EdDHEnvelopedDataDemo (6.1 Demo API Documentation)

Overview

Package

Class

Tree

Deprecated

Index

Help

IAIK CMS/SMIME Toolkit Demo API Documentation
Version 6.1

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

demo.cms.ecc
Class EdDHEnvelopedDataDemo

java.lang.Object
  demo.cms.ecc.EdDHEnvelopedDataDemo

public class EdDHEnvelopedDataDemo
extends java.lang.Object
extends java.lang.Object

Demonstrates the usage of class EnvelopedDataStream, EnvelopedData and EnvelopedDataOutputStream for encrypting data using the CMS type EnvelopedData by using the Ephemeral-Static ECDH Elliptic Curve Diffie-Hellman (ECDH) key agreement algorithm with curve25519 and curve448 in the Cryptographic Message Syntax (CMS) according to RFC 8418.

Any keys/certificates required for this demo are read from a keystore file "cmsecc.keystore" located in your current working directory. If the keystore file does not exist you can create it by running the SetupCMSEccKeyStore program.

Additionally to iaik_cms.jar you also must have iaik_jce_(full).jar (IAIK-JCE, https://sic.tech/products/core-crypto-toolkits/jca-jce/), and iaik_eccelarate.jar (IAIK-ECCelerate^TM, https://sic.tech/products/core-crypto-toolkits/eccelerate/) in your classpath.

See Also:: EnvelopedDataStream, EnvelopedData, RecipientInfo, KeyAgreeRecipientInfo, SetupCMSEccKeyStore

Constructor Summary
`EdDHEnvelopedDataDemo()` Setup the demo certificate chains.

Method Summary
`byte[]`	`createEnvelopedData(byte[] message, iaik.asn1.structures.AlgorithmID keyEA, iaik.asn1.structures.AlgorithmID keyWrapAlg, int kekLength)` Creates a CMS `EnvelopedData` message.
`byte[]`	`createEnvelopedDataOutputStream(byte[] message, iaik.asn1.structures.AlgorithmID keyEA, iaik.asn1.structures.AlgorithmID keyWrapAlg, int kekLength)` Creates a CMS `EnvelopedData` message using the `EnvelopedDataOutputStream` class.
`byte[]`	`createEnvelopedDataStream(byte[] message, iaik.asn1.structures.AlgorithmID keyEA, iaik.asn1.structures.AlgorithmID keyWrapAlg, int kekLength)` Creates a CMS `EnvelopedDataStream` message.
`iaik.cms.RecipientInfo[]`	`createRecipients(iaik.asn1.structures.AlgorithmID keyEA, iaik.asn1.structures.AlgorithmID keyWrapAlg, int kekLength)` Creates the RecipientInfos.
`byte[]`	`getEnvelopedData(byte[] enc, java.security.Key key, int recipientInfoIndex)` Decrypts the encrypted content of the given `EnvelopedData` object for the recipient identified by its index into the recipientInfos field.
`byte[]`	`getEnvelopedData(byte[] enc, java.security.Key key, iaik.cms.KeyIdentifier recipientID)` Decrypts the encrypted content of the given `EnvelopedData` object for the recipient identified by recipient identifier.
`byte[]`	`getEnvelopedData(byte[] enc, java.security.Key key, iaik.x509.X509Certificate recipientCert)` Decrypts the encrypted content of the given `EnvelopedData` object for the recipient identified by its recipient certificate.
`byte[]`	`getEnvelopedDataStream(byte[] encoding, java.security.Key key, int recipientInfoIndex)` Decrypts the encrypted content of the given `EnvelopedData` object for the recipient identified by its index into the recipientInfos field.
`byte[]`	`getEnvelopedDataStream(byte[] encoding, java.security.Key key, iaik.cms.KeyIdentifier recipientID)` Decrypts the encrypted content of the given `EnvelopedData` object for the recipient identified by recipient identifier.
`static void`	`main(java.lang.String[] argv)` Main method.
`void`	`parseEnvelopedDataWithRecipientIdentifier(boolean stream, byte[] encodedEnvelopedData)` Parses an EnvelopedData and decrypts the content for all test recipients using their recipient identifiers for identifying the recipient.
`void`	`parseEnvelopedDataWithRecipientInfoIndex(boolean stream, byte[] encodedEnvelopedData)` Parses an EnvelopedData and decrypts the content for all test recipients using the index into the recipientInfos field for identifying the recipient.
`void`	`start()` Runs the demo.
`void`	`start(iaik.asn1.structures.AlgorithmID keyEA, iaik.asn1.structures.AlgorithmID keyWrapAlg, int kekLength)` Runs the demo for the given key encryption (key agreement) algorithm, and key wrap algorithm.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

EdDHEnvelopedDataDemo

public EdDHEnvelopedDataDemo()
                      throws java.io.IOException

Setup the demo certificate chains. Keys and certificates are retrieved from the demo keyStore file "cmsecc.keystore" located in your current working directory. If the keystore file does not exist you can create it by running the SetupCMSEccKeyStore program.

