Package eu.europa.esig.dss.cades.signature

Class CMSBuilder

java.lang.Object
eu.europa.esig.dss.cades.signature.CMSBuilder
public class CMSBuilder extends Object
Builds a CMS

  • Constructor Details

    • CMSBuilder

      public CMSBuilder()
      This is the default constructor for CMSSignedDataBuilder.

  • Method Details

    • setSigningCertificate

      public CMSBuilder setSigningCertificate(CertificateToken signingCertificate)
      Sets a signing-certificate to be used for CMSSignedData generation
      Parameters:
      signingCertificate - CertificateToken
      Returns:
      this CMSBuilder

    • setCertificateChain

      public CMSBuilder setCertificateChain(Collection<CertificateToken> certificateChain)
      Sets a collection of certificates to be incorporated within SignedData.certificates field
      Parameters:
      certificateChain - a collection of CertificateTokens
      Returns:
      this CMSBuilder

    • setGenerateWithoutCertificates

      public CMSBuilder setGenerateWithoutCertificates(boolean generateWithoutCertificates)
      Sets whether CMSSignedData is to be generated without certificates inside. Default : FALSE (an attempt to generate without certificates will result to an exception)
      Parameters:
      generateWithoutCertificates - whether CMSSignedData is to be generated without certificates
      Returns:
      this CMSBuilder

    • setTrustedCertificateSource

      public CMSBuilder setTrustedCertificateSource(CertificateSource trustedCertificateSource)
      Sets a trusted certificate source. See trustAnchorBPPolicy for more details.
      Parameters:
      trustedCertificateSource - CertificateSource
      Returns:
      this CMSBuilder

    • setTrustAnchorBPPolicy

      public CMSBuilder setTrustAnchorBPPolicy(boolean trustAnchorBPPolicy)
      Sets whether a B-level trust anchor policy should be used. When enabled, the trust anchor is not included to the generated certificate chain. Otherwise, the chain is generated up to a trust anchor, including the trust anchor itself. Default : TRUE (the certificate chain will be generated up to a trust anchor, excluded)
      Parameters:
      trustAnchorBPPolicy - whether a B-level trust anchor policy should be used
      Returns:
      this CMSBuilder

    • setOriginalCMS

      public CMSBuilder setOriginalCMS(CMS originalCMS)
      Sets the original CMSSignedData, which internal field values will be copied to a new CMSSignedData
      Parameters:
      originalCMS - CMS
      Returns:
      this CMSBuilder

    • setEncapsulate

      public CMSBuilder setEncapsulate(boolean encapsulate)
      Sets whether a signer content shall be encapsulated to the CMSSignedData. When enabled creates an enveloping signature, otherwise creates detached signature. Default : TRUE (the signer content is included to the signature)
      Parameters:
      encapsulate - whether signer content shall be encapsulated to the CMSSignedData
      Returns:
      this CMSBuilder

    • createCMS

      public CMS createCMS(org.bouncycastle.cms.SignerInfoGenerator signerInfoGenerator, DSSDocument toSignDocument)
      Builds a CMSSignedData
      Parameters:
      signerInfoGenerator - SignerInfoGenerator
      toSignDocument - DSSDocument
      Returns:
      CMSSignedData

    • extendCMSSignedData

      public CMS extendCMSSignedData(Collection<CertificateToken> certificateTokens, Collection<CRLToken> crlTokens, Collection<OCSPToken> ocspTokens)
      Extends the provided originalCMS with the required validation data
      Parameters:
      certificateTokens - a collection of CertificateTokens
      crlTokens - a collection of CRLTokens
      ocspTokens - a collection of OCSPTokens
      Returns:
      extended CMS