demo.cms.ecc

Class EckaEGAuthEnvelopedDataDemo

java.lang.Object

demo.cms.ecc.EckaEGAuthEnvelopedDataDemo

public class EckaEGAuthEnvelopedDataDemo
extends java.lang.Object

Demonstrates the usage of class SignedDataStream and SignedData, and AuthEnvelopedDataStream and AuthEnvelopedData according to the BSI Technical Recommendation BSI TR-03109-1 for transmitting signed authenticated encrypted data between Smart-Meter-Gateways and external market participants and the Smart Meter Gateway Administrator.

This demo uses AES-GCM as specified by RFC 5084 and AES-CBC-CMAC as specified by BSI TR-03109-1 for authenticated encryption. The demo compressed the data, creates an AuthEnvelopedData object, packs it into a SignedData and subsequently shows several ways that may be used for decrypting the content for some particular recipient.

Any keys/certificates required for this demo are read from a keystore file "cmsecc.keystore" located in your current working directory. If the keystore file does not exist you can create it by running the SetupCMSEccKeyStore program.

Additionally to iaik_cms.jar you also must have iaik_jce_(full).jar (IAIK-JCE, https://sic.tech/products/core-crypto-toolkits/jca-jce/), and iaik_eccelarate.jar (IAIK-ECCelerate^TM, https://sic.tech/products/core-crypto-toolkits/eccelerate/) in your classpath.

See Also:

AuthEnvelopedDataStream, AuthEnvelopedData, SignedDataStream, SignedData, RecipientInfo, KeyAgreeRecipientInfo

Constructor Summary

Constructors

Constructor and Description
EckaEGAuthEnvelopedDataDemo() Setup the demo certificate chains.

