Package org.bouncycastle.cert.cmp
Class ProtectedPKIMessageBuilder
java.lang.Object
org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder
Builder for creating a protected PKI message.
-
Constructor Summary
ConstructorsConstructorDescriptionProtectedPKIMessageBuilder
(int pvno, org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with a specific header type.ProtectedPKIMessageBuilder
(org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with the header version CMP_2000. -
Method Summary
Modifier and TypeMethodDescriptionaddCMPCertificate
(X509CertificateHolder extraCert) Add an "extra certificate" to the message.addGeneralInfo
(org.bouncycastle.asn1.cmp.InfoTypeAndValue genInfo) Add a generalInfo data record to the header of the new message.build
(ContentSigner signer) Build a protected PKI message which has MAC based integrity protection.build
(MacCalculator macCalculator) Build a protected PKI message which has MAC based integrity protection.setBody
(org.bouncycastle.asn1.cmp.PKIBody body) Set the body for the new messagesetFreeText
(org.bouncycastle.asn1.cmp.PKIFreeText freeText) Include a human-readable message in the new message.setMessageTime
(Date time) Set the creation time for the new message.setRecipKID
(byte[] kid) Set the recipient key identifier for the key to be used to verify the new message.setRecipNonce
(byte[] nonce) Set the recipient nonce field on the new message.setSenderKID
(byte[] kid) Set the sender key identifier for the key used to protect the new message.setSenderNonce
(byte[] nonce) Set the sender nonce field on the new message.setTransactionID
(byte[] tid) Set the identifier for the transaction the new message will belong to.
-
Constructor Details
-
ProtectedPKIMessageBuilder
public ProtectedPKIMessageBuilder(org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with the header version CMP_2000.- Parameters:
sender
- message sender.recipient
- intended recipient.
-
ProtectedPKIMessageBuilder
public ProtectedPKIMessageBuilder(int pvno, org.bouncycastle.asn1.x509.GeneralName sender, org.bouncycastle.asn1.x509.GeneralName recipient) Commence a message with a specific header type.- Parameters:
pvno
- the version CMP_1999 or CMP_2000.sender
- message sender.recipient
- intended recipient.
-
-
Method Details
-
setTransactionID
Set the identifier for the transaction the new message will belong to.- Parameters:
tid
- the transaction ID.- Returns:
- the current builder instance.
-
setFreeText
Include a human-readable message in the new message.- Parameters:
freeText
- the contents of the human readable message,- Returns:
- the current builder instance.
-
addGeneralInfo
public ProtectedPKIMessageBuilder addGeneralInfo(org.bouncycastle.asn1.cmp.InfoTypeAndValue genInfo) Add a generalInfo data record to the header of the new message.- Parameters:
genInfo
- the generalInfo data to be added.- Returns:
- the current builder instance.
-
setMessageTime
Set the creation time for the new message.- Parameters:
time
- the message creation time.- Returns:
- the current builder instance.
-
setRecipKID
Set the recipient key identifier for the key to be used to verify the new message.- Parameters:
kid
- a key identifier.- Returns:
- the current builder instance.
-
setRecipNonce
Set the recipient nonce field on the new message.- Parameters:
nonce
- a NONCE, typically copied from the sender nonce of the previous message.- Returns:
- the current builder instance.
-
setSenderKID
Set the sender key identifier for the key used to protect the new message.- Parameters:
kid
- a key identifier.- Returns:
- the current builder instance.
-
setSenderNonce
Set the sender nonce field on the new message.- Parameters:
nonce
- a NONCE, typically 128 bits of random data.- Returns:
- the current builder instance.
-
setBody
Set the body for the new message- Parameters:
body
- the message body.- Returns:
- the current builder instance.
-
addCMPCertificate
Add an "extra certificate" to the message.- Parameters:
extraCert
- the extra certificate to add.- Returns:
- the current builder instance.
-
build
Build a protected PKI message which has MAC based integrity protection.- Parameters:
macCalculator
- MAC calculator.- Returns:
- the resulting protected PKI message.
- Throws:
CMPException
- if the protection MAC cannot be calculated.
-
build
Build a protected PKI message which has MAC based integrity protection.- Parameters:
signer
- the ContentSigner to be used to calculate the signature.- Returns:
- the resulting protected PKI message.
- Throws:
CMPException
- if the protection signature cannot be calculated.
-