iaik.cms

Class IaikCCProvider

java.lang.Object

iaik.cms.SecurityProvider

iaik.cms.IaikProvider

iaik.cms.IaikCCProvider

public class IaikCCProvider
extends IaikProvider

This class implements a CMS SecurityProvider that may be used with the Common Criteria evaluated versions of the IAIK-JCE crypto toolkit. Because raw signature engines have not been subject of the CC evaluation, this SecurityProvider calculates and verifies RSA PKCS#1v1.5 signatures by using a Cipher engine for RSA en/decryption an doing the DigestInfo wrapping/unwrapping outside.

To install this security provider call:

 SecurityProvider.setSecurityProvider(new IaikCCProvider());
 

See Also:

SecurityProvider, IaikProvider

Field Summary

Fields inherited from class iaik.cms.IaikProvider

ALG_SIGNATURE_RAWRSA, ALG_SIGNATURE_RAWRSASSA_PKCS1_V15

Fields inherited from class iaik.cms.SecurityProvider

ALG_CIPHER_RSA, ALG_CIPHER_RSA_DECRYPT, ALG_CIPHER_RSA_ENCRYPT, ALG_CIPHER_RSA_SIGN, ALG_CIPHER_RSA_VERIFY, ALG_DIGEST_MD5, ALG_DIGEST_SHA, ALG_HMAC_MD5, ALG_HMAC_SHA, ALG_KEYEX_DH, ALG_KEYEX_ESDH, ALG_KEYEX_SSDH, ALG_SIGNATURE_RAWDSA, ALG_SIGNATURE_RAWECDSA, ALG_SIGNATURE_RAWECDSA_PLAIN, ALG_SIGNATURE_RAWRSAPSS, ALG_SIGNATURE_SHADSA, CIPHER_DECRYPT, CIPHER_ENCRYPT, CIPHER_NONE, CIPHER_UNWRAP, CIPHER_WRAP, COMPRESS, DECOMPRESS, IMPLEMENTATION_NAME_DSA, IMPLEMENTATION_NAME_ECDSA, IMPLEMENTATION_NAME_ECDSA_PLAIN, IMPLEMENTATION_NAME_PBKDF2, IMPLEMENTATION_NAME_PWRI_KEK, IMPLEMENTATION_NAME_RSA, IMPLEMENTATION_NAME_RSA_OAEP, IMPLEMENTATION_NAME_RSA_PSS, provider_, providerName_, random_, SIGNATURE_NONE, SIGNATURE_SIGN, SIGNATURE_VERIFY

Constructor Summary

Constructors

Constructor and Description
IaikCCProvider() Default Constructor.
IaikCCProvider(boolean installProvider) Creates an IaikCCProvider.

Method Summary

Modifier and Type	Method and Description
byte[]	calculateSignatureFromHash(iaik.asn1.structures.AlgorithmID signatureAlgorithm, iaik.asn1.structures.AlgorithmID digestAlgorithm, java.security.PrivateKey privateKey, byte[] digest) Calculates the signature value for a CMS SignerInfo over the given digest value with the given algorithm using the supplied private key.
boolean	verifySignatureFromHash(iaik.asn1.structures.AlgorithmID signatureAlgorithm, iaik.asn1.structures.AlgorithmID digestAlgorithm, java.security.PublicKey publicKey, byte[] digest, byte[] signatureValue) Verifies the signature value of a CMS SignerInfo object with the given algorithm using the supplied public key.

Methods inherited from class iaik.cms.IaikProvider

calculateSignatureFromSignedAttributes, checkDomainParameters, createSharedKeyEncryptionKey, decryptKey, deriveKey, generateAEADParamSpec, generateAEADParamSpec, generateKey, generateKeyAgreementKeyPair, getAlgorithmParameterSpec, getASN1OriginatorPublicKey, getPBEKey, getSecureRandom, setAEADMac, setIv, turnOffIAIKProviderVersionCheck, unwrapKey, verifySignatureFromSignedAttributes, wrapKey

Methods inherited from class iaik.cms.SecurityProvider

calculateMac, calculateSharedSecret, compress, convertCipherMode, decryptKey, encryptKey, generateGCMParamSpec, generateKey, getAlgorithmParameters, getAlgorithmParameters, getAlgorithmParameters, getAuthCipherEngine, getAuthCipherEngine, getByteArrayAuthCipherEngine, getByteArrayAuthCipherEngine, getByteArrayCipherEngine, getByteArrayCipherEngine, getCipher, getCipher, getCipher, getCipher, getEllipticCurveParameterSpec, getHash, getInputStreamAuthCipherEngine, getInputStreamAuthCipherEngine, getInputStreamCipherEngine, getInputStreamCipherEngine, getInputStreamCompressEngine, getInputStreamHashEngine, getInputStreamMacEngine, getKeyAgreement, getKeyAlgorithmID, getKeyFactory, getKeyGenerator, getKeyGenerator, getKeyGenerator, getKeyLength, getKeyLength, getKeyLength, getKeyPairGenerator, getKeyStore, getMac, getMac, getMaskGenerationAlgorithm, getMessageDigest, getMessageDigest, getMicAlgs, getOriginatorPublicKey, getOutputStreamCompressEngine, getOutputStreamHashEngine, getOutputStreamMacEngine, getProviderName, getSecretKeyFactory, getSecretKeyFactory, getSecurityProvider, getSignature, getSignature, getSignature, getSignature, getSignatureParameters, setSecureRandom, setSecurityProvider, setSignatureParameters, validateDHPublicKey, validateKeyAgreementKey

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

IaikCCProvider

public IaikCCProvider()

Default Constructor. Tries to install the provider IAIK within the JCA framework.

