Package org.bouncycastle.mail.smime

Class SMIMESignedGenerator

  • public class SMIMESignedGenerator
extends SMIMEGenerator
    general class for generating a pkcs7-signature message.

    A simple example of usage. 

          X509Certificate signCert = ...
      KeyPair         signKP = ...

      List certList = new ArrayList();

      certList.add(signCert);

      Store certs = new JcaCertStore(certList);

      SMIMESignedGenerator gen = new SMIMESignedGenerator();

      gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build("SHA1withRSA", signKP.getPrivate(), signCert));

      gen.addCertificates(certs);

      MimeMultipart       smime = fact.generate(content);

    Note 1: if you are using this class with AS2 or some other protocol that does not use "7bit" as the default content transfer encoding you will need to use the constructor that allows you to specify the default content transfer encoding, such as "binary".

    Note 2: between RFC 3851 and RFC 5751 the values used in the micalg parameter for signed messages changed. We will accept both, but the default is now to use RFC 5751. In the event you are dealing with an older style system you will also need to use a constructor that sets the micalgs table and call it with RFC3851_MICALGS.

    • Field Detail

      • DIGEST_SHA1

        public static final java.lang.String DIGEST_SHA1

      • DIGEST_MD5

        public static final java.lang.String DIGEST_MD5

      • DIGEST_SHA224

        public static final java.lang.String DIGEST_SHA224

      • DIGEST_SHA256

        public static final java.lang.String DIGEST_SHA256

      • DIGEST_SHA384

        public static final java.lang.String DIGEST_SHA384

      • DIGEST_SHA512

        public static final java.lang.String DIGEST_SHA512

      • DIGEST_GOST3411

        public static final java.lang.String DIGEST_GOST3411

      • DIGEST_RIPEMD128

        public static final java.lang.String DIGEST_RIPEMD128

      • DIGEST_RIPEMD160

        public static final java.lang.String DIGEST_RIPEMD160

      • DIGEST_RIPEMD256

        public static final java.lang.String DIGEST_RIPEMD256

      • ENCRYPTION_RSA

        public static final java.lang.String ENCRYPTION_RSA

      • ENCRYPTION_DSA

        public static final java.lang.String ENCRYPTION_DSA

      • ENCRYPTION_ECDSA

        public static final java.lang.String ENCRYPTION_ECDSA

      • ENCRYPTION_RSA_PSS

        public static final java.lang.String ENCRYPTION_RSA_PSS

      • ENCRYPTION_GOST3410

        public static final java.lang.String ENCRYPTION_GOST3410

      • ENCRYPTION_ECGOST3410

        public static final java.lang.String ENCRYPTION_ECGOST3410

      • ENCRYPTION_ECGOST3410_2012_256

        public static final java.lang.String ENCRYPTION_ECGOST3410_2012_256

      • ENCRYPTION_ECGOST3410_2012_512

        public static final java.lang.String ENCRYPTION_ECGOST3410_2012_512

      • RFC3851_MICALGS

        public static final java.util.Map RFC3851_MICALGS

      • RFC5751_MICALGS

        public static final java.util.Map RFC5751_MICALGS

      • STANDARD_MICALGS

        public static final java.util.Map STANDARD_MICALGS

    • Constructor Detail

      • SMIMESignedGenerator

        public SMIMESignedGenerator()
        base constructor - default content transfer encoding 7bit

      • SMIMESignedGenerator

        public SMIMESignedGenerator​(java.lang.String defaultContentTransferEncoding)
        base constructor - default content transfer encoding explicitly set
        Parameters:
        defaultContentTransferEncoding - new default to use.

      • SMIMESignedGenerator

        public SMIMESignedGenerator​(java.util.Map micAlgs)
        base constructor - default content transfer encoding explicitly set
        Parameters:
        micAlgs - a map of ANS1ObjectIdentifiers to strings hash algorithm names.

      • SMIMESignedGenerator

        public SMIMESignedGenerator​(java.lang.String defaultContentTransferEncoding,
                            java.util.Map micAlgs)
        base constructor - default content transfer encoding explicitly set
        Parameters:
        defaultContentTransferEncoding - new default to use.
        micAlgs - a map of ANS1ObjectIdentifiers to strings hash algorithm names.

    • Method Detail

      • addSigners

        public void addSigners​(org.bouncycastle.cms.SignerInformationStore signerStore)
        Add a store of precalculated signers to the generator.
        Parameters:
        signerStore - store of signers

      • addSignerInfoGenerator

        public void addSignerInfoGenerator​(org.bouncycastle.cms.SignerInfoGenerator sigInfoGen)
        Parameters:
        sigInfoGen -

      • addCertificates

        public void addCertificates​(org.bouncycastle.util.Store certStore)

      • addCRLs

        public void addCRLs​(org.bouncycastle.util.Store crlStore)

      • addAttributeCertificates

        public void addAttributeCertificates​(org.bouncycastle.util.Store certStore)

      • getGeneratedDigests

        public java.util.Map getGeneratedDigests()
        Return a map of oids and byte arrays representing the digests calculated on the content during the last generate.
        Returns:
        a map of oids (as String objects) and byte[] representing digests.

      • generate

        public javax.mail.internet.MimeMultipart generate​(javax.mail.internet.MimeBodyPart content)
                                           throws SMIMEException
        Throws:
        SMIMEException

      • generate

        public javax.mail.internet.MimeMultipart generate​(javax.mail.internet.MimeMessage message)
                                           throws SMIMEException
        Throws:
        SMIMEException

      • generateEncapsulated

        public javax.mail.internet.MimeBodyPart generateEncapsulated​(javax.mail.internet.MimeBodyPart content)
                                                      throws SMIMEException
        generate a signed message with encapsulated content

        Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

        Throws:
        SMIMEException

      • generateEncapsulated

        public javax.mail.internet.MimeBodyPart generateEncapsulated​(javax.mail.internet.MimeMessage message)
                                                      throws SMIMEException
        Throws:
        SMIMEException

      • generateCertificateManagement

        public javax.mail.internet.MimeBodyPart generateCertificateManagement()
                                                               throws SMIMEException
        Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.
        Returns:
        a MimeBodyPart containing the certs and CRLs.
        Throws:
        SMIMEException