public class CMSSignedDataGenerator extends CMSSignedGenerator
A simple example of usage, generating a detached signature.
List certList = new ArrayList(); CMSTypedData msg = new CMSProcessableByteArray("Hello world!".getBytes()); certList.add(signCert); Store certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(signKP.getPrivate()); gen.addSignerInfoGenerator( new JcaSignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()) .build(sha1Signer, signCert)); gen.addCertificates(certs); CMSSignedData sigData = gen.generate(msg, false);
_signers, certs, crls, DATA, DIGEST_GOST3411, DIGEST_MD5, DIGEST_RIPEMD128, DIGEST_RIPEMD160, DIGEST_RIPEMD256, DIGEST_SHA1, DIGEST_SHA224, DIGEST_SHA256, DIGEST_SHA384, DIGEST_SHA512, digestAlgIdFinder, digests, ENCRYPTION_DSA, ENCRYPTION_ECDSA, ENCRYPTION_ECGOST3410, ENCRYPTION_ECGOST3410_2012_256, ENCRYPTION_ECGOST3410_2012_512, ENCRYPTION_GOST3410, ENCRYPTION_RSA, ENCRYPTION_RSA_PSS, signerGens
Constructor and Description |
---|
CMSSignedDataGenerator()
base constructor
|
CMSSignedDataGenerator(DigestAlgorithmIdentifierFinder digestAlgIdFinder)
base constructor with a custom DigestAlgorithmIdentifierFinder
|
Modifier and Type | Method and Description |
---|---|
CMSSignedData |
generate(CMSTypedData content)
Generate a CMS Signed Data object carrying a detached CMS signature.
|
CMSSignedData |
generate(CMSTypedData content,
boolean encapsulate)
Generate a CMS Signed Data object which can be carrying a detached CMS signature, or have encapsulated data, depending on the value
of the encapsulated parameter.
|
SignerInformationStore |
generateCounterSigners(SignerInformation signer)
generate a set of one or more SignerInformation objects representing counter signatures on
the passed in SignerInformation object.
|
void |
setDefiniteLengthEncoding(boolean isDefiniteLength)
Specify use of definite length rather than indefinite length encoding.
|
addAttributeCertificate, addAttributeCertificates, addCertificate, addCertificates, addCRL, addCRLs, addOtherRevocationInfo, addOtherRevocationInfo, addSignerInfoGenerator, addSigners, getBaseParameters, getGeneratedDigests
public CMSSignedDataGenerator()
public CMSSignedDataGenerator(DigestAlgorithmIdentifierFinder digestAlgIdFinder)
public void setDefiniteLengthEncoding(boolean isDefiniteLength)
isDefiniteLength
- true use definite length, false use indefinite (default false).public CMSSignedData generate(CMSTypedData content) throws CMSException
content
- the content to be signed.CMSException
public CMSSignedData generate(CMSTypedData content, boolean encapsulate) throws CMSException
content
- the content to be signed.encapsulate
- true if the content should be encapsulated in the signature, false otherwise.CMSException
public SignerInformationStore generateCounterSigners(SignerInformation signer) throws CMSException
signer
- the signer to be countersignedCMSException