iaik.cms

Class SecurityProvider

java.lang.Object

iaik.cms.SecurityProvider

Direct Known Subclasses:

IaikProvider

public class SecurityProvider
extends java.lang.Object

This class centralizes all cryptographic operations used for CMS.

With this class IAIK-CMS adopts the SecurityProvider model introduced by IAIK´s SSL implementation iSaSiLk . The SecurityProvider model used here is similar to that of iSaSiLk except for a the following changes:

• Because of the high dependence of CMS no ASN.1, IAIK-CMS makes use of the ASN.1 library of IAIK-JCE; so it cannot be used without having IAIK-JCE in the classpath (which does not necessarily mean to have to use (all the) the cryptographic engines provided by IAIK-JCE; i.e. any cryptographic task may be performed by any proper cryptography provider supporting the required engine).
• Since CMS certificate handling requires access to certificate properties not supported by the JCA cert API, any X.509 public key certficate used for IAIK-CMS has to be supplied as iaik.x509.X509Certficate, and any attribute certificate has to be supplied as iaik.x509.attr.AttributeCertificate. An application wishing to use certficates from other providers may use methods convertCertificateChain and convertAttributeCertificateChain for converting them into the IAIK X.509 representation before using them with IAIK-CMS.
• Most of the getEngine methods of this SecurityProvider does not specify the requested engine by its name; rather the engines are requested by its AlgorithmIDs as used with CMS
• Wheras iSaSiLk consults the SecurityProvider for getting the required -- if necessary -- initialized engine and subsequently performs the cryptographic operation on the engine itself, IAIK-CMS -- where appropriate -- allows the SecurityProvider to do the whole cryptographic task. This shall give an SecurityProvider implementing application more independence in how to perform the cryptographic operation (when, for instance, allowing the SecurityProvider to calcualte a RSA signature value, the specific SecurityProvider implementation itself may decide to use a Cipher or Signature engine or any other way to get the Signature value (e.g. from a Smartcard). This concept provides more flexibility, but sometimes may require some knowledge about the way the CMS protocol expects a cryptographic operation has to be performed.

This class is the main class of the IAIK-CMS SecurityProvider model. It itself provides default implementations of all cryptographic operations required by CMS, expect for Ephemeral Static Diffie Hellman. Unfortunately there is no general way to initialize a KeyPairGenerator with algorithm parameters as required when creating a originator ESDH key pair with domain parameters matching to those of the recipient´s public key. So the default implementation of method generateKeyAgreementKeyPair(AlgorithmID keyAgreeAlgorithm, PublicKey otherKey) has to throw an exception and has to be implemented if using another cryptographic provider than IAIK.

With class IaikProviderIAIK-CMS contains an SecurityProvider implemention for the IAIK cryptography provider of the crypto toolkit IAIK-JCE. Please note the difference: The IAIK provider is a JCA/JCE cryptography provider supplying cryptographic engines; Class IaikProvider is an IAIK-CMS SecurityProvider implementation that makes the cryptographic engines of the IAIK JCA/JCE cyrptography provider available for IAIK-CMS.

Per default IAIK-CMS is configured to look if the IAIK cryptography provider is available. If yes, it uses the IaikProvider as SecurityProvider. If not it uses an instance of this class. So if you want to use the IAIK provider you do not have to make any care about the SecurityProvider setting. However, if you do not want to use the IAIK provider for some reasons (e.g. you require a specific, e.g. smartcard depending, handling for some tasks) you have to options:

1. Use the default SecurityProvider implementation this class provides by setting it as SecurityProvider to be used:

    SecurityProvider.setSecurityProvider(new SecurityProvider());
    

2. Implementing your own SecurityProvider for the required cryptographic tasks and installing it as SecurityProvider to be used:

    
         MySecurityProvider mySecurityProvider = ...;
         SecurityProvider.setSecurityProvider(mySecurityProvider);
         
    

If choosing the second option from above basically you may follow one of two ways for implementing your own SecurityProvider:

1. You want to mainly use the IAIK JCE as a cryptography provider and use another provider just for a few algorithms. For example, you want to use a smartcard requiring a particular handling for RSA signature calculatuion.
2. You do not want to use the IAIK JCE at all and use only some other provider.