Method Summary

Modifier and Type	Method and Description
byte[]	createAuthEnvelopedData(byte[] message, iaik.asn1.structures.AlgorithmID contentAuthEncAlg, iaik.x509.X509Certificate recipient1Cert, iaik.x509.X509Certificate recipient2Cert) Creates a CMS AuthEnvelopedData message.
byte[]	createAuthEnvelopedDataOutputStream(byte[] message, iaik.asn1.structures.AlgorithmID contentAuthEncAlg, iaik.x509.X509Certificate recipient1Cert, iaik.x509.X509Certificate recipient2Cert) Creates a CMS AuthEnvelopedData message using class AuthEnvelopedDataOutputStream.
byte[]	createAuthEnvelopedDataStream(byte[] message, iaik.asn1.structures.AlgorithmID contentAuthEncAlg, iaik.x509.X509Certificate recipient1Cert, iaik.x509.X509Certificate recipient2Cert) Creates a CMS AuthEnvelopedData message using class AuthEnvelopedDataStream.
byte[]	createCompressedData(byte[] message) Creates a CMS CompressedData object.
byte[]	createCompressedDataStream(byte[] message) Creates a CMS CompressedData object.
iaik.cms.RecipientInfo[]	createRecipients(iaik.asn1.structures.AlgorithmID contentAuthEncAlg, iaik.x509.X509Certificate recipient1Cert, iaik.x509.X509Certificate recipient2Cert) Creates the RecipientInfos.
byte[]	createSignedData(byte[] message, int mode, iaik.asn1.structures.AlgorithmID hashAlgorithm, iaik.asn1.structures.AlgorithmID signatureAlgorithm, java.security.PrivateKey signerKey, iaik.x509.X509Certificate[] certificates) Creates an ECDSA signed CMS SignedData object and wraps it by a CMS ContentInfo object.
byte[]	createSignedDataStream(byte[] message, int mode, iaik.asn1.structures.AlgorithmID hashAlgorithm, iaik.asn1.structures.AlgorithmID signatureAlgorithm, java.security.PrivateKey signerKey, iaik.x509.X509Certificate[] certificates) Creates an ECDSA signed CMS SignedDataStream object and wraps it by a CMS ContentInfoStream.
byte[]	getAuthEnvelopedData(byte[] enc, java.security.Key key, int recipientInfoIndex) Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by its index into the recipientInfos field and verifies the message authentication code.
byte[]	getAuthEnvelopedData(byte[] enc, java.security.Key key, iaik.cms.KeyIdentifier recipientID) Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by recipient identifier.
byte[]	getAuthEnvelopedData(byte[] enc, java.security.Key key, iaik.x509.X509Certificate recipientCert) Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by its recipient certificate.
byte[]	getAuthEnvelopedDataStream(byte[] encoding, java.security.Key key, int recipientInfoIndex) Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by its index into the recipientInfos field and verifies the message authentication code.
byte[]	getAuthEnvelopedDataStream(byte[] encoding, java.security.Key key, iaik.cms.KeyIdentifier recipientID) Decrypts the encrypted content of the given EnvelopedData object for the recipient identified by recipient identifier and verifies the message authentication code.
byte[]	getAuthEnvelopedDataStream(byte[] encoding, java.security.Key key, iaik.x509.X509Certificate recipientCert) Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by its recipient certificate and verifies the message authentication code.
byte[]	getCompressedData(byte[] encoding) Parses a CMS CompressedData object.
byte[]	getCompressedDataStream(byte[] encoding) Parses a CMS CompressedData object.
byte[]	getSignedData(byte[] signedData, byte[] message, iaik.x509.X509Certificate[] certificates) Parses a CMS ContentInfo holding a SignedData object and verifies the signature.
byte[]	getSignedDataStream(byte[] signedData, byte[] message, iaik.x509.X509Certificate[] certificates) Parses a CMS ContentInfo object holding a SignedData object and verifies the signature.
static void	main(java.lang.String[] argv) Main method.
void	parseAuthEnvelopedDataWithRecipientCert(boolean stream, byte[] encodedAuthEnvelopedData, java.security.PrivateKey recipient1PrivateKey, iaik.x509.X509Certificate recipient1Cert, java.security.PrivateKey recipient2PrivateKey, iaik.x509.X509Certificate recipient2Cert) Parses an AuthEnvelopedData and decrypts the content for all test recipients using their recipient certificate for identifying the recipient.
void	parseAuthEnvelopedDataWithRecipientIdentifier(boolean stream, byte[] encodedAuthEnvelopedData, java.security.PrivateKey recipient1PrivateKey, iaik.x509.X509Certificate recipient1Cert, java.security.PrivateKey recipient2PrivateKey, iaik.x509.X509Certificate recipient2Cert) Parses an AuthEnvelopedData and decrypts the content for all test recipients using their recipient identifiers for identifying the recipient.
void	parseAuthEnvelopedDataWithRecipientInfoIndex(boolean stream, byte[] encodedAuthEnvelopedData, java.security.PrivateKey recipient1PrivateKey, java.security.PrivateKey recipient2PrivateKey) Parses an AuthEnvelopedData and decrypts the content for all test recipients using the index into the recipientInfos field for identifying the recipient.
void	start() Starts the test.
void	start(iaik.asn1.structures.AlgorithmID contentAuthEncAlg, java.security.PrivateKey signerPrivateKey, iaik.x509.X509Certificate[] signerCertChain, java.security.PrivateKey recipient1PrivateKey, iaik.x509.X509Certificate recipient1Cert, java.security.PrivateKey recipient2PrivateKey, iaik.x509.X509Certificate recipient2Cert) Starts the test for the given content-authenticated encryption algorithm.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

EckaEGAuthEnvelopedDataDemo

public EckaEGAuthEnvelopedDataDemo()
                            throws java.io.IOException

Setup the demo certificate chains. Keys and certificates are retrieved from the demo KeyStore ("cmsecc.keystore") file which has to be located in your current working directory and may be created by running SetupCMSEccKeyStore.

Throws:

java.io.IOException - if an file read error occurs

Method Detail

createAuthEnvelopedDataStream

public byte[] createAuthEnvelopedDataStream(byte[] message,
                                            iaik.asn1.structures.AlgorithmID contentAuthEncAlg,
                                            iaik.x509.X509Certificate recipient1Cert,
                                            iaik.x509.X509Certificate recipient2Cert)
                                     throws iaik.cms.CMSException,
                                            java.io.IOException

Creates a CMS AuthEnvelopedData message using class AuthEnvelopedDataStream.

