Package org.bouncycastle.cert.cmp
Class ProtectedPKIMessageBuilder
java.lang.Object
org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder
Builder for creating a protected PKI message.
-
Constructor Summary
ConstructorsConstructorDescriptionProtectedPKIMessageBuilder(int pvno, org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with a specific header type.ProtectedPKIMessageBuilder(org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with the header version CMP_2000. -
Method Summary
Modifier and TypeMethodDescriptionaddCMPCertificate(X509CertificateHolder extraCert) Add an "extra certificate" to the message.addGeneralInfo(org.bouncycastle.asn1.cmp.InfoTypeAndValue genInfo) Add a generalInfo data record to the header of the new message.build(ContentSigner signer) Build a protected PKI message which has MAC based integrity protection.build(MacCalculator macCalculator) Build a protected PKI message which has MAC based integrity protection.setBody(int bodyType, CertificateConfirmationContent certificateConfirmationContent) setBody(int bodyType, CertificateRepMessage certificateRepMessage) setBody(int bodyType, CertificateReqMessages certificateReqMessages) setBody(org.bouncycastle.asn1.cmp.PKIBody body) Set the body for the new messagesetFreeText(org.bouncycastle.asn1.cmp.PKIFreeText freeText) Include a human-readable message in the new message.setMessageTime(Date time) Set the creation time for the new message.setRecipKID(byte[] kid) Set the recipient key identifier for the key to be used to verify the new message.setRecipNonce(byte[] nonce) Set the recipient nonce field on the new message.setSenderKID(byte[] kid) Set the sender key identifier for the key used to protect the new message.setSenderNonce(byte[] nonce) Set the sender nonce field on the new message.setTransactionID(byte[] tid) Set the identifier for the transaction the new message will belong to.
-
Constructor Details
-
ProtectedPKIMessageBuilder
public ProtectedPKIMessageBuilder(org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with the header version CMP_2000.- Parameters:
sender- message sender.recipient- intended recipient.
-
ProtectedPKIMessageBuilder
public ProtectedPKIMessageBuilder(int pvno, org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with a specific header type.- Parameters:
pvno- the version CMP_1999 or CMP_2000.sender- message sender.recipient- intended recipient.
-
-
Method Details
-
setTransactionID
Set the identifier for the transaction the new message will belong to.- Parameters:
tid- the transaction ID.- Returns:
- the current builder instance.
-
setFreeText
Include a human-readable message in the new message.- Parameters:
freeText- the contents of the human readable message,- Returns:
- the current builder instance.
-
addGeneralInfo
public ProtectedPKIMessageBuilder addGeneralInfo(org.bouncycastle.asn1.cmp.InfoTypeAndValue genInfo) Add a generalInfo data record to the header of the new message.- Parameters:
genInfo- the generalInfo data to be added.- Returns:
- the current builder instance.
-
setMessageTime
Set the creation time for the new message.- Parameters:
time- the message creation time.- Returns:
- the current builder instance.
-
setRecipKID
Set the recipient key identifier for the key to be used to verify the new message.- Parameters:
kid- a key identifier.- Returns:
- the current builder instance.
-
setRecipNonce
Set the recipient nonce field on the new message.- Parameters:
nonce- a NONCE, typically copied from the sender nonce of the previous message.- Returns:
- the current builder instance.
-
setSenderKID
Set the sender key identifier for the key used to protect the new message.- Parameters:
kid- a key identifier.- Returns:
- the current builder instance.
-
setSenderNonce
Set the sender nonce field on the new message.- Parameters:
nonce- a NONCE, typically 128 bits of random data.- Returns:
- the current builder instance.
-
setBody
Set the body for the new message- Parameters:
body- the message body.- Returns:
- the current builder instance.
-
setBody
public ProtectedPKIMessageBuilder setBody(int bodyType, CertificateReqMessages certificateReqMessages) -
setBody
public ProtectedPKIMessageBuilder setBody(int bodyType, CertificateRepMessage certificateRepMessage) -
setBody
public ProtectedPKIMessageBuilder setBody(int bodyType, CertificateConfirmationContent certificateConfirmationContent) -
addCMPCertificate
Add an "extra certificate" to the message.- Parameters:
extraCert- the extra certificate to add.- Returns:
- the current builder instance.
-
build
Build a protected PKI message which has MAC based integrity protection.- Parameters:
macCalculator- MAC calculator.- Returns:
- the resulting protected PKI message.
- Throws:
CMPException- if the protection MAC cannot be calculated.
-
build
Build a protected PKI message which has MAC based integrity protection.- Parameters:
signer- the ContentSigner to be used to calculate the signature.- Returns:
- the resulting protected PKI message.
- Throws:
CMPException- if the protection signature cannot be calculated.
-