In the first case the easiest thing to do is to subclass the IaikProvider class, e.g.:

 public class MySecurityProvider extends IaikProvider {
 
 protected byte[] calculateSignatureFromSignedAttributes(AlgorithmID signatureAlgorithm, 
      AlgorithmID digestAlgorithm, PrivateKey privateKey, byte[] signedAttributes) 
      throws Exception {
  
      // get the implementation name: RSA? (note that CMS indicates rsaEncryption as Signature algorithm)
      String implementationName = signatureAlgorithm.getImplementationName();
      if (implementationName == IMPLEMENTATION_NAME_RSA) {
        // let the smartcard calculate the signature value
        byte[] signatureValue = ...;
      } else {
        return super.calculateSignatureFromSignedAttributes(signatureAlgorithm, 
          digestAlgorithm, privateKey, signedAttributes);
      } 
    }}
 
 

In the second case, i.e. you want to use a different provider alltogether and not use the IAIK JCE at all (for whatever reason ;-) it will be easiest to start with the SecurityProvider class and override those methods where you cannot use the default implementation.

See Also:

IaikProvider

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	ALG_CIPHER_RSA Constant string RSA/ECB/PKCS1Padding.
static java.lang.String	ALG_CIPHER_RSA_DECRYPT Constant string RSA/ECB/PKCS1Padding/Decrypt.
static java.lang.String	ALG_CIPHER_RSA_ENCRYPT Constant string RSA/ECB/PKCS1Padding/Encrypt.
static java.lang.String	ALG_CIPHER_RSA_SIGN Constant string RSA/ECB/PKCS1Padding/Sign.
static java.lang.String	ALG_CIPHER_RSA_VERIFY Constant string RSA/ECB/PKCS1Padding/Verify.
static java.lang.String	ALG_DIGEST_MD5 Constant string MD5.
static java.lang.String	ALG_DIGEST_SHA Constant string SHA.
static java.lang.String	ALG_HMAC_MD5 Constant string HmacMD5.
static java.lang.String	ALG_HMAC_SHA Constant string HmacSHA1.
static java.lang.String	ALG_KEY_EC Constant string EC.
static java.lang.String	ALG_KEY_ECDSA Constant string ECDSA.
static java.lang.String	ALG_KEYEX_COFACTOR_ECDH Constant string cofactorECDH; identifies the 'modifed' (aka: cofactor) Elliptic Curve Diffie Hellman Primitive as defined in ANSI X9.63-2001 Section 5.4.1.
static java.lang.String	ALG_KEYEX_DH Constant string DH
static java.lang.String	ALG_KEYEX_ESDH Constant string ESDH
static java.lang.String	ALG_KEYEX_STD_ECDH Constant string stdECDH; identifies the 'standard' Elliptic Curve Diffie Hellman Primitive as defined in ANSI X9.63-2001 Section 5.4.1.
static java.lang.String	ALG_SIGNATURE_MD5RSA Constant string MD5withRSA.
static java.lang.String	ALG_SIGNATURE_RAWDSA Constant string RawDSA.
static java.lang.String	ALG_SIGNATURE_RAWECDSA Constant string RawECDSA.
static java.lang.String	ALG_SIGNATURE_RAWRSA Constant string NONEwithRSA.
static java.lang.String	ALG_SIGNATURE_RAWRSAPSS Constant string RawRSA-PSS.
static java.lang.String	ALG_SIGNATURE_SHADSA Constant string SHA1withDSA.
static int	CIPHER_DECRYPT Constant for a cipher object which is to be initialized for decryption.
static int	CIPHER_ENCRYPT Constant for a cipher object which is to be initialized for encryption.
static int	CIPHER_NONE Constant for a cipher object which is not to be initialized.
static int	CIPHER_UNWRAP Constant for a cipher object which is to be initialized for decryption.
static int	CIPHER_WRAP Constant for a cipher object which is to be initialized for key wrap.
static java.lang.String	IMPLEMENTATION_NAME_DSA Constant string DSA.
static java.lang.String	IMPLEMENTATION_NAME_ECDSA Constant string ECDSA.
static java.lang.String	IMPLEMENTATION_NAME_RSA Constant string RSA.
protected java.lang.String	providerName The name of the SecurityProvider, if installed.
protected java.lang.String[]	providerNames The names of the JCA security providers used by this SecurityProvider implementation
protected java.security.SecureRandom	random The SecureRandom.
static int	SIGNATURE_NONE Constant for a signature object which is not to be initialized.
static int	SIGNATURE_SIGN Constant for a signature object which is to be initialized for signing.
static int	SIGNATURE_VERIFY Constant for a signature object which is to be initialized for verification.

Constructor Summary

Constructors

Constructor and Description
SecurityProvider() Default constructor.
SecurityProvider(java.lang.String providerName) Constructor specifying the provider to use.
SecurityProvider(java.lang.String[] providerNames) Constructor specifying the JCA cryptographic service providers to be used.

