org.bouncycastle.cert.cmp

Class ProtectedPKIMessageBuilder

java.lang.Object

org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder

public class ProtectedPKIMessageBuilder
extends java.lang.Object

Builder for creating a protected PKI message.

Constructor Summary

Constructors

Constructor and Description
ProtectedPKIMessageBuilder(org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with the header version CMP_2000.
ProtectedPKIMessageBuilder(int pvno, org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with a specific header type.

Method Summary

Modifier and Type	Method and Description
ProtectedPKIMessageBuilder	addCMPCertificate(X509CertificateHolder extraCert) Add an "extra certificate" to the message.
ProtectedPKIMessageBuilder	addGeneralInfo(org.bouncycastle.asn1.cmp.InfoTypeAndValue genInfo) Add a generalInfo data record to the header of the new message.
ProtectedPKIMessage	build(ContentSigner signer) Build a protected PKI message which has MAC based integrity protection.
ProtectedPKIMessage	build(MacCalculator macCalculator) Build a protected PKI message which has MAC based integrity protection.
ProtectedPKIMessageBuilder	setBody(int bodyType, CertificateConfirmationContent certificateConfirmationContent)
ProtectedPKIMessageBuilder	setBody(int bodyType, CertificateRepMessage certificateRepMessage)
ProtectedPKIMessageBuilder	setBody(int bodyType, CertificateReqMessages certificateReqMessages)
ProtectedPKIMessageBuilder	setBody(org.bouncycastle.asn1.cmp.PKIBody body) Set the body for the new message
ProtectedPKIMessageBuilder	setBody(POPODecryptionKeyChallengeContent popoDecKeyChallContent)
ProtectedPKIMessageBuilder	setBody(POPODecryptionKeyResponseContent popoDecKeyRespContent)
ProtectedPKIMessageBuilder	setFreeText(org.bouncycastle.asn1.cmp.PKIFreeText freeText) Include a human-readable message in the new message.
ProtectedPKIMessageBuilder	setMessageTime(java.util.Date time) Set the creation time for the new message.
ProtectedPKIMessageBuilder	setRecipKID(byte[] kid) Set the recipient key identifier for the key to be used to verify the new message.
ProtectedPKIMessageBuilder	setRecipNonce(byte[] nonce) Set the recipient nonce field on the new message.
ProtectedPKIMessageBuilder	setSenderKID(byte[] kid) Set the sender key identifier for the key used to protect the new message.
ProtectedPKIMessageBuilder	setSenderNonce(byte[] nonce) Set the sender nonce field on the new message.
ProtectedPKIMessageBuilder	setTransactionID(byte[] tid) Set the identifier for the transaction the new message will belong to.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ProtectedPKIMessageBuilder

public ProtectedPKIMessageBuilder(org.bouncycastle.asn1.x509.GeneralName sender,
                                  org.bouncycastle.asn1.x509.GeneralName recipient)

Commence a message with the header version CMP_2000.

Parameters:

sender - message sender.

recipient - intended recipient.

ProtectedPKIMessageBuilder

public ProtectedPKIMessageBuilder(int pvno,
                                  org.bouncycastle.asn1.x509.GeneralName sender,
                                  org.bouncycastle.asn1.x509.GeneralName recipient)

Commence a message with a specific header type.

Parameters:

pvno - the version CMP_1999 or CMP_2000.

sender - message sender.

recipient - intended recipient.

Method Detail

setTransactionID

public ProtectedPKIMessageBuilder setTransactionID(byte[] tid)

Set the identifier for the transaction the new message will belong to.

Parameters:

tid - the transaction ID.

Returns:

the current builder instance.

setFreeText

public ProtectedPKIMessageBuilder setFreeText(org.bouncycastle.asn1.cmp.PKIFreeText freeText)

Include a human-readable message in the new message.

Parameters:

freeText - the contents of the human readable message,

Returns:

the current builder instance.

addGeneralInfo

public ProtectedPKIMessageBuilder addGeneralInfo(org.bouncycastle.asn1.cmp.InfoTypeAndValue genInfo)

Add a generalInfo data record to the header of the new message.

Parameters:

genInfo - the generalInfo data to be added.

Returns:

the current builder instance.

setMessageTime

public ProtectedPKIMessageBuilder setMessageTime(java.util.Date time)

Set the creation time for the new message.

Parameters:

time - the message creation time.

Returns:

the current builder instance.

setRecipKID

public ProtectedPKIMessageBuilder setRecipKID(byte[] kid)

Set the recipient key identifier for the key to be used to verify the new message.

Parameters:

kid - a key identifier.

Returns:

the current builder instance.

setRecipNonce

public ProtectedPKIMessageBuilder setRecipNonce(byte[] nonce)

Set the recipient nonce field on the new message.

Parameters:

nonce - a NONCE, typically copied from the sender nonce of the previous message.

Returns:

the current builder instance.

setSenderKID

public ProtectedPKIMessageBuilder setSenderKID(byte[] kid)

Set the sender key identifier for the key used to protect the new message.

Parameters:

kid - a key identifier.

Returns:

the current builder instance.

setSenderNonce

public ProtectedPKIMessageBuilder setSenderNonce(byte[] nonce)

Set the sender nonce field on the new message.

Parameters:

nonce - a NONCE, typically 128 bits of random data.

Returns:

the current builder instance.

setBody

public ProtectedPKIMessageBuilder setBody(org.bouncycastle.asn1.cmp.PKIBody body)

Set the body for the new message

Parameters:

body - the message body.

Returns:

the current builder instance.

setBody

public ProtectedPKIMessageBuilder setBody(int bodyType,
                                          CertificateReqMessages certificateReqMessages)

setBody

public ProtectedPKIMessageBuilder setBody(int bodyType,
                                          CertificateRepMessage certificateRepMessage)

setBody

public ProtectedPKIMessageBuilder setBody(int bodyType,
                                          CertificateConfirmationContent certificateConfirmationContent)

setBody

public ProtectedPKIMessageBuilder setBody(POPODecryptionKeyChallengeContent popoDecKeyChallContent)

setBody

public ProtectedPKIMessageBuilder setBody(POPODecryptionKeyResponseContent popoDecKeyRespContent)

addCMPCertificate

public ProtectedPKIMessageBuilder addCMPCertificate(X509CertificateHolder extraCert)

Add an "extra certificate" to the message.

Parameters:

extraCert - the extra certificate to add.

Returns:

the current builder instance.

build

public ProtectedPKIMessage build(MacCalculator macCalculator)
                          throws CMPException

Build a protected PKI message which has MAC based integrity protection.

Parameters:

macCalculator - MAC calculator.

Returns:

the resulting protected PKI message.

Throws:

CMPException - if the protection MAC cannot be calculated.

build

public ProtectedPKIMessage build(ContentSigner signer)
                          throws CMPException

Build a protected PKI message which has MAC based integrity protection.

Parameters:

signer - the ContentSigner to be used to calculate the signature.

Returns:

the resulting protected PKI message.

Throws:

CMPException - if the protection signature cannot be calculated.