Throws:: java.io.IOException - if keys/certificates cannot be read from the keystore

Method Detail

createEnvelopedDataStream

public byte[] createEnvelopedDataStream(byte[] message,
                                        iaik.asn1.structures.AlgorithmID keyEA,
                                        iaik.asn1.structures.AlgorithmID keyWrapAlg,
                                        int kekLength)
                                 throws iaik.cms.CMSException,
                                        java.io.IOException

Creates a CMS EnvelopedDataStream message.

Parameters:: message - the message to be enveloped, as byte representation; keyEA - the key encryption (key agreement) algorithm used for creating a shared key encryption key for encrypting the secret content encryption key with it; keyWrapAlg - the key wrap algorithm to be used for wrapping (encrypting) the content encryption key; kekLength - the length of the key encryption key to be created for encrypting the content encryption key with it
Returns:: the DER encoding of the EnvelopedData object just created
Throws:: iaik.cms.CMSException - if the EnvelopedData object cannot be created; java.io.IOException - if an I/O error occurs

createEnvelopedDataOutputStream

public byte[] createEnvelopedDataOutputStream(byte[] message,
                                              iaik.asn1.structures.AlgorithmID keyEA,
                                              iaik.asn1.structures.AlgorithmID keyWrapAlg,
                                              int kekLength)
                                       throws iaik.cms.CMSException,
                                              java.io.IOException

Creates a CMS EnvelopedData message using the EnvelopedDataOutputStream class.

Parameters:: message - the message to be enveloped, as byte representation; keyEA - the key encryption (key agreement) algorithm used for creating a shared key encryption key for encrypting the secret content encryption key with it; keyWrapAlg - the key wrap algorithm to be used for wrapping (encrypting) the content encryption key; kekLength - the length of the key encryption key to be created for encrypting the content encryption key with it
Returns:: the DER encoding of the EnvelopedData object just created
Throws:: iaik.cms.CMSException - if the EnvelopedData object cannot be created; java.io.IOException - if an I/O error occurs

getEnvelopedDataStream

public byte[] getEnvelopedDataStream(byte[] encoding,
                                     java.security.Key key,
                                     int recipientInfoIndex)
                              throws iaik.cms.CMSException,
                                     java.io.IOException

Decrypts the encrypted content of the given EnvelopedData object for the recipient identified by its index into the recipientInfos field.

Parameters:: encoding - the EnvelopedData object as DER encoded byte array; key - the key to decrypt the message; recipientInfoIndex - the index into the RecipientInfo array to which the specified key belongs
Returns:: the recovered message, as byte array
Throws:: iaik.cms.CMSException - if the message cannot be recovered; java.io.IOException - if a stream read/write error occurs

getEnvelopedDataStream

public byte[] getEnvelopedDataStream(byte[] encoding,
                                     java.security.Key key,
                                     iaik.cms.KeyIdentifier recipientID)
                              throws iaik.cms.CMSException,
                                     java.io.IOException

Decrypts the encrypted content of the given EnvelopedData object for the recipient identified by recipient identifier.

Parameters:: encoding - the EnvelopedData object as DER encoded byte array; key - the key to decrypt the message; recipientID - the recipient identifier uniquely identifying the key of the recipient
Returns:: the recovered message, as byte array
Throws:: iaik.cms.CMSException - if the message cannot be recovered; java.io.IOException - if a stream read/write error occurs

createEnvelopedData

public byte[] createEnvelopedData(byte[] message,
                                  iaik.asn1.structures.AlgorithmID keyEA,
                                  iaik.asn1.structures.AlgorithmID keyWrapAlg,
                                  int kekLength)
                           throws iaik.cms.CMSException

Creates a CMS EnvelopedData message.

Parameters:: message - the message to be enveloped, as byte representation; keyEA - the key encryption (key agreement) algorithm used for creating a shared key encryption key for encrypting the secret content encryption key with it; keyWrapAlg - the key wrap algorithm to be used for wrapping (encrypting) the content encryption key; kekLength - the length of the key encryption key to be created for encrypting the content encryption key with it
Returns:: the encoded EnvelopedData, as byte array
Throws:: iaik.cms.CMSException - if the EnvelopedData object cannot be created

getEnvelopedData

public byte[] getEnvelopedData(byte[] enc,
                               java.security.Key key,
                               int recipientInfoIndex)
                        throws iaik.cms.CMSException,
                               java.io.IOException

Decrypts the encrypted content of the given EnvelopedData object for the recipient identified by its index into the recipientInfos field.