Method Summary

Methods

Modifier and Type	Method and Description
protected byte[]	calculateSignatureFromHash(AlgorithmID signatureAlgorithm, AlgorithmID digestAlgorithm, java.security.PrivateKey privateKey, byte[] digest) Calculates the signature value for a CMS SignerInfo over the given digest value with the given algorithm using the supplied private key.
protected byte[]	calculateSignatureFromSignedAttributes(AlgorithmID signatureAlgorithm, AlgorithmID digestAlgorithm, java.security.PrivateKey privateKey, byte[] signedAttributes) Calculates the signature value for a CMS SignerInfo over the given signed attributes with the given algorithm using the supplied private key.
protected void	checkDomainParameters(java.security.PrivateKey myKey, java.security.PublicKey otherKey) Checks if the given private and public key agreement keys have the same domain parameters.
protected static int	convertCipherMode(int mode) Converts the SecurityProvider Cipher mode to the javax.crypto Cipher mode.
protected javax.crypto.SecretKey	createSharedKeyEncryptionKey(AlgorithmID keyAgreeAlg, java.security.PrivateKey myKey, java.security.PublicKey otherKey, AlgorithmID kea, int kekLength, byte[] ukm, java.lang.String kekName) Create a shared secret key encryption key for the given key agree algorithm.
javax.crypto.SecretKey	decryptKey(byte[] encryptedKey, AlgorithmID kea, java.security.PrivateKey recipientKey) Decrypts the given encrypted content encryption key for a KeyTransRecipientInfo.
byte[]	encryptKey(javax.crypto.SecretKey cek, AlgorithmID kea, java.security.PublicKey recipientKey) Encrypts the given secret content encryption key for a KeyTransRecipientInfo.
protected java.security.KeyPair	generateKeyAgreementKeyPair(AlgorithmID keyAgreeAlgorithm, java.security.PublicKey otherKey) Generates a key pair with same domain parameters of the given public key for the given key agreement method.
java.security.AlgorithmParameters	getAlgorithmParameters(AlgorithmID algorithm) Gets the algorithm parameters from the given AlgorithmID.
protected javax.crypto.Cipher	getCipher(AlgorithmID algorithm, int mode, java.security.Key key, java.security.AlgorithmParameters params) Returns the desired Cipher object for the requested algorithm.
protected javax.crypto.Cipher	getCipher(AlgorithmID algorithm, int mode, java.security.Key key, java.security.spec.AlgorithmParameterSpec params) Returns the desired Cipher object for the requested algorithm.
protected javax.crypto.Cipher	getCipher(java.lang.String algorithm, int mode, java.security.Key key, java.security.AlgorithmParameters params) This method returns the desired Cipher object.
protected javax.crypto.KeyAgreement	getKeyAgreement(AlgorithmID keyAgreementAlgorithm, java.security.Key key, java.security.spec.AlgorithmParameterSpec paramSpec) This method returns the desired KeyAgreement object.
java.security.KeyFactory	getKeyFactory(AlgorithmID algorithm) This method returns the desired KeyFactory object.
javax.crypto.KeyGenerator	getKeyGenerator(AlgorithmID algorithm, int keyLength) Return a KeyGenerator for the requested algorithm.
protected java.security.KeyPairGenerator	getKeyPairGenerator(AlgorithmID algorithm) Return a KeyPairGenerator for the requested algorithm.
protected javax.crypto.Mac	getMac(java.lang.String algorithm, java.security.Key key) This method returns the desired MAC object.
java.security.MessageDigest	getMessageDigest(AlgorithmID algorithm) This method returns the desired MessageDigest object.
AlgorithmID[]	getMicAlgs(java.lang.String micalg) Returns an array of AlgorithmIDs specified by the given micalg String.
java.security.Key	getPBEKey(char[] password, AlgorithmID pbeAlg) Creates secret key from the supplied password using the specified PBE algorithm.
javax.crypto.SecretKeyFactory	getSecretKeyFactory(AlgorithmID algorithm) Return a SecretKeyFactory for the requested algorithm.
java.security.SecureRandom	getSecureRandom() Returns the random number generator.
static SecurityProvider	getSecurityProvider() Returns the active SecurityProvider.
protected java.security.Signature	getSignature(AlgorithmID signatureAlgorithm, int mode, java.security.Key key) This method returns the desired Signature object.
protected java.security.Signature	getSignature(java.lang.String algorithm, int mode, java.security.Key key) This method returns the desired Signature object.
void	setSecureRandom(java.security.SecureRandom random) Sets the random number generator.
static void	setSecurityProvider(SecurityProvider provider) Sets the global SecurityProvider.
protected javax.crypto.SecretKey	unwrapKey(byte[] wrappedCek, AlgorithmID kea, javax.crypto.SecretKey kek, java.security.AlgorithmParameters params, java.lang.String cekAlgName) Unwraps the given wrapped (encrypted) secret content encryption key for a KEKRecipientInfoor KeyAgreeRecipientInfo.
protected boolean	verifySignatureFromHash(AlgorithmID signatureAlgorithm, AlgorithmID digestAlgorithm, java.security.PublicKey publicKey, byte[] digest, byte[] signatureValue) Verifies the signature value of a CMS SignerInfo object with the given algorithm using the supplied public key.
protected boolean	verifySignatureFromSignedAttributes(AlgorithmID signatureAlgorithm, AlgorithmID digestAlgorithm, java.security.PublicKey publicKey, byte[] signedAttributes, byte[] signatureValue) Verifies the signature value of a CMS SignerInfo calculated over the given signed attributes with the given algorithm using the supplied public key.
protected byte[]	wrapKey(javax.crypto.SecretKey cek, AlgorithmID kea, javax.crypto.SecretKey kek, java.security.AlgorithmParameters params) Wraps the given secret content encryption key for a KEKRecipientInfoor KeyAgreeRecipientInfo.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

