Package org.bouncycastle.mail.smime

Class SMIMESignedGenerator

java.lang.Object
org.bouncycastle.mail.smime.SMIMEGenerator
org.bouncycastle.mail.smime.SMIMESignedGenerator
public class SMIMESignedGenerator extends SMIMEGenerator
general class for generating a pkcs7-signature message.

A simple example of usage. 

      X509Certificate signCert = ...
      KeyPair         signKP = ...

      List certList = new ArrayList();

      certList.add(signCert);

      Store certs = new JcaCertStore(certList);

      SMIMESignedGenerator gen = new SMIMESignedGenerator();

      gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build("SHA1withRSA", signKP.getPrivate(), signCert));

      gen.addCertificates(certs);

      MimeMultipart       smime = fact.generate(content);

Note 1: if you are using this class with AS2 or some other protocol that does not use "7bit" as the default content transfer encoding you will need to use the constructor that allows you to specify the default content transfer encoding, such as "binary".

Note 2: between RFC 3851 and RFC 5751 the values used in the micalg parameter for signed messages changed. We will accept both, but the default is now to use RFC 5751. In the event you are dealing with an older style system you will also need to use a constructor that sets the micalgs table and call it with RFC3851_MICALGS.

  • Field Details

    • DIGEST_SHA1

      public static final String DIGEST_SHA1

    • DIGEST_MD5

      public static final String DIGEST_MD5

    • DIGEST_SHA224

      public static final String DIGEST_SHA224

    • DIGEST_SHA256

      public static final String DIGEST_SHA256

    • DIGEST_SHA384

      public static final String DIGEST_SHA384

    • DIGEST_SHA512

      public static final String DIGEST_SHA512

    • DIGEST_GOST3411

      public static final String DIGEST_GOST3411

    • DIGEST_RIPEMD128

      public static final String DIGEST_RIPEMD128

    • DIGEST_RIPEMD160

      public static final String DIGEST_RIPEMD160

    • DIGEST_RIPEMD256

      public static final String DIGEST_RIPEMD256

    • ENCRYPTION_RSA

      public static final String ENCRYPTION_RSA

    • ENCRYPTION_DSA

      public static final String ENCRYPTION_DSA

    • ENCRYPTION_ECDSA

      public static final String ENCRYPTION_ECDSA

    • ENCRYPTION_RSA_PSS

      public static final String ENCRYPTION_RSA_PSS

    • ENCRYPTION_GOST3410

      public static final String ENCRYPTION_GOST3410

    • ENCRYPTION_ECGOST3410

      public static final String ENCRYPTION_ECGOST3410

    • ENCRYPTION_ECGOST3410_2012_256

      public static final String ENCRYPTION_ECGOST3410_2012_256

    • ENCRYPTION_ECGOST3410_2012_512

      public static final String ENCRYPTION_ECGOST3410_2012_512

    • RFC3851_MICALGS

      public static final Map RFC3851_MICALGS

    • RFC5751_MICALGS

      public static final Map RFC5751_MICALGS

    • STANDARD_MICALGS

      public static final Map STANDARD_MICALGS

  • Constructor Details

    • SMIMESignedGenerator

      public SMIMESignedGenerator()
      base constructor - default content transfer encoding 7bit

    • SMIMESignedGenerator

      public SMIMESignedGenerator(String defaultContentTransferEncoding)
      base constructor - default content transfer encoding explicitly set
      Parameters:
      defaultContentTransferEncoding - new default to use.

    • SMIMESignedGenerator

      public SMIMESignedGenerator(Map micAlgs)
      base constructor - default content transfer encoding explicitly set
      Parameters:
      micAlgs - a map of ANS1ObjectIdentifiers to strings hash algorithm names.

    • SMIMESignedGenerator

      public SMIMESignedGenerator(String defaultContentTransferEncoding, Map micAlgs)
      base constructor - default content transfer encoding explicitly set
      Parameters:
      defaultContentTransferEncoding - new default to use.
      micAlgs - a map of ANS1ObjectIdentifiers to strings hash algorithm names.

  • Method Details

    • addSigners

      public void addSigners(org.bouncycastle.cms.SignerInformationStore signerStore)
      Add a store of precalculated signers to the generator.
      Parameters:
      signerStore - store of signers

    • addSignerInfoGenerator

      public void addSignerInfoGenerator(org.bouncycastle.cms.SignerInfoGenerator sigInfoGen)
      Parameters:
      sigInfoGen -

    • addCertificates

      public void addCertificates(org.bouncycastle.util.Store certStore)

    • addCRLs

      public void addCRLs(org.bouncycastle.util.Store crlStore)

    • addAttributeCertificates

      public void addAttributeCertificates(org.bouncycastle.util.Store certStore)

    • getGeneratedDigests

      public Map getGeneratedDigests()
      Return a map of oids and byte arrays representing the digests calculated on the content during the last generate.
      Returns:
      a map of oids (as String objects) and byte[] representing digests.

    • generate

      public javax.mail.internet.MimeMultipart generate(javax.mail.internet.MimeBodyPart content) throws SMIMEException
      Throws:
      SMIMEException

    • generate

      public javax.mail.internet.MimeMultipart generate(javax.mail.internet.MimeMessage message) throws SMIMEException
      Throws:
      SMIMEException

    • generateEncapsulated

      public javax.mail.internet.MimeBodyPart generateEncapsulated(javax.mail.internet.MimeBodyPart content) throws SMIMEException
      generate a signed message with encapsulated content

      Note: doing this is strongly not recommended as it means a recipient of the message will have to be able to read the signature to read the message.

      Throws:
      SMIMEException

    • generateEncapsulated

      public javax.mail.internet.MimeBodyPart generateEncapsulated(javax.mail.internet.MimeMessage message) throws SMIMEException
      Throws:
      SMIMEException

    • generateCertificateManagement

      public javax.mail.internet.MimeBodyPart generateCertificateManagement() throws SMIMEException
      Creates a certificate management message which is like a signed message with no content or signers but that still carries certificates and CRLs.
      Returns:
      a MimeBodyPart containing the certs and CRLs.
      Throws:
      SMIMEException