SignedDataStreamDemo (6.1 Demo API Documentation)

java.lang.Object
- demo.cms.pkcs11.PKCS11Demo
- - demo.cms.pkcs11.SignedDataStreamDemo

Direct Known Subclasses:

ExplicitRSAPssSignedDataStreamDemo, ExplicitSignedDataStreamDemo, ImplicitRSAPssSignedDataStreamDemo, ImplicitSignedDataStreamDemo
```
public abstract class SignedDataStreamDemo
extends PKCS11Demo
```
Base class of SignedDataStream demos using PKCS#11 for accessing the signer key on a smart card.

Field Summary

Fields
Modifier and Type	Field and Description
`protected java.security.cert.X509Certificate`	`signerCertificate_` This is the certificate used for verifying the signature.
`protected java.security.PrivateKey`	`signerKey_` The private key of the signer.

Fields inherited from class demo.cms.pkcs11.PKCS11Demo
iaikPkcs11Provider_, iaikSoftwareProvider_, moduleName_, tokenKeyStore_, userPin_

Constructor Summary

Constructors
Modifier Constructor and Description

protected SignedDataStreamDemo()
Creates a SignedDataStreamDemo object that has to be explicitly initialized with a module name.

Constructors
Modifier	Constructor and Description
`protected`	`SignedDataStreamDemo()` Creates a SignedDataStreamDemo object that has to be explicitly `initialized` with a module name.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected iaik.cms.SignerInfo`	`createSignerInfo(iaik.x509.X509Certificate signerCertificate)` This method creates a SignerInfo for the given signer certificate.
`protected void`	`getSignatureKey()` This method gets the key stores of all inserted (compatible) smart cards and simply takes the first key-entry.
`protected void`	`getSignatureKey(java.lang.String algorithm)` This method gets the key stores of all inserted (compatible) smart cards and simply takes the first key-entry.
`void`	`init(java.lang.String[] args)` This method starts the demo based on the given command line arguments.
`byte[]`	`sign(byte[] data, boolean implicit)` This method signs the data in the byte array `DATA` with `signatureKey_`.
`void`	`start(boolean implicit)` Starts the demo.
`byte[]`	`verify(byte[] encodedSignedData, byte[] contentData)` This method verifies the signature stored in `signatureKey_`.

Methods inherited from class demo.cms.pkcs11.PKCS11Demo
getKeyStore, init

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - signerKey_
```
protected java.security.PrivateKey signerKey_
```
    The private key of the signer. In this case only a proxy object, but the application cannot see this.
  - signerCertificate_
```
protected java.security.cert.X509Certificate signerCertificate_
```
    This is the certificate used for verifying the signature. In contrast to the private signer key, the certificate holds the actual public keying material.
- Constructor Detail
  - SignedDataStreamDemo
```
protected SignedDataStreamDemo()
```
    Creates a SignedDataStreamDemo object that has to be explicitly initialized with a module name.
- Method Detail
  - getSignatureKey
```
protected void getSignatureKey()
                        throws java.security.GeneralSecurityException,
                               java.io.IOException
```
    This method gets the key stores of all inserted (compatible) smart cards and simply takes the first key-entry. From this key entry it takes the private key and the certificate to retrieve the public key from. The keys are stored in the member variables signerKey_ and signerCertificate_.
    
    Throws:
    
    java.security.GeneralSecurityException - If anything with the provider fails.
    
    java.io.IOException - If loading the key store fails.
  - getSignatureKey
```
protected void getSignatureKey(java.lang.String algorithm)
                        throws java.security.GeneralSecurityException,
                               java.io.IOException
```
    This method gets the key stores of all inserted (compatible) smart cards and simply takes the first key-entry. From this key entry it takes the private key and the certificate to retrieve the public key from. The keys are stored in the member variables signerKey_ and signerCertificate_.
    If algorithm is not null only those keys are considered that match the given algorithm.
    
    Parameters:
    
    algorithm - the key algorithm; maybe null to take the first signing key regardless of its algorithm
    
    Throws:
    
    java.security.GeneralSecurityException - If anything with the provider fails.
    
    java.io.IOException - If loading the key store fails.
  - createSignerInfo
```
protected iaik.cms.SignerInfo createSignerInfo(iaik.x509.X509Certificate signerCertificate)
```
    This method creates a SignerInfo for the given signer certificate.
    
    Parameters:
    
    signerCertificate - the certificate of the signer
    
    Returns:
    
    the SignerInfo
  - sign
```
public byte[] sign(byte[] data,
                   boolean implicit)
            throws java.security.GeneralSecurityException,
                   java.io.IOException,
                   iaik.cms.CMSException
```
    This method signs the data in the byte array DATA with signatureKey_. Normally the data would be read from file. The created signature is stored in signature_.
    
    Parameters:
    
    data - the data to be signed
    
    implicit - whether to include the data (implicit mode) or to not include it (explicit mode)
    
    Returns:
    
    the encoded SignedData
    
    Throws:
    
    java.security.GeneralSecurityException - If anything with the provider fails.
    
    java.io.IOException - If the data file could not be found or writing to it failed.
    
    iaik.cms.CMSException - If an error occurs when creating/encoding the SignedData
  - verify
```
public byte[] verify(byte[] encodedSignedData,
                     byte[] contentData)
              throws java.security.GeneralSecurityException,
                     iaik.cms.CMSException,
                     java.io.IOException,
                     java.security.SignatureException
```
    This method verifies the signature stored in signatureKey_. The verification key used is verificationKey_. The implementation for the signature algorithm is taken from an other provider. Here IAIK is used, IAIK is pure software.
    
    Parameters:
    
    encodedSignedData - the encoded SignedData object
    
    contentData - the contentData (in explicit mode required for signature verification)
    
    Returns:
    
    the content data
    
    Throws:
    
    java.security.GeneralSecurityException - If anything with the provider fails.
    
    java.io.IOException - If reading the CMS file fails.
    
    iaik.cms.CMSException - If handling the CMS structure fails.
    
    java.security.SignatureException - If the signature verification fails
  - start
```
public void start(boolean implicit)
```
    Starts the demo.
    
    Parameters:
    
    implicit - whether the implicit or explicit mode is used (data included in signature or not)
  - init
```
public void init(java.lang.String[] args)
```
    This method starts the demo based on the given command line arguments.
    
    Parameters:
    
    args - These are the command line arguments.

Class SignedDataStreamDemo

Field Summary

Fields inherited from class demo.cms.pkcs11.PKCS11Demo

Constructor Summary

Method Summary

Methods inherited from class demo.cms.pkcs11.PKCS11Demo

Methods inherited from class java.lang.Object

Field Detail

signerKey_

signerCertificate_

Constructor Detail

SignedDataStreamDemo

Method Detail

getSignatureKey

getSignatureKey

createSignerInfo

sign

verify

start

init