providerName

protected java.lang.String providerName

The name of the SecurityProvider, if installed.

providerNames

protected java.lang.String[] providerNames

The names of the JCA security providers used by this SecurityProvider implementation

random

protected java.security.SecureRandom random

The SecureRandom.

SIGNATURE_NONE

public static final int SIGNATURE_NONE

Constant for a signature object which is not to be initialized.

See Also:

Constant Field Values

SIGNATURE_SIGN

public static final int SIGNATURE_SIGN

Constant for a signature object which is to be initialized for signing.

See Also:

Constant Field Values

SIGNATURE_VERIFY

public static final int SIGNATURE_VERIFY

Constant for a signature object which is to be initialized for verification.

See Also:

Constant Field Values

CIPHER_NONE

public static final int CIPHER_NONE

Constant for a cipher object which is not to be initialized.

See Also:

Constant Field Values

CIPHER_ENCRYPT

public static final int CIPHER_ENCRYPT

Constant for a cipher object which is to be initialized for encryption.

See Also:

Constant Field Values

CIPHER_DECRYPT

public static final int CIPHER_DECRYPT

Constant for a cipher object which is to be initialized for decryption.

See Also:

Constant Field Values

CIPHER_WRAP

public static final int CIPHER_WRAP

Constant for a cipher object which is to be initialized for key wrap.

See Also:

Constant Field Values

CIPHER_UNWRAP

public static final int CIPHER_UNWRAP

Constant for a cipher object which is to be initialized for decryption.

See Also:

Constant Field Values

IMPLEMENTATION_NAME_DSA

public static final java.lang.String IMPLEMENTATION_NAME_DSA

Constant string DSA. Implementation name of the DSA Signature engine

See Also:

Constant Field Values

IMPLEMENTATION_NAME_ECDSA

public static final java.lang.String IMPLEMENTATION_NAME_ECDSA

Constant string ECDSA. Implementation name of the ECDSA Signature engine

See Also:

Constant Field Values

IMPLEMENTATION_NAME_RSA

public static final java.lang.String IMPLEMENTATION_NAME_RSA

Constant string RSA. Implementation name of the RSA Cipher engine

See Also:

Constant Field Values

ALG_DIGEST_MD5

public static final java.lang.String ALG_DIGEST_MD5

Constant string MD5. Used by the library with getMessageDigest().

ALG_DIGEST_SHA

public static final java.lang.String ALG_DIGEST_SHA

Constant string SHA. Used by the library with getMessageDigest().

ALG_HMAC_MD5

public static final java.lang.String ALG_HMAC_MD5

Constant string HmacMD5. Used by the library with getMac().

See Also:

Constant Field Values

ALG_HMAC_SHA

public static final java.lang.String ALG_HMAC_SHA

Constant string HmacSHA1. Used by the library with getMac().

See Also:

Constant Field Values

ALG_SIGNATURE_SHADSA

public static final java.lang.String ALG_SIGNATURE_SHADSA

Constant string SHA1withDSA. Used by the library with getSignature().

