Package org.bouncycastle.cert.cmp
Class ProtectedPKIMessageBuilder
- java.lang.Object
-
- org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder
-
public class ProtectedPKIMessageBuilder extends java.lang.ObjectBuilder for creating a protected PKI message.
-
-
Constructor Summary
Constructors Constructor Description ProtectedPKIMessageBuilder(int pvno, org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient)Commence a message with a specific header type.ProtectedPKIMessageBuilder(org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient)Commence a message with the header version CMP_2000.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ProtectedPKIMessageBuilderaddCMPCertificate(X509CertificateHolder extraCert)Add an "extra certificate" to the message.ProtectedPKIMessageBuilderaddGeneralInfo(org.bouncycastle.asn1.cmp.InfoTypeAndValue genInfo)Add a generalInfo data record to the header of the new message.ProtectedPKIMessagebuild(ContentSigner signer)Build a protected PKI message which has MAC based integrity protection.ProtectedPKIMessagebuild(MacCalculator macCalculator)Build a protected PKI message which has MAC based integrity protection.ProtectedPKIMessageBuildersetBody(org.bouncycastle.asn1.cmp.PKIBody body)Set the body for the new messageProtectedPKIMessageBuildersetFreeText(org.bouncycastle.asn1.cmp.PKIFreeText freeText)Include a human-readable message in the new message.ProtectedPKIMessageBuildersetMessageTime(java.util.Date time)Set the creation time for the new message.ProtectedPKIMessageBuildersetRecipKID(byte[] kid)Set the recipient key identifier for the key to be used to verify the new message.ProtectedPKIMessageBuildersetRecipNonce(byte[] nonce)Set the recipient nonce field on the new message.ProtectedPKIMessageBuildersetSenderKID(byte[] kid)Set the sender key identifier for the key used to protect the new message.ProtectedPKIMessageBuildersetSenderNonce(byte[] nonce)Set the sender nonce field on the new message.ProtectedPKIMessageBuildersetTransactionID(byte[] tid)Set the identifier for the transaction the new message will belong to.
-
-
-
Constructor Detail
-
ProtectedPKIMessageBuilder
public ProtectedPKIMessageBuilder(org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient)Commence a message with the header version CMP_2000.- Parameters:
sender- message sender.recipient- intended recipient.
-
ProtectedPKIMessageBuilder
public ProtectedPKIMessageBuilder(int pvno, org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient)Commence a message with a specific header type.- Parameters:
pvno- the version CMP_1999 or CMP_2000.sender- message sender.recipient- intended recipient.
-
-
Method Detail
-
setTransactionID
public ProtectedPKIMessageBuilder setTransactionID(byte[] tid)
Set the identifier for the transaction the new message will belong to.- Parameters:
tid- the transaction ID.- Returns:
- the current builder instance.
-
setFreeText
public ProtectedPKIMessageBuilder setFreeText(org.bouncycastle.asn1.cmp.PKIFreeText freeText)
Include a human-readable message in the new message.- Parameters:
freeText- the contents of the human readable message,- Returns:
- the current builder instance.
-
addGeneralInfo
public ProtectedPKIMessageBuilder addGeneralInfo(org.bouncycastle.asn1.cmp.InfoTypeAndValue genInfo)
Add a generalInfo data record to the header of the new message.- Parameters:
genInfo- the generalInfo data to be added.- Returns:
- the current builder instance.
-
setMessageTime
public ProtectedPKIMessageBuilder setMessageTime(java.util.Date time)
Set the creation time for the new message.- Parameters:
time- the message creation time.- Returns:
- the current builder instance.
-
setRecipKID
public ProtectedPKIMessageBuilder setRecipKID(byte[] kid)
Set the recipient key identifier for the key to be used to verify the new message.- Parameters:
kid- a key identifier.- Returns:
- the current builder instance.
-
setRecipNonce
public ProtectedPKIMessageBuilder setRecipNonce(byte[] nonce)
Set the recipient nonce field on the new message.- Parameters:
nonce- a NONCE, typically copied from the sender nonce of the previous message.- Returns:
- the current builder instance.
-
setSenderKID
public ProtectedPKIMessageBuilder setSenderKID(byte[] kid)
Set the sender key identifier for the key used to protect the new message.- Parameters:
kid- a key identifier.- Returns:
- the current builder instance.
-
setSenderNonce
public ProtectedPKIMessageBuilder setSenderNonce(byte[] nonce)
Set the sender nonce field on the new message.- Parameters:
nonce- a NONCE, typically 128 bits of random data.- Returns:
- the current builder instance.
-
setBody
public ProtectedPKIMessageBuilder setBody(org.bouncycastle.asn1.cmp.PKIBody body)
Set the body for the new message- Parameters:
body- the message body.- Returns:
- the current builder instance.
-
addCMPCertificate
public ProtectedPKIMessageBuilder addCMPCertificate(X509CertificateHolder extraCert)
Add an "extra certificate" to the message.- Parameters:
extraCert- the extra certificate to add.- Returns:
- the current builder instance.
-
build
public ProtectedPKIMessage build(MacCalculator macCalculator) throws CMPException
Build a protected PKI message which has MAC based integrity protection.- Parameters:
macCalculator- MAC calculator.- Returns:
- the resulting protected PKI message.
- Throws:
CMPException- if the protection MAC cannot be calculated.
-
build
public ProtectedPKIMessage build(ContentSigner signer) throws CMPException
Build a protected PKI message which has MAC based integrity protection.- Parameters:
signer- the ContentSigner to be used to calculate the signature.- Returns:
- the resulting protected PKI message.
- Throws:
CMPException- if the protection signature cannot be calculated.
-
-