inappropriate

generate

public MimeMultipart generate(MimeBodyPart content, String sigProvider)
generate a signed object that contains an SMIME Signed Multipart object using the given provider.

Parameters: content the MimeBodyPart to be signed. sigProvider the provider to be used for the signature.

Returns: a Multipart containing the content and signature.

Throws: NoSuchAlgorithmException if the required algorithms for the signature cannot be found. NoSuchProviderException if no provider can be found. SMIMEException if an exception occurs in processing the signature.

generate

public MimeMultipart generate(MimeMessage message, String sigProvider)
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage

Throws: NoSuchAlgorithmException if the required algorithms for the signature cannot be found. NoSuchProviderException if no provider can be found. SMIMEException if an exception occurs in processing the signature.

generateCertificateManagement

public MimeBodyPart generateCertificateManagement(String provider)
Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.

Returns: a MimeBodyPart containing the certs and CRLs.

generateEncapsulated

public MimeBodyPart generateEncapsulated(MimeBodyPart content, String sigProvider)
generate a signed message with encapsulated content

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

generateEncapsulated

public MimeBodyPart generateEncapsulated(MimeMessage message, String sigProvider)
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage.

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

getGeneratedDigests

public Map getGeneratedDigests()
Return a map of oids and byte arrays representing the digests calculated on the content during the last generate.

Returns: a map of oids (as String objects) and byte[] representing digests.