IaikCCProvider

public IaikCCProvider(boolean installProvider)

Creates an IaikCCProvider.

Parameters:

installProvider - whether to install the IAIK provider within the JCA framework or to use it without installing it within the JCE framework

Method Detail

calculateSignatureFromHash

public byte[] calculateSignatureFromHash(iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                                         iaik.asn1.structures.AlgorithmID digestAlgorithm,
                                         java.security.PrivateKey privateKey,
                                         byte[] digest)
                                  throws java.security.NoSuchAlgorithmException,
                                         java.security.InvalidKeyException,
                                         java.security.SignatureException

Calculates the signature value for a CMS SignerInfo over the given digest value with the given algorithm using the supplied private key.

Each SignerInfo included in a CMS SignedData object may calculate the signature value differently depending on the presence of signed attributes:

• If signed attributes are present the signature is calculated over the DER encoding of the signed attributes.
• If signed attributes are NOT present, the signature is calculated over the content data itsself.

This method is called by class SignerInfo for calculating the signature when no signed attributes are present. Since the data to be signed may be of arbitrary size this method expects the already hashed data to only calculate the signature value on it (for instance, by doing the digest encrypting when using RSA for signing).

For that reason, when writing your own SecurityProvider and overriding this method, you will need some kind of RAW signature (respectively digest encryption) mechanism only expecting the already hashed data (e.g. a "RawDSA" signature engine when using DSA repectively a Cipher engine when using RSA).

If you want to override this method for use with smartcards, please be sure that your smartcard is able to do the signature (respectively digest encryption) operation only. However, if your smartcard requires to supply the whole data for doing the hash calcualtion itself, you may ensure that your SignerInfo contains signed attributes and override method calculateSignatureFromSignedAttributes for calculating the signature over the DER encoding of the signed attributes (thereby doing the hash computation, too).

Overrides:

calculateSignatureFromHash in class IaikProvider

Parameters:

signatureAlgorithm - signatureAlgorithm the signature algorithm to be used, e.g. rsaEncryption, DSA

digestAlgorithm - the digest algorithm used for hash computation (e.g. SHA-1, ..., SHA-512); may be necessary for some signature schemes (e.g. to be included as a DigestInfo in a PKCS#1 RSA signature)

privateKey - the private key of the signer (i.e. the one supplied when creating a SignerInfo object; may be some kind of "dummy" key when used for smartcards

digest - the digest value over which the signature shall be calculated

Returns:

the signature value calculated from the given digest value

Throws:

java.security.NoSuchAlgorithmException - if any of the required algorithms is not supported

java.security.InvalidKeyException - if the key is not valid

java.security.SignatureException - if signature verification fails because of some crypto related error

verifySignatureFromHash

public boolean verifySignatureFromHash(iaik.asn1.structures.AlgorithmID signatureAlgorithm,
                                       iaik.asn1.structures.AlgorithmID digestAlgorithm,
                                       java.security.PublicKey publicKey,
                                       byte[] digest,
                                       byte[] signatureValue)
                                throws java.security.NoSuchAlgorithmException,
                                       java.security.InvalidKeyException,
                                       java.security.SignatureException

Verifies the signature value of a CMS SignerInfo object with the given algorithm using the supplied public key.

Each SignerInfo included in a CMS SignedData object may calculate the signature value differently depending on the presence of signed attributes:

• If signed attributes are present the signature is calculated over the DER encoding of the signed attributes. For verifying the signature first a hash over the data content has to be compared with the signed MessageDigest attribute. Second the signature value has to be verified against a hash independently computed over the DER encoding of the signed attributes.
• If signed attributes are NOT present, the signature is calculated over the content data itsself. For verifying the signature the signature value has to be verified against a hash independently computed over the content data.

This method is called by class SignerInfo for verifying the signature when no signed attributes are present. Since the data to be verified may be of arbitrary size this method expects the already hashed data to only be verified against the signature value.

For that reason, when writing your own SecurityProvider and overriding this method, you will need some kind of RAW signature (respectively "encrypted digest decryption") mechanism only expecting the already hashed data (e.g. a "RawDSA" signature engine when using DSA repectively a Cipher engine when using RSA).

Although generally for public key operations smartcards may not be used, when overriding this method for use with smartcards, please be sure that your smartcard is able to do the signature verification operation only. However, if your smartcard requires to supply the whole data for doing the hash calcualtion itself, you may ensure that your SignerInfo contains signed attributes and override method verifySignatureFromSignedAttributes for verifying the signature calculated from the DER encoding of the signed attributes (thereby doing the hash computation, too).

Overrides:

verifySignatureFromHash in class IaikProvider

Parameters:

signatureAlgorithm - signatureAlgorithm the signature algorithm to be used for verification, e.g. rsaEncryption, DSA

digestAlgorithm - the digest algorithm that has been used for hash computation (e.g. SHA-1, ..., SHA-512); may be necessary for some signature schemes (e.g. to be check against a DigestInfo in a PKCS#1 RSA signature)

publicKey - the public key of the signer

digest - the digest value to be verified

signatureValue - the signatureValue the signature value to be verified

Returns:

true if the signature is ok, false if not

Throws:

java.security.NoSuchAlgorithmException - if any of the required algorithms is not supported

java.security.InvalidKeyException - if the key is not valid

java.security.SignatureException - if signature verification fails because of some crypto related or parsing error