demo.smime.ecc

Class SMimeV4EccDemo

java.lang.Object

demo.smime.ecc.SMimeV4EccDemo

Direct Known Subclasses:

SimpleSMimeV4EcDemo, SMimeV4BrainpoolDemo

public class SMimeV4EccDemo
extends java.lang.Object

This class demonstrates the usage of the IAIK S/MIME implementation. It shows how to create signed and/or (authenticated) encrypted S/MIMEv4 messages using ECC keys and how to parse them and verify the signatures and decrypt the content, respectively.

This demo uses several combinations of cryptographic algorithms that may not used in this way in practice. For a simple demos using only one set of algorithms see the SimpleSMimeV4EcDemo and SimpleSMimeV4EdDemo.

Additionally to iaik_cms.jar you also must have iaik_jce_(full).jar (IAIK-JCE, https://sic.tech/products/core-crypto-toolkits/jca-jce/), and iaik_eccelarate.jar (IAIK-ECCelerate^TM, https://sic.tech/products/core-crypto-toolkits/eccelerate/) in your classpath.

To run this demo the following packages are required:

• iaik_cms.jar
• iaik_jce(_full).jar (IAIK-JCE Core Crypto Library).
• iaik_eccelerate.jar (IAIK ECC Library).
• Jakarta/Angus Mail
• Jakarta Activation Framework

Constructor Summary

Constructors

Constructor and Description
SMimeV4EccDemo() Default constructor.

Method Summary

Modifier and Type	Method and Description
jakarta.mail.Message	createEncryptedMessage(jakarta.mail.Session session, iaik.asn1.structures.AlgorithmID contentEA, int keyLength, iaik.asn1.structures.AlgorithmID keyEA, iaik.asn1.structures.AlgorithmID keyWrapAlgorithm, int kekLength, boolean authEncrypt, iaik.x509.X509Certificate[] recipientCerts) Creates an (maybe authenticated) encrypted message.
jakarta.mail.Message	createMessage(jakarta.mail.Session session, java.lang.String subject) Creates a MIME message container with the given subject for the given session.
jakarta.mail.Message	createSignedAndEncryptedMessage(jakarta.mail.Session session, iaik.asn1.structures.AlgorithmID digestAlgorithm, iaik.asn1.structures.AlgorithmID signatureAlgorithm, iaik.asn1.structures.AlgorithmID contentEA, int keyLength, iaik.asn1.structures.AlgorithmID keyEA, iaik.asn1.structures.AlgorithmID keyWrapAlgorithm, int kekLength, jakarta.activation.DataHandler dataHandler, boolean implicit, boolean authEncrypt, java.security.PrivateKey signerKey, iaik.x509.X509Certificate[] signerCerts, iaik.x509.X509Certificate[] recipientCerts) Creates a signed and (maybe authenticated) encrypted message.
jakarta.mail.Message	createSignedMessage(jakarta.mail.Session session, jakarta.activation.DataHandler dataHandler, boolean implicit, iaik.asn1.structures.AlgorithmID digestAlgorithm, iaik.asn1.structures.AlgorithmID signatureAlgorithm, java.security.PrivateKey signerKey, iaik.x509.X509Certificate[] signerCertificates) Creates a signed message.
static void	main(java.lang.String[] argv) The main method.
void	start() Starts the demo.
void	startEncryptionDemo(jakarta.mail.Session session, iaik.asn1.structures.AlgorithmID contentEA, int keyLength, iaik.asn1.structures.AlgorithmID keyEA, iaik.asn1.structures.AlgorithmID keyWrapAlgorithm, int kekLength, boolean authEncrypt, iaik.x509.X509Certificate[] recipientCerts) Starts the (maybe authenticated) encryption demo.
void	startSigningAndEncryptionDemo(jakarta.mail.Session session, jakarta.activation.DataHandler multipart, iaik.asn1.structures.AlgorithmID digestAlgorithm, iaik.asn1.structures.AlgorithmID signatureAlgorithm, iaik.asn1.structures.AlgorithmID contentEA, int keyLength, iaik.asn1.structures.AlgorithmID keyEA, iaik.asn1.structures.AlgorithmID keyWrapAlgorithm, int kekLength, boolean authEncrypt, java.security.PrivateKey signerKey, iaik.x509.X509Certificate[] signerCerts, iaik.x509.X509Certificate[] recipientCerts) Starts the signing + (maybe authenticated) encryption demo.
void	startSigningDemo(jakarta.mail.Session session, jakarta.activation.DataHandler multipart, iaik.asn1.structures.AlgorithmID digestAlgorithm, iaik.asn1.structures.AlgorithmID signatureAlgorithm, java.security.PrivateKey signerKey, iaik.x509.X509Certificate[] signerCerts) Starts the signing demo.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SMimeV4EccDemo

public SMimeV4EccDemo()

Default constructor.