Parameters:

message - the message to be authenticated-enveloped, as byte representation

contentAuthEncAlg - the id of the content-authenticated encryption algorithm

recipient1Cert - the certificate of the first recipient (sender)

recipient2Cert - the certificate of the second recipient *

Returns:

the BER encoding of the AuthEnvelopedData object just created

Throws:

iaik.cms.CMSException - if the AuthEnvelopedData object cannot be created

java.io.IOException - if an I/O error occurs

createAuthEnvelopedDataOutputStream

public byte[] createAuthEnvelopedDataOutputStream(byte[] message,
                                                  iaik.asn1.structures.AlgorithmID contentAuthEncAlg,
                                                  iaik.x509.X509Certificate recipient1Cert,
                                                  iaik.x509.X509Certificate recipient2Cert)
                                           throws iaik.cms.CMSException,
                                                  java.io.IOException

Creates a CMS AuthEnvelopedData message using class AuthEnvelopedDataOutputStream. The content data is compressed inside this method.

Parameters:

message - the message to be authenticated-enveloped, as byte representation

contentAuthEncAlg - the id of the content-authenticated encryption algorithm

recipient1Cert - the certificate of the first recipient (sender)

recipient2Cert - the certificate of the second recipient

Returns:

the BER encoding of the AuthEnvelopedData object just created

Throws:

iaik.cms.CMSException - if the AuthEnvelopedData object cannot be created

java.io.IOException - if an I/O error occurs

getAuthEnvelopedDataStream

public byte[] getAuthEnvelopedDataStream(byte[] encoding,
                                         java.security.Key key,
                                         int recipientInfoIndex)
                                  throws iaik.cms.CMSException,
                                         java.io.IOException

Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by its index into the recipientInfos field and verifies the message authentication code.

This way of decrypting the content may be used for any type of RecipientInfo (KeyTransRecipientInfo, KeyAgreeRecipientInfo, KEKRecipientInfo), but requires to know at what index of the recipientInfo field the RecipientInfo for the particular recipient in mind can be found. If the recipient in mind uses a RecipientInfo of type KeyAgreeRecipientInfo some processing overhead may take place because a KeyAgreeRecipientInfo may contain encrypted content-encryption keys for more than only one recipient; since the recipientInfoIndex only specifies the RecipientInfo but not the encrypted content encryption key -- if there are more than only one -- repeated decryption runs may be required as long as the decryption process completes successfully.

Parameters:

encoding - the AuthEnvelopedData object as DER encoded byte array

key - the key to decrypt the message

recipientInfoIndex - the index into the RecipientInfo array to which the specified key belongs

Returns:

the recovered message, as byte array

Throws:

iaik.cms.CMSException - if the message cannot be recovered or MAC verification fails

java.io.IOException - if a stream read/write error occurs

getAuthEnvelopedDataStream

public byte[] getAuthEnvelopedDataStream(byte[] encoding,
                                         java.security.Key key,
                                         iaik.cms.KeyIdentifier recipientID)
                                  throws iaik.cms.CMSException,
                                         java.io.IOException

Decrypts the encrypted content of the given EnvelopedData object for the recipient identified by recipient identifier and verifies the message authentication code.

This way of decrypting the content may be used for any type of RecipientInfo (KeyTransRecipientInfo, KeyAgreeRecipientInfo, KEKRecipientInfo). The recipient in mind is identified by its recipient identifier.

Parameters:

encoding - the AuthEnvelopedData object as BER encoded byte array

key - the key to decrypt the message

recipientID - the recipient identifier uniquely identifying the key of the recipient

Returns:

the recovered message, as byte array

Throws:

iaik.cms.CMSException - if the message cannot be recovered

java.io.IOException - if a stream read/write error occurs

getAuthEnvelopedDataStream

public byte[] getAuthEnvelopedDataStream(byte[] encoding,
                                         java.security.Key key,
                                         iaik.x509.X509Certificate recipientCert)
                                  throws iaik.cms.CMSException,
                                         java.io.IOException

Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by its recipient certificate and verifies the message authentication code.

Parameters:

encoding - the AuthEnvelopedData object as BER encoded byte array

key - the key to decrypt the message

recipientCert - the certificate of the recipient having a RecipientInfo of type KeyTransRecipientInfo or KeyAgreeRecipientInfo

Returns:

the recovered message, as byte array

Throws:

iaik.cms.CMSException - if the message cannot be recovered

java.io.IOException - if a stream read/write error occurs

createAuthEnvelopedData

public byte[] createAuthEnvelopedData(byte[] message,
                                      iaik.asn1.structures.AlgorithmID contentAuthEncAlg,
                                      iaik.x509.X509Certificate recipient1Cert,
                                      iaik.x509.X509Certificate recipient2Cert)
                               throws iaik.cms.CMSException

Creates a CMS AuthEnvelopedData message.

