public class

SMIMESignedGenerator

extends SMIMEGenerator
java.lang.Object
   ↳ org.bouncycastle.mail.smime.SMIMEGenerator
     ↳ org.bouncycastle.mail.smime.SMIMESignedGenerator

Class Overview

general class for generating a pkcs7-signature message.

A simple example of usage. 

      X509Certificate signCert = ...
      KeyPair         signKP = ...

      List certList = new ArrayList();

      certList.add(signCert);

      Store certs = new JcaCertStore(certList);

      SMIMESignedGenerator gen = new SMIMESignedGenerator();

      gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build("SHA1withRSA", signKP.getPrivate(), signCert));

      gen.addCertificates(certs);

      MimeMultipart       smime = fact.generate(content);

Note: if you are using this class with AS2 or some other protocol that does not use "7bit" as the default content transfer encoding you will need to use the constructor that allows you to specify the default content transfer encoding, such as "binary".

Summary

Fields
public static final String DIGEST_GOST3411
public static final String DIGEST_MD5
public static final String DIGEST_RIPEMD128
public static final String DIGEST_RIPEMD160
public static final String DIGEST_RIPEMD256
public static final String DIGEST_SHA1
public static final String DIGEST_SHA224
public static final String DIGEST_SHA256
public static final String DIGEST_SHA384
public static final String DIGEST_SHA512
public static final String ENCRYPTION_DSA
public static final String ENCRYPTION_ECDSA
public static final String ENCRYPTION_ECGOST3410
public static final String ENCRYPTION_GOST3410
public static final String ENCRYPTION_RSA
public static final String ENCRYPTION_RSA_PSS
[Expand]
Inherited Fields
From class org.bouncycastle.mail.smime.SMIMEGenerator
Public Constructors
SMIMESignedGenerator()
base constructor - default content transfer encoding 7bit
SMIMESignedGenerator(String defaultContentTransferEncoding)
base constructor - default content transfer encoding explicitly set
Public Methods
void addAttributeCertificates(X509Store store)
This method is deprecated. use addAttributeCertificates(Store)
void addAttributeCertificates(Store certStore)
void addCRLs(Store crlStore)
void addCertificates(Store certStore)
void addCertificatesAndCRLs(CertStore certStore)
This method is deprecated. use addCertificates(Store) and addCRLs(Store)
void addSigner(PrivateKey key, X509Certificate cert, String encryptionOID, String digestOID)
This method is deprecated. use addSignerInfoGenerator()
void addSigner(PrivateKey key, X509Certificate cert, String encryptionOID, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)
This method is deprecated. use addSignerInfoGenerator()
void addSigner(PrivateKey key, X509Certificate cert, String digestOID)
This method is deprecated. use addSignerInfoGenerator()
void addSigner(PrivateKey key, X509Certificate cert, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)
This method is deprecated. use addSignerInfoGenerator()
void addSignerInfoGenerator(SignerInfoGenerator sigInfoGen)
void addSigners(SignerInformationStore signerStore)
Add a store of precalculated signers to the generator.
MimeMultipart generate(MimeMessage message, Provider sigProvider)
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage
MimeMultipart generate(MimeBodyPart content, Provider sigProvider)
generate a signed object that contains an SMIME Signed Multipart object using the given provider.
MimeMultipart generate(MimeBodyPart content, String sigProvider)
This method is deprecated. use generate(MimeBodyPart)
MimeMultipart generate(MimeBodyPart content)
MimeMultipart generate(MimeMessage message, String sigProvider)
generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage
MimeBodyPart generateCertificateManagement(String provider)
Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.
MimeBodyPart generateCertificateManagement(Provider provider)
Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.
MimeBodyPart generateEncapsulated(MimeBodyPart content, Provider sigProvider)
This method is deprecated. use generateEncapsulated(content)
MimeBodyPart generateEncapsulated(MimeMessage message, Provider sigProvider)
This method is deprecated. use generateEncapsulated(content)
MimeBodyPart generateEncapsulated(MimeBodyPart content, String sigProvider)
This method is deprecated. use generateEncapsulated(content)
MimeBodyPart generateEncapsulated(MimeBodyPart content)
generate a signed message with encapsulated content