Method Detail

start

public void start()
           throws java.lang.Exception

Starts the demo.

Throws:

java.lang.Exception - if an error occurs

startSigningDemo

public void startSigningDemo(jakarta.mail.Session session,
                             jakarta.activation.DataHandler multipart,
                             iaik.asn1.structures.AlgorithmID digestAlgorithm,
                             iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                             java.security.PrivateKey signerKey,
                             iaik.x509.X509Certificate[] signerCerts)
                      throws java.lang.Exception

Starts the signing demo.

Parameters:

session - the mail session

multipart - the multipart content of the message to be signed

digestAlgorithm - the digest algorithm to be used

signatureAlgorithm - the signature algorithm to be used

signerKey - the private key of the signer

signerCerts - the certificate chain of the signer

Throws:

java.lang.Exception - if an error occurs

startEncryptionDemo

public void startEncryptionDemo(jakarta.mail.Session session,
                                iaik.asn1.structures.AlgorithmID contentEA,
                                int keyLength,
                                iaik.asn1.structures.AlgorithmID keyEA,
                                iaik.asn1.structures.AlgorithmID keyWrapAlgorithm,
                                int kekLength,
                                boolean authEncrypt,
                                iaik.x509.X509Certificate[] recipientCerts)
                         throws java.lang.Exception

Starts the (maybe authenticated) encryption demo.

Parameters:

session - the mail session

contentEA - the content encryption algorithm to be used

keyLength - the length of the secret content encryption key to be created and used

keyEA - the (key agreement) algorithm to use for creating a shared secret key encryption key for encrypting the symmetric key (e.g. AlgorithmID.esdhKeyAgreement)

keyWrapAlgorithm - the key wrap algorithm to be used for encrypting (wrapping) the content-encryption key with the shared key-encryption created according to the requested key agreement protocol

kekLength - the length of the shared key encryption key to be generated

authEncrypt - whether to create an authenticated encrypted message

recipientCerts - the certificates of the recipients

Throws:

java.lang.Exception - if an error occurs

startSigningAndEncryptionDemo

public void startSigningAndEncryptionDemo(jakarta.mail.Session session,
                                          jakarta.activation.DataHandler multipart,
                                          iaik.asn1.structures.AlgorithmID digestAlgorithm,
                                          iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                                          iaik.asn1.structures.AlgorithmID contentEA,
                                          int keyLength,
                                          iaik.asn1.structures.AlgorithmID keyEA,
                                          iaik.asn1.structures.AlgorithmID keyWrapAlgorithm,
                                          int kekLength,
                                          boolean authEncrypt,
                                          java.security.PrivateKey signerKey,
                                          iaik.x509.X509Certificate[] signerCerts,
                                          iaik.x509.X509Certificate[] recipientCerts)
                                   throws java.lang.Exception

Starts the signing + (maybe authenticated) encryption demo.

Parameters:

session - the mail session

multipart - the Multipart content to be signed and encrypted

digestAlgorithm - the digest algorithm to be used for signing

signatureAlgorithm - the signature algorithm to be used

contentEA - the content encryption algorithm to be used

keyLength - the length of the secret content encryption key to be created and used

keyEA - the (key agreement) algorithm to use for creating a shared secret key encryption key for encrypting the symmetric key (e.g. AlgorithmID.esdhKeyAgreement)

keyWrapAlgorithm - the key wrap algorithm to be used for encrypting (wrapping) the content-encryption key with the shared key-encryption created according to the requested key agreement protocol

kekLength - the length of the shared key encryption key to be generated

authEncrypt - whether to create an authenticated encrypted message

signerKey - the private key of the signer

signerCerts - the certificate chain of the signer

recipientCerts - the certificates of the recipients

Throws:

java.lang.Exception - if an error occurs

createMessage

public jakarta.mail.Message createMessage(jakarta.mail.Session session,
                                          java.lang.String subject)
                                   throws jakarta.mail.MessagingException

Creates a MIME message container with the given subject for the given session.

