demo.cms.signedData

Class PssSignedDataDemo

java.lang.Object

demo.cms.signedData.PssSignedDataDemo

public class PssSignedDataDemo
extends java.lang.Object

This class demonstrates the CMS SignedData implementation for the RSA-PSS (PKCS#1v2.1) algorithm.

Constructor Summary

Constructors

Constructor and Description
PssSignedDataDemo() Setups the demo certificate chains.

Method Summary

Modifier and Type	Method and Description
static iaik.asn1.structures.AlgorithmID	createPssAlgorithmID(iaik.asn1.structures.AlgorithmID hashID, iaik.asn1.structures.AlgorithmID mgfID, int saltLength) Creates an RSA-PSS AlgorithmID with the supplied parameters (hash algorithm id, mask generation function, salt length).
byte[]	createSignedData(byte[] message, int mode) Creates a CMS SignedData object.
byte[]	createSignedDataStream(byte[] message, int mode) Creates a CMS SignedData object.
byte[]	getSignedData(byte[] encoding, byte[] message) Parses a CMS SignedData object and verifies the signatures for all participated signers.
byte[]	getSignedDataStream(byte[] signedData, byte[] message) Parses a CMS SignedData object and verifies the signatures for all participated signers.
static void	main(java.lang.String[] argv) The main method.
void	start() Tests the CMS SignedData implementation for the RSA-PSS (PKCS#1v2.1) algorithm.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PssSignedDataDemo

public PssSignedDataDemo()
                  throws java.io.IOException

Setups the demo certificate chains. Keys and certificate are retrieved from the demo KeyStore.

Throws:

java.io.IOException - if an file read error occurs

Method Detail

createSignedDataStream

public byte[] createSignedDataStream(byte[] message,
                                     int mode)
                              throws iaik.cms.CMSException,
                                     java.io.IOException

Creates a CMS SignedData object.

Parameters:

message - the message to be signed, as byte representation

mode - the transmission mode, either IMPLICIT or EXPLICIT

Returns:

the BER encoding of the SignedData object just created

Throws:

iaik.cms.CMSException - if the SignedData object cannot be created

java.io.IOException - if some stream I/O error occurs

getSignedDataStream

public byte[] getSignedDataStream(byte[] signedData,
                                  byte[] message)
                           throws iaik.cms.CMSException,
                                  java.io.IOException

Parses a CMS SignedData object and verifies the signatures for all participated signers.

Parameters:

signedData - SignedData object as BER encoded byte array

message - the message which was transmitted out-of-band (if explicit signed), otherwise null (implicit signed)

Returns:

the inherent message as byte array

Throws:

iaik.cms.CMSException - if any signature does not verify

java.io.IOException - if some stream I/O error occurs

createSignedData

public byte[] createSignedData(byte[] message,
                               int mode)
                        throws iaik.cms.CMSException

Creates a CMS SignedData object.

Parameters:

message - the message to be signed, as byte representation

mode - the mode, either SignedData.IMPLICIT or SignedData.EXPLICIT

Returns:

the DER encoded SignedData object

Throws:

iaik.cms.CMSException - if the SignedData object cannot be created

getSignedData

public byte[] getSignedData(byte[] encoding,
                            byte[] message)
                     throws iaik.cms.CMSException,
                            java.io.IOException

Parses a CMS SignedData object and verifies the signatures for all participated signers.

Parameters:

encoding - the DER encoded SignedData object

message - the message which was transmitted out-of-band (if explicit signed), otherwise null (implicit signed)

Returns:

the inherent message as byte array

Throws:

iaik.cms.CMSException - if any signature does not verify

java.io.IOException - if some stream I/O error occurs

createPssAlgorithmID

public static iaik.asn1.structures.AlgorithmID createPssAlgorithmID(iaik.asn1.structures.AlgorithmID hashID,
                                                                    iaik.asn1.structures.AlgorithmID mgfID,
                                                                    int saltLength)
                                                             throws java.security.InvalidAlgorithmParameterException,
                                                                    java.security.NoSuchAlgorithmException

Creates an RSA-PSS AlgorithmID with the supplied parameters (hash algorithm id, mask generation function, salt length).

Parameters:

hashID - the hash algorithm to be used

mgfID - the mask generation function to be used

saltLength - the salt length to be used

Returns:

the RSA-PSS algorithm id with the given parameters

Throws:

java.security.InvalidAlgorithmParameterException - if the parameters cannot be created/set

java.security.NoSuchAlgorithmException - if there is no AlgorithmParameters implementation for RSA-PSS

start

public void start()

Tests the CMS SignedData implementation for the RSA-PSS (PKCS#1v2.1) algorithm.

main

public static void main(java.lang.String[] argv)
                 throws java.lang.Exception

The main method.

Throws:

java.lang.Exception