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

MimeBodyPart generateEncapsulated(MimeMessage message, String sigProvider)
This method is deprecated. use generateEncapsulated(content)
Map getGeneratedDigests()
Return a map of oids and byte arrays representing the digests calculated on the content during the last generate.
[Expand]
Inherited Methods
From class org.bouncycastle.mail.smime.SMIMEGenerator
From class java.lang.Object

Fields

public static final String DIGEST_GOST3411

public static final String DIGEST_MD5

public static final String DIGEST_RIPEMD128

public static final String DIGEST_RIPEMD160

public static final String DIGEST_RIPEMD256

public static final String DIGEST_SHA1

public static final String DIGEST_SHA224

public static final String DIGEST_SHA256

public static final String DIGEST_SHA384

public static final String DIGEST_SHA512

public static final String ENCRYPTION_DSA

public static final String ENCRYPTION_ECDSA

public static final String ENCRYPTION_ECGOST3410

public static final String ENCRYPTION_GOST3410

public static final String ENCRYPTION_RSA

public static final String ENCRYPTION_RSA_PSS

Public Constructors

public SMIMESignedGenerator ()

base constructor - default content transfer encoding 7bit

public SMIMESignedGenerator (String defaultContentTransferEncoding)

base constructor - default content transfer encoding explicitly set

Parameters
defaultContentTransferEncoding new default to use.

Public Methods

public void addAttributeCertificates (X509Store store)

This method is deprecated.
use addAttributeCertificates(Store)

Add the attribute certificates contained in the passed in store to the generator.

Parameters
store a store of Version 2 attribute certificates
Throws
CMSException if an error occurse processing the store.

public void addAttributeCertificates (Store certStore)

public void addCRLs (Store crlStore)

public void addCertificates (Store certStore)

public void addCertificatesAndCRLs (CertStore certStore)

This method is deprecated.
use addCertificates(Store) and addCRLs(Store)

add the certificates and CRLs contained in the given CertStore to the pool that will be included in the encoded signature block.

Note: this assumes the CertStore will support null in the get methods.

Parameters
certStore CertStore containing the certificates and CRLs to be added.
Throws
CertStoreException
SMIMEException

public void addSigner (PrivateKey key, X509Certificate cert, String encryptionOID, String digestOID)

This method is deprecated.
use addSignerInfoGenerator()

add a signer - no attributes other than the default ones will be provided here.

Parameters
key key to use to generate the signature
cert the public key certificate associated with the signer's key.
encryptionOID object ID of the digest ecnryption algorithm to use.
digestOID object ID of the digest algorithm to use.
Throws
IllegalArgumentException any of the arguments are inappropriate

public void addSigner (PrivateKey key, X509Certificate cert, String encryptionOID, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)

This method is deprecated.
use addSignerInfoGenerator()

Add a signer with extra signed/unsigned attributes or overrides for the standard attributes and a digest encryption algorithm. For example this method can be used to explictly set default attributes such as the signing time.

Parameters
key key to use to generate the signature
cert the public key certificate associated with the signer's key.
encryptionOID the digest encryption algorithm OID.
digestOID object ID of the digest algorithm to use.
signedAttr signed attributes to be included in the signature.
unsignedAttr unsigned attribitues to be included.
Throws
IllegalArgumentException any of the arguments are inappropriate

public void addSigner (PrivateKey key, X509Certificate cert, String digestOID)

This method is deprecated.
use addSignerInfoGenerator()

add a signer - no attributes other than the default ones will be provided here.

Parameters
key key to use to generate the signature
cert the public key certificate associated with the signer's key.
digestOID object ID of the digest algorithm to use.
Throws
IllegalArgumentException any of the arguments are inappropriate

public void addSigner (PrivateKey key, X509Certificate cert, String digestOID, AttributeTable signedAttr, AttributeTable unsignedAttr)

This method is deprecated.
use addSignerInfoGenerator()

Add a signer with extra signed/unsigned attributes or overrides for the standard attributes. For example this method can be used to explictly set default attributes such as the signing time.

