demo.cms.ecc

Class ECDSASignedDataOutputStreamDemo

java.lang.Object

demo.cms.ecc.ECDSASignedDataOutputStreamDemo

public class ECDSASignedDataOutputStreamDemo
extends java.lang.Object

This class demonstrates the IAIK-CMS SignedDataOutputStream implementation with the ECDSA (with SHA1, SHA224, SHA256, SHA384, SHA512, RIPEMD160) signature algorithm.

Any keys/certificates required for this demo are read from a keystore file "cmsecc.keystore" located in your current working directory. If the keystore file does not exist you can create it by running the SetupCMSEccKeyStore program.

Additionally to iaik_cms.jar you also must have iaik_jce_(full).jar (IAIK-JCE, https://sic.tech/products/core-crypto-toolkits/jca-jce/), and iaik_eccelarate.jar (IAIK-ECCelerate^TM, https://sic.tech/products/core-crypto-toolkits/eccelerate/) in your classpath.

Constructor Summary

Constructors

Constructor and Description
ECDSASignedDataOutputStreamDemo() Default Constructor.

Method Summary

Modifier and Type	Method and Description
byte[]	createSignedDataStream(byte[] message, int mode, iaik.asn1.structures.AlgorithmID hashAlgorithm, iaik.asn1.structures.AlgorithmID signatureAlgorithm, java.security.PrivateKey signerKey, iaik.x509.X509Certificate[] certificates) Creates an ECDSA signed CMS SignedDataStream object and wraps it by a CMS ContentInfoStream.
byte[]	getSignedDataStream(byte[] signedData, byte[] message, iaik.x509.X509Certificate[] certificates) Parses a CMS ContentInfo object holding a SignedData object and verifies the signature.
static void	main(java.lang.String[] argv) Starts the demo.
void	runDemo(byte[] message, iaik.asn1.structures.AlgorithmID hashAlgorithm, iaik.asn1.structures.AlgorithmID signatureAlgorithm, iaik.utils.KeyAndCertificate signerKeyAndCert) Runs the signing - verifying demo.
void	start() Tests the CMS SignedData implementation with the ECDSA signature algorithm and several hash algorithms.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ECDSASignedDataOutputStreamDemo

public ECDSASignedDataOutputStreamDemo()
                                throws java.lang.Exception

Default Constructor.

Throws:

java.lang.Exception

Method Detail

createSignedDataStream

public byte[] createSignedDataStream(byte[] message,
                                     int mode,
                                     iaik.asn1.structures.AlgorithmID hashAlgorithm,
                                     iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                                     java.security.PrivateKey signerKey,
                                     iaik.x509.X509Certificate[] certificates)
                              throws iaik.cms.CMSException,
                                     java.io.IOException

Creates an ECDSA signed CMS SignedDataStream object and wraps it by a CMS ContentInfoStream.

Parameters:

message - the message to be signed, as byte representation

mode - the transmission mode, either IMPLICIT or EXPLICIT

hashAlgorithm - the hash algorithm to be used

signatureAlgorithm - the signature algorithm to be used

signerKey - the private key of the signer

certificates - the certificate chain of the signer

Returns:

the DER encoding of the ContentInfo object just created

Throws:

iaik.cms.CMSException - if the SignedData, ContentInfo object cannot be created

java.io.IOException - if an I/O related error occurs

getSignedDataStream

public byte[] getSignedDataStream(byte[] signedData,
                                  byte[] message,
                                  iaik.x509.X509Certificate[] certificates)
                           throws iaik.cms.CMSException,
                                  java.io.IOException

Parses a CMS ContentInfo object holding a SignedData object and verifies the signature.

Parameters:

signedData - the ContentInfo holding the SignedData object as BER encoded byte array

message - the the message which was transmitted out-of-band (explicit signed)

certificates - the certificate of the signer (used for alternative signature verification)

Returns:

the inherent message as byte array

Throws:

iaik.cms.CMSException - if any signature does not verify

java.io.IOException - if an I/O related error occurs

runDemo

public void runDemo(byte[] message,
                    iaik.asn1.structures.AlgorithmID hashAlgorithm,
                    iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                    iaik.utils.KeyAndCertificate signerKeyAndCert)
             throws java.lang.Exception

Runs the signing - verifying demo.

Parameters:

message - the message to be signed

hashAlgorithm - the hash algorithm to be used

signatureAlgorithm - the signature algorithm to be used

signerKeyAndCert - private key and certificate chain of the signer

Throws:

java.lang.Exception

start

public void start()
           throws java.lang.Exception

Tests the CMS SignedData implementation with the ECDSA signature algorithm and several hash algorithms.

Throws:

java.lang.Exception

main

public static void main(java.lang.String[] argv)
                 throws java.lang.Exception

Starts the demo.

Throws:

java.lang.Exception - if an error occurs