Parameters:

message - the message to be enveloped, as byte representation

contentAuthEncAlg - the id of the content-authenticated encryption algorithm

recipient1Cert - the certificate of the first recipient (sender)

recipient2Cert - the certificate of the second recipient

Returns:

the encoded AuthEnvelopedData, as byte array

Throws:

iaik.cms.CMSException - if the AuthEnvelopedData object cannot be created

getAuthEnvelopedData

public byte[] getAuthEnvelopedData(byte[] enc,
                                   java.security.Key key,
                                   int recipientInfoIndex)
                            throws iaik.cms.CMSException,
                                   java.io.IOException

Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by its index into the recipientInfos field and verifies the message authentication code.

This way of decrypting the content may be used for any type of RecipientInfo (KeyTransRecipientInfo, KeyAgreeRecipientInfo, KEKRecipientInfo), but requires to know at what index of the recipientInfo field the RecipientInfo for the particular recipient in mind can be found. If the recipient in mind uses a RecipientInfo of type KeyAgreeRecipientInfo some processing overhead may take place because a KeyAgreeRecipientInfo may contain encrypted content-encryption keys for more than only one recipient; since the recipientInfoIndex only specifies the RecipientInfo but not the encrypted content encryption key -- if there are more than only one -- repeated decryption runs may be required as long as the decryption process completes successfully.

Parameters:

enc - the encoded AuthEnvelopedData

key - the key to decrypt the message

recipientInfoIndex - the index into the RecipientInfo array to which the specified key belongs

Returns:

the recovered message, as byte array

Throws:

iaik.cms.CMSException - if the message cannot be recovered

java.io.IOException - if an I/O error occurs

getAuthEnvelopedData

public byte[] getAuthEnvelopedData(byte[] enc,
                                   java.security.Key key,
                                   iaik.cms.KeyIdentifier recipientID)
                            throws iaik.cms.CMSException,
                                   java.io.IOException

Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by recipient identifier.

This way of decrypting the content may be used for any type of RecipientInfo (KeyTransRecipientInfo, KeyAgreeRecipientInfo, KEKRecipientInfo). The recipient in mind is identified by its recipient identifier.

Parameters:

enc - the BER encoded AuthEnvelopedData ASN.1 object

key - the key to decrypt the message

recipientID - the recipient identifier uniquely identifying the key of the recipient

Returns:

the recovered message, as byte array

Throws:

iaik.cms.CMSException - if the message cannot be recovered

java.io.IOException - if an I/O error occurs

getAuthEnvelopedData

public byte[] getAuthEnvelopedData(byte[] enc,
                                   java.security.Key key,
                                   iaik.x509.X509Certificate recipientCert)
                            throws iaik.cms.CMSException,
                                   java.io.IOException

Decrypts the encrypted content of the given AuthEnvelopedData object for the recipient identified by its recipient certificate.

Parameters:

enc - the BER encoded AuthEnvelopedData ASN.1 object

key - the key to decrypt the message

recipientCert - the certificate of the recipient having a RecipientInfo of type KeyTransRecipientInfo or KeyAgreeRecipientInfo

Returns:

the recovered message, as byte array

Throws:

iaik.cms.CMSException - if the message cannot be recovered

java.io.IOException

createRecipients

public iaik.cms.RecipientInfo[] createRecipients(iaik.asn1.structures.AlgorithmID contentAuthEncAlg,
                                                 iaik.x509.X509Certificate recipient1Cert,
                                                 iaik.x509.X509Certificate recipient2Cert)
                                          throws iaik.cms.CMSException

Creates the RecipientInfos.

Parameters:

contentAuthEncAlg - the content encryption algorithm

recipient1Cert - the certificate of the first recipient (sender)

recipient2Cert - the certificate of the second recipient

Returns:

the RecipientInfos created, one KeyAgreeRecipientInfo (for two recipients with same domain parameters)

Throws:

iaik.cms.CMSException - if an error occurs when creating the recipient infos

parseAuthEnvelopedDataWithRecipientInfoIndex

public void parseAuthEnvelopedDataWithRecipientInfoIndex(boolean stream,
                                                         byte[] encodedAuthEnvelopedData,
                                                         java.security.PrivateKey recipient1PrivateKey,
                                                         java.security.PrivateKey recipient2PrivateKey)
                                                  throws java.lang.Exception

Parses an AuthEnvelopedData and decrypts the content for all test recipients using the index into the recipientInfos field for identifying the recipient.