Parameters:: enc - the encoded EnvelopedData; key - the key to decrypt the message; recipientInfoIndex - the index into the RecipientInfo array to which the specified key belongs
Returns:: the recovered message, as byte array
Throws:: iaik.cms.CMSException - if the message cannot be recovered; java.io.IOException - if an I/O error occurs

getEnvelopedData

public byte[] getEnvelopedData(byte[] enc,
                               java.security.Key key,
                               iaik.cms.KeyIdentifier recipientID)
                        throws iaik.cms.CMSException,
                               java.io.IOException

Decrypts the encrypted content of the given EnvelopedData object for the recipient identified by recipient identifier.

This way of decrypting the content may be used for any type of RecipientInfo (KeyTransRecipientInfo, KeyAgreeRecipientInfo, KEKRecipientInfo). The recipient in mind is identified by its recipient identifier.

Parameters:: enc - the encoded AuthenticatedData; key - the key to decrypt the message; recipientID - the recipient identifier uniquely identifying the key of the recipient
Returns:: the recovered message, as byte array
Throws:: iaik.cms.CMSException - if the message cannot be recovered; java.io.IOException - if an I/O error occurs

getEnvelopedData

public byte[] getEnvelopedData(byte[] enc,
                               java.security.Key key,
                               iaik.x509.X509Certificate recipientCert)
                        throws iaik.cms.CMSException,
                               java.io.IOException

Decrypts the encrypted content of the given EnvelopedData object for the recipient identified by its recipient certificate.

Parameters:: enc - the encoded EnvelopedData; key - the key to decrypt the message; recipientCert - the certificate of the recipient
Returns:: the recovered message, as byte array
Throws:: iaik.cms.CMSException - if the message cannot be recovered; java.io.IOException

createRecipients

public iaik.cms.RecipientInfo[] createRecipients(iaik.asn1.structures.AlgorithmID keyEA,
                                                 iaik.asn1.structures.AlgorithmID keyWrapAlg,
                                                 int kekLength)
                                          throws iaik.cms.CMSException

Creates the RecipientInfos.

Parameters:: keyEA - the key encryption (key agreement) algorithm used for creating a shared key encryption key for encrypting the secret content encryption key with it; keyWrapAlg - the key wrap algorithm to be used for wrapping (encrypting) the content encryption key; kekLength - the length of the key encryption key to be created for encrypting the content encryption key with it
Returns:: the RecipientInfos created, two KeyAgreeRecipientInfos
Throws:: iaik.cms.CMSException - if an error occurs when creating the recipient infos

parseEnvelopedDataWithRecipientInfoIndex

public void parseEnvelopedDataWithRecipientInfoIndex(boolean stream,
                                                     byte[] encodedEnvelopedData)
                                              throws java.lang.Exception

Parses an EnvelopedData and decrypts the content for all test recipients using the index into the recipientInfos field for identifying the recipient.

Parameters:: stream - whether to use EnvelopedDataStream or EnvelopedData; encodedEnvelopedData - the encoded EnvelopedData object
Throws:: java.lang.Exception - if some error occurs during decoding/decryption

parseEnvelopedDataWithRecipientIdentifier

public void parseEnvelopedDataWithRecipientIdentifier(boolean stream,
                                                      byte[] encodedEnvelopedData)
                                               throws java.lang.Exception

Parses an EnvelopedData and decrypts the content for all test recipients using their recipient identifiers for identifying the recipient.

Parameters:: stream - whether to use EnvelopedDataStream or EnvelopedData; encodedEnvelopedData - the encoded EnvelopedData object
Throws:: java.lang.Exception - if some error occurs during decoding/decryption

start

public void start()

Runs the demo.

start

public void start(iaik.asn1.structures.AlgorithmID keyEA,
                  iaik.asn1.structures.AlgorithmID keyWrapAlg,
                  int kekLength)

Runs the demo for the given key encryption (key agreement) algorithm, and key wrap algorithm.

Parameters:: keyEA - the key encryption (key agreement) algorithm used for creating a shared key encryption key for encrypting the secret content encryption key with it; keyWrapAlg - the key wrap algorithm to be used for wrapping (encrypting) the content encryption key; kekLength - the length of the key encryption key to be created for encrypting the content encryption key with it

main

public static void main(java.lang.String[] argv)
                 throws java.lang.Exception

Main method.

Throws:: java.io.IOException - if an I/O error occurs when reading required keys and certificates from the keystore file; java.lang.Exception

Overview

Package

Class

Tree

Deprecated

Index

Help

IAIK CMS/SMIME Toolkit Demo API Documentation
Version 6.1

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

v6.1
(c) 2002 IAIK, (c) 2003 - 2025 SIC

demo.cms.ecc Class EdDHEnvelopedDataDemo

EdDHEnvelopedDataDemo

createEnvelopedDataStream

createEnvelopedDataOutputStream

getEnvelopedDataStream

getEnvelopedDataStream

createEnvelopedData

getEnvelopedData

getEnvelopedData

getEnvelopedData

createRecipients

parseEnvelopedDataWithRecipientInfoIndex

parseEnvelopedDataWithRecipientIdentifier

start

start

main

demo.cms.ecc
Class EdDHEnvelopedDataDemo