PKCS7CMSEncryptedContentInfoDemo (6.1 Demo API Documentation)

Overview

Package

Class

Tree

Deprecated

Index

Help

IAIK CMS/SMIME Toolkit Demo API Documentation
Version 6.1

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

demo.cms.pkcs7cms
Class PKCS7CMSEncryptedContentInfoDemo

java.lang.Object
  demo.cms.pkcs7cms.PKCS7CMSEncryptedContentInfoDemo

public class PKCS7CMSEncryptedContentInfoDemo
extends java.lang.Object
extends java.lang.Object

This class demonstrates the EnvelopedDataStream/EncryptedContentInfoStream usages for algorithms that may require a specific parameter handling.

This class shows the compatibility to PKCS#7.

All keys and certificates are read from a keystore created by the SetupCMSKeyStore program.

The following algorithms are demonstrated:

ARCFOUR: Variable-key-size stream cipher; no parameters to be sent

RC2_CBC: Variable-key-size block cipher; parameters as used by S/MIME: rc2ParamterVersion and IV; encoded as SEQUENCE:

               RC2-CBC parameter ::=  SEQUENCE {
                 rc2ParameterVersion  INTEGER,
                 iv                   OCTET STRING (8)}

               For the effective-key-bits of 40, 64, and 128, the
                rc2ParameterVersion values are 160, 120, 58 respectively.

CAST5_CBC: Feistel type block cipher with key sizes of 40-128 bit in 8 bit increments; parameters (RFC 2144):

               Parameters ::=  SEQUENCE {
                 iv         OCTET STRING DEFAULT 0,
                 keyLength  INTEGER }

This class shows how an EncryptedContentInfo is explicit created for encrypt�ng the content and supplying it to an EnvelopedDataStream object. Note that IAIK-CMS also allows to use EnvelopedData(Stream) for algorithms like RC2, ARCFOUR or CAST in without having the necessity of explicit key/parameter handling, see RC2EnvelopedDataDemo for an example.

Note that the usage of algorithms like RC2 is deprecated but used here for this demo since it requires a specific parameter handling.

Constructor Summary
`PKCS7CMSEncryptedContentInfoDemo()` Setup the demo certificate chains.

Method Summary
`byte[]`	`createEnvelopedDataStream(byte[] message, iaik.asn1.structures.AlgorithmID contentEA, int keyLength)` Creates a CMS `EnvelopedDataStream` message.
`byte[]`	`createPKCS7EnvelopedDataStream(byte[] message, iaik.asn1.structures.AlgorithmID cea, int keyLength)` Creates a PKCS#7 `EnvelopedDataStream` message.
`byte[]`	`getEnvelopedDataStream(byte[] encoding, java.security.PrivateKey privateKey, int recipientInfoIndex)` Decrypts the encrypted content of the given CMS `EnvelopedData` object for the specified recipient and returns the decrypted (= original) message.
`byte[]`	`getPKCS7EnvelopedDataStream(byte[] encoding, java.security.PrivateKey privateKey, int recipientInfoIndex)` Decrypts the encrypted content of the given PKCS#7 `EnvelopedData` object for the specified recipient and returns the decrypted (= original) message.
`static void`	`main(java.lang.String[] argv)` The main method.
`void`	`start()` Starts the test.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

PKCS7CMSEncryptedContentInfoDemo

public PKCS7CMSEncryptedContentInfoDemo()
                                 throws java.io.IOException

Setup the demo certificate chains. Keys and certificate are retrieved from the demo KeyStore.

Throws:: java.io.IOException - if an file read error occurs

Method Detail

createEnvelopedDataStream

public byte[] createEnvelopedDataStream(byte[] message,
                                        iaik.asn1.structures.AlgorithmID contentEA,
                                        int keyLength)
                                 throws java.lang.Exception

Creates a CMS EnvelopedDataStream message.

Parameters:: message - the message to be enveloped, as byte representation; contentEA - the content encryption algorithm; keyLength - the key length for the symmetric key
Returns:: the DER encoding of the EnvelopedData object just created
Throws:: java.lang.Exception - if the EnvelopedData object cannot be created

getEnvelopedDataStream

public byte[] getEnvelopedDataStream(byte[] encoding,
                                     java.security.PrivateKey privateKey,
                                     int recipientInfoIndex)
                              throws java.lang.Exception

Decrypts the encrypted content of the given CMS EnvelopedData object for the specified recipient and returns the decrypted (= original) message.

Parameters:: encoding - the EnvelopedData object as DER encoded byte array; privateKey - the private key to decrypt the message; recipientInfoIndex - the index into the RecipientInfo array to which the specified private key belongs
Returns:: the recovered message, as byte array
Throws:: java.lang.Exception - if the message cannot be recovered

createPKCS7EnvelopedDataStream

public byte[] createPKCS7EnvelopedDataStream(byte[] message,
                                             iaik.asn1.structures.AlgorithmID cea,
                                             int keyLength)
                                      throws java.lang.Exception

Creates a PKCS#7 EnvelopedDataStream message.

The enveloped-data content type consists of encrypted content of any type and encrypted content-encryption keys for one or more recipients. The combination of encrypted content and encrypted content-encryption key for a recipient is a "digital envelope" for that recipient. Any type of content can be enveloped for any number of recipients in parallel.

Parameters:: message - the message to be enveloped, as byte representation; cea - the content encryption algorithm; keyLength - the key length for the symmetric key
Returns:: the DER encoding of the EnvelopedData object just created
Throws:: java.lang.Exception - if the EnvelopedData object cannot be created

getPKCS7EnvelopedDataStream

public byte[] getPKCS7EnvelopedDataStream(byte[] encoding,
                                          java.security.PrivateKey privateKey,
                                          int recipientInfoIndex)
                                   throws java.lang.Exception

Decrypts the encrypted content of the given PKCS#7 EnvelopedData object for the specified recipient and returns the decrypted (= original) message.

Parameters:: encoding - the EnvelopedData object as DER encoded byte array; privateKey - the private key to decrypt the message; recipientInfoIndex - the index into the RecipientInfo array to which the specified private key belongs
Returns:: the recovered message, as byte array
Throws:: java.lang.Exception - if the message cannot be recovered

start

public void start()

Starts the test.

main

public static void main(java.lang.String[] argv)
                 throws java.lang.Exception

The main method.

Throws:: java.io.IOException - if an I/O error occurs when reading required keys and certificates from files; java.lang.Exception