Parameters:

stream - whether to use AuthEnvelopedDataStream or AuthEnvelopedData

encodedAuthEnvelopedData - the encoded AuthEnvelopedData object

recipient1PrivateKey - the private key of the first recipient (sender)

recipient2PrivateKey - the private key of the second recipient

Throws:

java.lang.Exception - if some error occurs during decoding/decryption

parseAuthEnvelopedDataWithRecipientIdentifier

public void parseAuthEnvelopedDataWithRecipientIdentifier(boolean stream,
                                                          byte[] encodedAuthEnvelopedData,
                                                          java.security.PrivateKey recipient1PrivateKey,
                                                          iaik.x509.X509Certificate recipient1Cert,
                                                          java.security.PrivateKey recipient2PrivateKey,
                                                          iaik.x509.X509Certificate recipient2Cert)
                                                   throws java.lang.Exception

Parses an AuthEnvelopedData and decrypts the content for all test recipients using their recipient identifiers for identifying the recipient.

Parameters:

stream - whether to use AuthEnvelopedDataStream or AuthEnvelopedData

encodedAuthEnvelopedData - the encoded AuthEnvelopedData object

recipient1PrivateKey - the private key of the first recipient (sender)

recipient1Cert - the certificate of the first recipient (sender)

recipient2PrivateKey - the private key of the second recipient

recipient2Cert - the certificate of the second recipient

Throws:

java.lang.Exception - if some error occurs during decoding/decryption

parseAuthEnvelopedDataWithRecipientCert

public void parseAuthEnvelopedDataWithRecipientCert(boolean stream,
                                                    byte[] encodedAuthEnvelopedData,
                                                    java.security.PrivateKey recipient1PrivateKey,
                                                    iaik.x509.X509Certificate recipient1Cert,
                                                    java.security.PrivateKey recipient2PrivateKey,
                                                    iaik.x509.X509Certificate recipient2Cert)
                                             throws java.lang.Exception

Parses an AuthEnvelopedData and decrypts the content for all test recipients using their recipient certificate for identifying the recipient.

Parameters:

stream - whether to use AuthEnvelopedDataStream or AuthEnvelopedData

encodedAuthEnvelopedData - the encoded AuthEnvelopedData object

recipient1PrivateKey - the private key of the first recipient (sender)

recipient1Cert - the certificate of the first recipient (sender)

recipient2PrivateKey - the private key of the second recipient

recipient2Cert - the certificate of the second recipient

Throws:

java.lang.Exception - if some error occurs during decoding/decryption

createSignedDataStream

public byte[] createSignedDataStream(byte[] message,
                                     int mode,
                                     iaik.asn1.structures.AlgorithmID hashAlgorithm,
                                     iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                                     java.security.PrivateKey signerKey,
                                     iaik.x509.X509Certificate[] certificates)
                              throws iaik.cms.CMSException,
                                     java.io.IOException

Creates an ECDSA signed CMS SignedDataStream object and wraps it by a CMS ContentInfoStream.

Parameters:

message - the message to be signed, as byte representation

mode - the transmission mode, either IMPLICIT or EXPLICIT

hashAlgorithm - the hash algorithm to be used

signatureAlgorithm - the signature algorithm to be used

signerKey - the private key of the signer

certificates - the certificate chain of the signer

Returns:

the DER encoding of the ContentInfo object just created

Throws:

iaik.cms.CMSException - if the SignedData, ContentInfo object cannot be created

java.io.IOException - if an I/O related error occurs

getSignedDataStream

public byte[] getSignedDataStream(byte[] signedData,
                                  byte[] message,
                                  iaik.x509.X509Certificate[] certificates)
                           throws iaik.cms.CMSException,
                                  java.io.IOException

Parses a CMS ContentInfo object holding a SignedData object and verifies the signature.

Parameters:

signedData - the ContentInfo holding the SignedData object as BER encoded byte array

message - the the message which was transmitted out-of-band (explicit signed)

certificates - the certificate of the signer (used for alternative signature verification)

Returns:

the inherent message as byte array

Throws:

iaik.cms.CMSException - if any signature does not verify

java.io.IOException - if an I/O related error occurs

createSignedData

public byte[] createSignedData(byte[] message,
                               int mode,
                               iaik.asn1.structures.AlgorithmID hashAlgorithm,
                               iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                               java.security.PrivateKey signerKey,
                               iaik.x509.X509Certificate[] certificates)
                        throws iaik.cms.CMSException,
                               java.io.IOException

Creates an ECDSA signed CMS SignedData object and wraps it by a CMS ContentInfo object.