Parameters:

session - the mail sesion

subject - the subject of the message

Returns:

the MIME message with FROM, TO, DATE and SUBJECT headers (without content)

Throws:

jakarta.mail.MessagingException - if the message cannot be created

createSignedMessage

public jakarta.mail.Message createSignedMessage(jakarta.mail.Session session,
                                                jakarta.activation.DataHandler dataHandler,
                                                boolean implicit,
                                                iaik.asn1.structures.AlgorithmID digestAlgorithm,
                                                iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                                                java.security.PrivateKey signerKey,
                                                iaik.x509.X509Certificate[] signerCertificates)
                                         throws jakarta.mail.MessagingException

Creates a signed message.

Parameters:

session - the mail session

dataHandler - the content of the message to be signed

implicit - whether to use implicit (application/pkcs7-mime) or explicit (multipart/signed) signing

digestAlgorithm - the digest algorithm to be used

signatureAlgorithm - the signature algorithm to be used

signerKey - the private key of the signer

signerCertificates - the certificate chain of the signer

Returns:

the signed message

Throws:

jakarta.mail.MessagingException - if an error occurs when creating the message

createEncryptedMessage

public jakarta.mail.Message createEncryptedMessage(jakarta.mail.Session session,
                                                   iaik.asn1.structures.AlgorithmID contentEA,
                                                   int keyLength,
                                                   iaik.asn1.structures.AlgorithmID keyEA,
                                                   iaik.asn1.structures.AlgorithmID keyWrapAlgorithm,
                                                   int kekLength,
                                                   boolean authEncrypt,
                                                   iaik.x509.X509Certificate[] recipientCerts)
                                            throws jakarta.mail.MessagingException

Creates an (maybe authenticated) encrypted message.

Parameters:

session - the mail session

contentEA - the content encryption algorithm to be used

keyLength - the length of the secret content encryption key to be created and used

keyEA - the (key agreement) algorithm to use for creating a shared secret key encryption key for encrypting the symmetric key (e.g. AlgorithmID.esdhKeyAgreement)

keyWrapAlgorithm - the key wrap algorithm to be used for encrypting (wrapping) the content-encryption key with the shared key-encryption created according to the requested key agreement protocol

kekLength - the length of the shared key encryption key to be generated

authEncrypt - whether to create an authenticated encrypted message

recipientCerts - the certificates of the recipients

Returns:

the (maybe authenticated) encrypted message

Throws:

jakarta.mail.MessagingException - if an error occurs when creating the message

createSignedAndEncryptedMessage

public jakarta.mail.Message createSignedAndEncryptedMessage(jakarta.mail.Session session,
                                                            iaik.asn1.structures.AlgorithmID digestAlgorithm,
                                                            iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                                                            iaik.asn1.structures.AlgorithmID contentEA,
                                                            int keyLength,
                                                            iaik.asn1.structures.AlgorithmID keyEA,
                                                            iaik.asn1.structures.AlgorithmID keyWrapAlgorithm,
                                                            int kekLength,
                                                            jakarta.activation.DataHandler dataHandler,
                                                            boolean implicit,
                                                            boolean authEncrypt,
                                                            java.security.PrivateKey signerKey,
                                                            iaik.x509.X509Certificate[] signerCerts,
                                                            iaik.x509.X509Certificate[] recipientCerts)
                                                     throws jakarta.mail.MessagingException

Creates a signed and (maybe authenticated) encrypted message.

Parameters:

session - the mail session

digestAlgorithm - the digest algorithm to be used for signing

signatureAlgorithm - the signature algorithm to be used

contentEA - the content encryption algorithm to be used

keyLength - the length of the secret content encryption key to be created and used

keyEA - the (key agreement) algorithm to use for creating a shared secret key encryption key for encrypting the symmetric key (e.g. AlgorithmID.esdhKeyAgreement)

keyWrapAlgorithm - the key wrap algorithm to be used for encrypting (wrapping) the content-encryption key with the shared key-encryption created according to the requested key agreement protocol

kekLength - the length of the shared key encryption key to be generated

dataHandler - the content of the message to be signed and encrypted

implicit - whether to use implicit (application/pkcs7-mime) or explicit (multipart/signed) signing

authEncrypt - whether to create an authenticated encrypted message

signerKey - the private key of the signer

signerCerts - the certificate chain of the signer

recipientCerts - the certificates of the recipients

Returns:

the signed and (maybe authenticated) encrypted message

Throws:

jakarta.mail.MessagingException - if an error occurs when creating the message

main

public static void main(java.lang.String[] argv)
                 throws java.lang.Exception

The main method.

Throws:

java.lang.Exception