Parameters
key key to use to generate the signature
cert the public key certificate associated with the signer's key.
digestOID object ID of the digest algorithm to use.
signedAttr signed attributes to be included in the signature.
unsignedAttr unsigned attribitues to be included.
Throws
IllegalArgumentException any of the arguments are inappropriate

public void addSignerInfoGenerator (SignerInfoGenerator sigInfoGen)

public void addSigners (SignerInformationStore signerStore)

Add a store of precalculated signers to the generator.

Parameters
signerStore store of signers

public MimeMultipart generate (MimeMessage message, Provider sigProvider)

generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage

Throws
NoSuchAlgorithmException if the required algorithms for the signature cannot be found.
NoSuchProviderException if no provider can be found.
SMIMEException if an exception occurs in processing the signature.

public MimeMultipart generate (MimeBodyPart content, Provider sigProvider)

generate a signed object that contains an SMIME Signed Multipart object using the given provider.

Parameters
content the MimeBodyPart to be signed.
sigProvider the provider to be used for the signature.
Returns
  • a Multipart containing the content and signature.
Throws
NoSuchAlgorithmException if the required algorithms for the signature cannot be found.
SMIMEException if an exception occurs in processing the signature.

public MimeMultipart generate (MimeBodyPart content, String sigProvider)

This method is deprecated.
use generate(MimeBodyPart)

generate a signed object that contains an SMIME Signed Multipart object using the given provider.

Parameters
content the MimeBodyPart to be signed.
sigProvider the provider to be used for the signature.
Returns
  • a Multipart containing the content and signature.
Throws
NoSuchAlgorithmException if the required algorithms for the signature cannot be found.
NoSuchProviderException if no provider can be found.
SMIMEException if an exception occurs in processing the signature.

public MimeMultipart generate (MimeBodyPart content)

Throws
SMIMEException

public MimeMultipart generate (MimeMessage message, String sigProvider)

generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage

Throws
NoSuchAlgorithmException if the required algorithms for the signature cannot be found.
NoSuchProviderException if no provider can be found.
SMIMEException if an exception occurs in processing the signature.

public MimeBodyPart generateCertificateManagement (String provider)

Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.

Returns
  • a MimeBodyPart containing the certs and CRLs.
Throws
NoSuchProviderException
SMIMEException

public MimeBodyPart generateCertificateManagement (Provider provider)

Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.

Returns
  • a MimeBodyPart containing the certs and CRLs.
Throws
SMIMEException

public MimeBodyPart generateEncapsulated (MimeBodyPart content, Provider sigProvider)

This method is deprecated.
use generateEncapsulated(content)

generate a signed message with encapsulated content

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

Throws
NoSuchAlgorithmException
NoSuchProviderException
SMIMEException

public MimeBodyPart generateEncapsulated (MimeMessage message, Provider sigProvider)

This method is deprecated.
use generateEncapsulated(content)

generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage.

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

Throws
NoSuchAlgorithmException
SMIMEException

public MimeBodyPart generateEncapsulated (MimeBodyPart content, String sigProvider)

This method is deprecated.
use generateEncapsulated(content)

generate a signed message with encapsulated content

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

Throws
NoSuchAlgorithmException
NoSuchProviderException
SMIMEException

public MimeBodyPart generateEncapsulated (MimeBodyPart content)

generate a signed message with encapsulated content

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

Throws
SMIMEException

public MimeBodyPart generateEncapsulated (MimeMessage message, String sigProvider)

This method is deprecated.
use generateEncapsulated(content)

generate a signed object that contains an SMIME Signed Multipart object using the given provider from the given MimeMessage.

Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

Throws
NoSuchAlgorithmException
NoSuchProviderException
SMIMEException

public Map getGeneratedDigests ()

Return a map of oids and byte arrays representing the digests calculated on the content during the last generate.

Returns
  • a map of oids (as String objects) and byte[] representing digests.