001 // Copyright (C) 2002 IAIK
002 // https://jce.iaik.tugraz.at
003 //
004 // Copyright (C) 2003 - 2025 Stiftung Secure Information and
005 // Communication Technologies SIC
006 // https://sic.tech
007 //
008 // All rights reserved.
009 //
010 // Redistribution and use in source and binary forms, with or without
011 // modification, are permitted provided that the following conditions
012 // are met:
013 // 1. Redistributions of source code must retain the above copyright
014 // notice, this list of conditions and the following disclaimer.
015 // 2. Redistributions in binary form must reproduce the above copyright
016 // notice, this list of conditions and the following disclaimer in the
017 // documentation and/or other materials provided with the distribution.
018 //
019 // THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
020 // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
021 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
022 // ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
023 // FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
024 // DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
025 // OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
026 // HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
027 // LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
028 // OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
029 // SUCH DAMAGE.
030
031 package demo.smime.ess;
032
033 import iaik.cms.CMSException;
034 import iaik.cms.SignerInfo;
035 import iaik.smime.ess.SigningCertificate;
036 import iaik.smime.ess.SigningCertificateV2;
037
038 import java.io.IOException;
039 import java.security.cert.Certificate;
040
041 import demo.DemoUtil;
042
043 /**
044 * Demonstrates how to add and parse a {@link iaik.smime.ess.SigningCertificateV2
045 * SigningCertificateV2} attribute to the SignerInfo of a {@link iaik.cms.SignedDataStream} or
046 * {@link iaik.cms.SignedData} object. The SigningCertificateV2 attributes maybe used
047 * to include certificate identification information into the signed attributes of a
048 * CMS {@link iaik.cms.SignerInfo SignerInfo} object. It has been introduced by
049 * RFC 5035 to allow to use the {@link iaik.smime.ess.SigningCertificate
050 * SigningCertificate} attribute with other hash algorithms than SHA-1.
051 *
052 * @see iaik.smime.ess.SigningCertificate
053 * @see iaik.smime.ess.SigningCertificateV2
054 * @see iaik.cms.SignerInfo
055 * @see iaik.cms.SignedDataStream
056 * @see iaik.cms.SignedData
057 */
058 public class SigningCertificateV2Demo extends SigningCertificateDemo {
059
060 /**
061 * Setups the demo certificate chains.
062 *
063 * Keys and certificate are retrieved from the demo KeyStore.
064 *
065 * @throws IOException if an file read error occurs
066 */
067 public SigningCertificateV2Demo() throws IOException {
068 super();
069 }
070
071 /**
072 * Creates a SigningCertificateV2 attribute for the given certificates.
073 *
074 * @param certs the certificates for which to create the SigningCertificateV2
075 * attribute
076 *
077 * @return the SigningCertificate attribute just created
078 *
079 * @throws CMSException if an error occurs when creating the
080 * SigningCertificateV2 attribute
081 */
082 protected SigningCertificate createSigningCertificate(Certificate[] certs)
083 throws CMSException {
084
085 try {
086 // we use the default hash algorithm (SHA-256)
087 return new SigningCertificateV2(certs, true);
088 } catch (Exception ex) {
089 throw new CMSException("Error creating SigningCertificateV2 attribute: " + ex.toString());
090 }
091 }
092
093 /**
094 * Gets the SigningCertificateV2 attribute from the given SignerInfo.
095 *
096 * @param signerInfo the SignerInfo from which to get the
097 * SigningCertificateV2 attribute
098 *
099 * @return the SigningCertificateV2 attribute, or <code>null</code>
100 * if no SigningCertificate attribute is included
101 *
102 * @throws CMSException if an error occurs when getting the
103 * SigningCertificateV2 attribute
104 */
105 protected SigningCertificate getSigningCertificate(SignerInfo signerInfo)
106 throws CMSException {
107
108 return signerInfo.getSigningCertificateV2Attribute();
109 }
110
111 /**
112 * Prints some header lines to System.out.
113 */
114 protected void printHeader() {
115 System.out.println();
116 System.out.println("**********************************************************************************");
117 System.out.println("* SigningCertificateV2Demo demo *");
118 System.out.println("* (shows the usage of the ESS SigningCertificateV2 attribute) *");
119 System.out.println("**********************************************************************************");
120 System.out.println();
121 }
122
123 /**
124 * The main method.
125 *
126 * @throws IOException
127 * if an I/O error occurs when reading required keys
128 * and certificates from files
129 */
130 public static void main(String[] args) throws Exception {
131 DemoUtil.initDemos();
132 (new SigningCertificateV2Demo()).start();
133 System.out.println("\nReady!");
134 DemoUtil.waitKey();
135
136 }
137
138 }