Struct SignedDataBuilder

pub struct SignedDataBuilder<'s> { /* private fields */ }

Available on crate feature builder only.

Builder for signedData (CMS and PKCS #7)

Implementations

impl<'s> SignedDataBuilder<'s>

pub fn new( encapsulated_content_info: &'s EncapsulatedContentInfo, ) -> SignedDataBuilder<'s>

Create a new builder for SignedData

pub fn add_digest_algorithm( &mut self, digest_algorithm: AlgorithmIdentifierOwned, ) -> Result<&mut Self, Error>

Add a digest algorithm to the collection of message digest algorithms. RFC 5652 § 5.1: digestAlgorithms is a collection of message digest algorithm identifiers. There MAY be any number of elements in the collection, including zero. Each element identifies the message digest algorithm, along with any associated parameters, used by one or more signer. The collection is intended to list the message digest algorithms employed by all of the signers, in any order, to facilitate one-pass signature verification.

pub fn add_certificate( &mut self, certificate: CertificateChoices, ) -> Result<&mut Self, Error>

Add a certificate to the certificate collection. RFC 5652 § 5.1: certificates is a collection of certificates. It is intended that the set of certificates be sufficient to contain certification paths from a recognized “root” or “top-level certification authority” to all of the signers in the signerInfos field. There may be more certificates than necessary, and there may be certificates sufficient to contain certification paths from two or more independent top-level certification authorities. There may also be fewer certificates than necessary, if it is expected that recipients have an alternate means of obtaining necessary certificates (e.g., from a previous set of certificates). The signer’s certificate MAY be included. The use of version 1 attribute certificates is strongly discouraged.

pub fn add_crl(&mut self, crl: RevocationInfoChoice) -> Result<&mut Self, Error>

Add a CRL to the collection of CRLs. RFC 5652 § 5.1: crls is a collection of revocation status information. It is intended that the collection contain information sufficient to determine whether the certificates in the certificates field are valid, but such correspondence is not necessary. Certificate revocation lists (CRLs) are the primary source of revocation status information. There MAY be more CRLs than necessary, and there MAY also be fewer CRLs than necessary.

pub fn add_signer_info<S, Signature>( &mut self, signer_info_builder: SignerInfoBuilder<'_, S>, ) -> Result<&mut Self, Error>

where S: Keypair + DynSignatureAlgorithmIdentifier + Signer<Signature>, Signature: SignatureBitStringEncoding,

Add a signer info. The signature will be calculated. Note that the encapsulated content must not be changed after the first signer info was added.

pub fn build(&mut self) -> Result<ContentInfo, Error>

This method returns a ContentInfo of type signedData.