Parameters:

message - the message to be signed, as byte representation

mode - the mode, either SignedData.IMPLICIT or SignedData.EXPLICIT

hashAlgorithm - the hash algorithm to be used

signatureAlgorithm - the signature algorithm to be used

signerKey - the private key of the signer

certificates - the certificate chain of the signer

Returns:

the DER encoded SignedData-ContentInfo object

Throws:

iaik.cms.CMSException - if the SignedData-ContentInfo object cannot be created

java.io.IOException - if an I/O related error occurs

getSignedData

public byte[] getSignedData(byte[] signedData,
                            byte[] message,
                            iaik.x509.X509Certificate[] certificates)
                     throws iaik.cms.CMSException,
                            java.io.IOException

Parses a CMS ContentInfo holding a SignedData object and verifies the signature.

Parameters:

signedData - the ContentInfo holding the SignedData object as DER encoded byte array

message - the message which was transmitted out-of-band (explicit signed)

certificates - the certificate of the signer (used for alternative signature verification)

Returns:

the inherent message as byte array

Throws:

iaik.cms.CMSException - if any signature does not verify

java.io.IOException - if an I/O related error occurs

createCompressedDataStream

public byte[] createCompressedDataStream(byte[] message)
                                  throws iaik.cms.CMSException,
                                         java.io.IOException,
                                         java.security.NoSuchAlgorithmException

Creates a CMS CompressedData object.

Parameters:

message - the message to be compressed, as byte representation

Returns:

the BER encoding of the CompressedData object just created

Throws:

iaik.cms.CMSException - if the CompressedData object cannot be created

java.io.IOException - if an I/O error occurs

java.security.NoSuchAlgorithmException - if the compression algorithm is not supported

getCompressedDataStream

public byte[] getCompressedDataStream(byte[] encoding)
                               throws iaik.cms.CMSException,
                                      java.io.IOException,
                                      java.security.NoSuchAlgorithmException

Parses a CMS CompressedData object.

Parameters:

encoding - the CompressedData object as BER encoded byte array

Returns:

the decompressed message as byte array

Throws:

iaik.cms.CMSException - if the CompressedData cannot be parsed

java.io.IOException - if an I/O error occurs

java.security.NoSuchAlgorithmException - if the compression algorithm is not supported

createCompressedData

public byte[] createCompressedData(byte[] message)
                            throws iaik.cms.CMSException,
                                   java.io.IOException,
                                   java.security.NoSuchAlgorithmException

Creates a CMS CompressedData object.

Parameters:

message - the message to be compressed, as byte representation

Returns:

the DER encoded CompressedData

Throws:

iaik.cms.CMSException - if the CompressedData object cannot be created

java.io.IOException - if an I/O error occurs

java.security.NoSuchAlgorithmException - if the compression algorithm is not supported

getCompressedData

public byte[] getCompressedData(byte[] encoding)
                         throws iaik.cms.CMSException,
                                java.io.IOException,
                                java.security.NoSuchAlgorithmException

Parses a CMS CompressedData object.

Parameters:

encoding - the DER encoded CompressedData object

Returns:

the decompressed message as byte array

Throws:

iaik.cms.CMSException - if the CompressedData cannot be parsed

java.io.IOException - if an I/O error occurs

java.security.NoSuchAlgorithmException - if the compression algorithm is not supported

start

public void start()

Starts the test.

start

public void start(iaik.asn1.structures.AlgorithmID contentAuthEncAlg,
                  java.security.PrivateKey signerPrivateKey,
                  iaik.x509.X509Certificate[] signerCertChain,
                  java.security.PrivateKey recipient1PrivateKey,
                  iaik.x509.X509Certificate recipient1Cert,
                  java.security.PrivateKey recipient2PrivateKey,
                  iaik.x509.X509Certificate recipient2Cert)

Starts the test for the given content-authenticated encryption algorithm.

Parameters:

contentAuthEncAlg - the id of the content-authenticated encryption algorithm

main

public static void main(java.lang.String[] argv)
                 throws java.lang.Exception

Main method.

Throws:

java.io.IOException - if an I/O error occurs when reading required keys and certificates from files

java.lang.Exception