1
package org.bouncycastle.cert.crmf;
3
import org.bouncycastle.asn1.DERBitString;
4
import org.bouncycastle.asn1.crmf.PKMACValue;
5
import org.bouncycastle.asn1.crmf.POPOSigningKey;
6
import org.bouncycastle.asn1.crmf.POPOSigningKeyInput;
7
import org.bouncycastle.asn1.x509.GeneralName;
8
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
9
import org.bouncycastle.operator.ContentSigner;
11
public class ProofOfPossessionSigningKeyBuilder
13
private SubjectPublicKeyInfo pubKeyInfo;
14
private GeneralName name;
15
private PKMACValue publicKeyMAC;
17
public ProofOfPossessionSigningKeyBuilder(SubjectPublicKeyInfo pubKeyInfo)
19
this.pubKeyInfo = pubKeyInfo;
22
public ProofOfPossessionSigningKeyBuilder setSender(GeneralName name)
29
public ProofOfPossessionSigningKeyBuilder setPublicKeyMac(PKMACValueGenerator generator, char[] password)
32
this.publicKeyMAC = generator.generate(password, pubKeyInfo);
37
public POPOSigningKey build(ContentSigner signer)
39
if (name != null && publicKeyMAC != null)
41
throw new IllegalStateException("name and publicKeyMAC cannot both be set.");
44
POPOSigningKeyInput popo;
48
popo = new POPOSigningKeyInput(name, pubKeyInfo);
52
popo = new POPOSigningKeyInput(publicKeyMAC, pubKeyInfo);
55
CRMFUtil.derEncodeToStream(popo, signer.getOutputStream());
57
return new POPOSigningKey(popo, signer.getAlgorithmIdentifier(), new DERBitString(signer.getSignature()));