Package org.bouncycastle.cms
Class CMSSignedDataStreamGenerator
java.lang.Object
org.bouncycastle.cms.CMSSignedGenerator
org.bouncycastle.cms.CMSSignedDataStreamGenerator
General class for generating a pkcs7-signature message stream.
A simple example of usage.
X509Certificate signCert = ...
certList.add(signCert);
Store certs = new JcaCertStore(certList);
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(signKP.getPrivate());
CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
.build(sha1Signer, signCert));
gen.addCertificates(certs);
OutputStream sigOut = gen.open(bOut);
sigOut.write("Hello World!".getBytes());
sigOut.close();
-
Field Summary
Fields inherited from class org.bouncycastle.cms.CMSSignedGenerator
_signers, certs, crls, DATA, DIGEST_GOST3411, DIGEST_MD5, DIGEST_RIPEMD128, DIGEST_RIPEMD160, DIGEST_RIPEMD256, DIGEST_SHA1, DIGEST_SHA224, DIGEST_SHA256, DIGEST_SHA384, DIGEST_SHA512, digestAlgIdFinder, digests, ENCRYPTION_DSA, ENCRYPTION_ECDSA, ENCRYPTION_ECGOST3410, ENCRYPTION_ECGOST3410_2012_256, ENCRYPTION_ECGOST3410_2012_512, ENCRYPTION_GOST3410, ENCRYPTION_RSA, ENCRYPTION_RSA_PSS, signerGens -
Constructor Summary
ConstructorsConstructorDescriptionbase constructorCMSSignedDataStreamGenerator(DigestAlgorithmIdentifierFinder digestAlgIdFinder) base constructor with a custom DigestAlgorithmIdentifierFinder -
Method Summary
Modifier and TypeMethodDescriptionList<org.bouncycastle.asn1.x509.AlgorithmIdentifier> Return a list of the current Digest AlgorithmIdentifiers applying to the next signature.open(OutputStream out) generate a signed object that for a CMS Signed Data object using the given provider.open(OutputStream out, boolean encapsulate) generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".open(OutputStream out, boolean encapsulate, OutputStream dataOutputStream) generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".open(org.bouncycastle.asn1.ASN1ObjectIdentifier eContentType, OutputStream out, boolean encapsulate) generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature.open(org.bouncycastle.asn1.ASN1ObjectIdentifier eContentType, OutputStream out, boolean encapsulate, OutputStream dataOutputStream) generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature.voidsetBufferSize(int bufferSize) Set the underlying string size for encapsulated dataMethods inherited from class org.bouncycastle.cms.CMSSignedGenerator
addAttributeCertificate, addAttributeCertificates, addCertificate, addCertificates, addCRL, addCRLs, addOtherRevocationInfo, addOtherRevocationInfo, addSignerInfoGenerator, addSigners, getBaseParameters, getGeneratedDigests
-
Constructor Details
-
CMSSignedDataStreamGenerator
public CMSSignedDataStreamGenerator()base constructor -
CMSSignedDataStreamGenerator
base constructor with a custom DigestAlgorithmIdentifierFinder
-
-
Method Details
-
setBufferSize
public void setBufferSize(int bufferSize) Set the underlying string size for encapsulated data- Parameters:
bufferSize- length of octet strings to buffer the data.
-
open
generate a signed object that for a CMS Signed Data object using the given provider.- Throws:
IOException
-
open
generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data".- Throws:
IOException
-
open
public OutputStream open(OutputStream out, boolean encapsulate, OutputStream dataOutputStream) throws IOException generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature with the default content type "data". If dataOutputStream is non null the data being signed will be written to the stream as it is processed.- Parameters:
out- stream the CMS object is to be written to.encapsulate- true if data should be encapsulated.dataOutputStream- output stream to copy the data being signed to.- Throws:
IOException
-
open
public OutputStream open(org.bouncycastle.asn1.ASN1ObjectIdentifier eContentType, OutputStream out, boolean encapsulate) throws IOException generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature. The content type is set according to the OID represented by the string signedContentType.- Throws:
IOException
-
open
public OutputStream open(org.bouncycastle.asn1.ASN1ObjectIdentifier eContentType, OutputStream out, boolean encapsulate, OutputStream dataOutputStream) throws IOException generate a signed object that for a CMS Signed Data object using the given provider - if encapsulate is true a copy of the message will be included in the signature. The content type is set according to the OID represented by the string signedContentType.- Parameters:
eContentType- OID for data to be signed.out- stream the CMS object is to be written to.encapsulate- true if data should be encapsulated.dataOutputStream- output stream to copy the data being signed to.- Throws:
IOException
-
getDigestAlgorithms
Return a list of the current Digest AlgorithmIdentifiers applying to the next signature.- Returns:
- a list of the Digest AlgorithmIdentifiers
-