EncryptedMailDemo (6.1 Demo API Documentation)

Overview

Package

Class

Tree

Deprecated

Index

Help

IAIK CMS/SMIME Toolkit Demo API Documentation
Version 6.1

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

demo.smime.pkcs11
Class EncryptedMailDemo

java.lang.Object
  demo.cms.pkcs11.PKCS11Demo
      demo.smime.pkcs11.EncryptedMailDemo

public class EncryptedMailDemo
extends PKCS11Demo
extends PKCS11Demo

This class shows how to en- and decrypt an S/MIME message using the PKCS#11 provider for accessing the private key on a smart card. This implementation uses the SecurityProvider feature of the CMS implementation of the IAIK-CMS toolkit.

To run this demo the following packages are required:

iaik_cms.jar
iaik_jce(_full).jar (IAIK-JCE Core Crypto Library).
iaikPkcs11Provider.jar (IAIK PKCS#11 Provider).
iaikPkcs11Wrapper.jar (IAIK PKCS#11 Wrapper).
The shared PKCS#11 library (pkcs11wrapper.dll for Windows, libpkcs11wrapper.so for Unix); contained in the IAIK PKCS#11 Wrapper library.
iaik_eccelerate.jar (IAIK ECC Library, if you want to use Elliptic Curve Cryptography).
mail.jar (JavaMail API).
activation.jar (Java Activation Framework; required for JDK versions < 1.6).

iaik_cms.jar, iaik_cms_demo.jar, iaik_jce(full).jar, iaikPkcs11Wrapper.jar and iaikPkcs11Provider.jar (and iaik_eccelerate.jar, mail.jar, activation.jar) have to be put into the classpath, the shared library (pkcs11wrapper.dll or libpkcs11wrapper.so) has to be in your system library search path or in your VM library path, e.g. (on Windows, assuming that all jar files are located in a lib sub-directory and the dll is in a lib/win64 sub-directory):

 java -Djava.library.path=lib/win64 
      -cp lib/iaik_jce.jar;lib/iaikPkcs11Wrapper.jar;lib/iaikPkcs11Provider.jar;lib/iaik_cms.jar;lib/iaik_cms_demo.jar;lib/mail.jar;lib/activation.jar
      demo.pkcs11.EncryptedMailDemo  <pkcs11Module>.dll

Field Summary
`protected iaik.x509.X509Certificate`	`certificate_` The certificate of the recipient.
`protected java.security.PrivateKey`	`privateKey_` The private key of the recipient.
`protected java.lang.String`	`recipient_` The email address of the recipient.
`protected java.lang.String`	`sender_` The email address of the sender.

Fields inherited from class demo.cms.pkcs11.PKCS11Demo
`iaikPkcs11Provider_, iaikSoftwareProvider_, moduleName_, tokenKeyStore_, userPin_`

Constructor Summary
`EncryptedMailDemo(java.lang.String moduleName, char[] userPin)` Creates a EncryptedMailDemo object for the given module name.

Method Summary
`protected javax.mail.internet.MimeMessage`	`createEncryptedMessage(javax.mail.Session session, javax.activation.DataHandler dataHandler)` Creates an encrypted message.
`void`	`getKeyAndCertificate()` This method gets the key store of the PKCS#11 provider and searches for a certificate and corresponding private key entry that can en/decrypt the data.
`static void`	`main(java.lang.String[] args)` This is the main method that is called by the JVM during startup.
`void`	`start()` Starts the demo.

Methods inherited from class demo.cms.pkcs11.PKCS11Demo
`getKeyStore, init`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

privateKey_

protected java.security.PrivateKey privateKey_

The private key of the recipient. In this case only a proxy object, but the application cannot see this. Used for decryption.

certificate_

protected iaik.x509.X509Certificate certificate_

The certificate of the recipient. In contrast to the private key, the certificate holds holds the actual (public) keying material. Used for encryption.

sender_

protected java.lang.String sender_

The email address of the sender.

recipient_

protected java.lang.String recipient_

The email address of the recipient.

Constructor Detail

EncryptedMailDemo

public EncryptedMailDemo(java.lang.String moduleName,
                         char[] userPin)

Creates a EncryptedMailDemo object for the given module name.

Parameters:: moduleName - the name of the module; userPin - the user-pin (password) for the TokenKeyStore (may be null to pou-up a dialog asking for the pin)

Method Detail

getKeyAndCertificate

public void getKeyAndCertificate()
                          throws java.security.GeneralSecurityException,
                                 java.io.IOException,
                                 iaik.cms.CMSException

This method gets the key store of the PKCS#11 provider and searches for a certificate and corresponding private key entry that can en/decrypt the data. Key and cert are stored in the privateKey_ and certificate_ member variables. Usually you only will have the smartcard on the decryption side (i.e. the sender will get the certificate by other means to use it for encrypting the message), however, for simplicity (and since we do not know which certificate/card you are actually will use for running the demo) we get both, key and certificate from the card.

Throws:: java.security.GeneralSecurityException - If anything with the provider fails.; java.io.IOException - If loading the key store fails.; iaik.cms.CMSException

createEncryptedMessage

protected javax.mail.internet.MimeMessage createEncryptedMessage(javax.mail.Session session,
                                                                 javax.activation.DataHandler dataHandler)
                                                          throws javax.mail.MessagingException

Creates an encrypted message.

Parameters:: session - the mail session; dataHandler - the content of the message to be encrypted
Returns:: the encrypted message
Throws:: javax.mail.MessagingException - if an error occurs when creating the message

start

public void start()

Starts the demo.

main

public static void main(java.lang.String[] args)

This is the main method that is called by the JVM during startup.

Parameters:: args - These are the command line arguments.