See Also:

Constant Field Values

ALG_SIGNATURE_RAWDSA

public static final java.lang.String ALG_SIGNATURE_RAWDSA

Constant string RawDSA. Used by the library with getSignature().

See Also:

Constant Field Values

ALG_SIGNATURE_RAWRSA

public static final java.lang.String ALG_SIGNATURE_RAWRSA

Constant string NONEwithRSA. Used by the library with getSignature().

See Also:

Constant Field Values

ALG_SIGNATURE_RAWECDSA

public static final java.lang.String ALG_SIGNATURE_RAWECDSA

Constant string RawECDSA. Used by the library with getSignature().

See Also:

Constant Field Values

ALG_SIGNATURE_RAWRSAPSS

public static final java.lang.String ALG_SIGNATURE_RAWRSAPSS

Constant string RawRSA-PSS. Used by the library with getSignature().

See Also:

Constant Field Values

ALG_SIGNATURE_MD5RSA

public static final java.lang.String ALG_SIGNATURE_MD5RSA

Constant string MD5withRSA. Used by the library with getSignature().

See Also:

Constant Field Values

ALG_KEYEX_DH

public static final java.lang.String ALG_KEYEX_DH

Constant string DH

See Also:

Constant Field Values

ALG_KEYEX_ESDH

public static final java.lang.String ALG_KEYEX_ESDH

Constant string ESDH

See Also:

Constant Field Values

ALG_KEY_EC

public static final java.lang.String ALG_KEY_EC

Constant string EC.

See Also:

Constant Field Values

ALG_KEY_ECDSA

public static final java.lang.String ALG_KEY_ECDSA

Constant string ECDSA.

See Also:

Constant Field Values

ALG_KEYEX_STD_ECDH

public static final java.lang.String ALG_KEYEX_STD_ECDH

Constant string stdECDH; identifies the 'standard' Elliptic Curve Diffie Hellman Primitive as defined in ANSI X9.63-2001 Section 5.4.1.

See Also:

Constant Field Values

ALG_KEYEX_COFACTOR_ECDH

public static final java.lang.String ALG_KEYEX_COFACTOR_ECDH

Constant string cofactorECDH; identifies the 'modifed' (aka: cofactor) Elliptic Curve Diffie Hellman Primitive as defined in ANSI X9.63-2001 Section 5.4.1.

See Also:

Constant Field Values

ALG_CIPHER_RSA

public static final java.lang.String ALG_CIPHER_RSA

Constant string RSA/ECB/PKCS1Padding. This string is NOT used with getCipher(), but it is the prefix of all RSA algorithm identifier strings (see below). The different identifiers were chosen to simplify using a particular RSA implementation just one of these operations. For example, to implement RSA client authentication on a smartcard one will only care about signature creation operations and will want to leave all other operations to the standard implementation. This can easily be done by checking for the String ALG_CIPHER_RSA_SIGN only.

If you write your own security provider that does nothing like this you will typically use code like:

 
 if( algorithm.startsWith(ALG_CIPHER_RSA) ) { algorithm = ALG_CIPHER_RSA; }
 return Cipher.getInstance(algorithm, "MyProvider");
 
 

See Also:

Constant Field Values

ALG_CIPHER_RSA_SIGN

public static final java.lang.String ALG_CIPHER_RSA_SIGN

Constant string RSA/ECB/PKCS1Padding/Sign. Used by the library with getCipher() to indicate an RSA signature creation operation (private key encryption).

See Also:

Constant Field Values

ALG_CIPHER_RSA_VERIFY

public static final java.lang.String ALG_CIPHER_RSA_VERIFY

Constant string RSA/ECB/PKCS1Padding/Verify. Used by the library with getCipher() to indicate an RSA signature verification operation (public key decryption).

See Also:

Constant Field Values

ALG_CIPHER_RSA_ENCRYPT

public static final java.lang.String ALG_CIPHER_RSA_ENCRYPT

Constant string RSA/ECB/PKCS1Padding/Encrypt. Used by the library with getCipher() to indicate an RSA data encryption operation (public key encryption).

See Also:

Constant Field Values

ALG_CIPHER_RSA_DECRYPT

public static final java.lang.String ALG_CIPHER_RSA_DECRYPT

Constant string RSA/ECB/PKCS1Padding/Decrypt. Used by the library with getCipher() to indicate an RSA data decryption operation (private key decryption).

See Also:

Constant Field Values

Constructor Detail

SecurityProvider

public SecurityProvider()

Default constructor.

SecurityProvider

public SecurityProvider(java.lang.String providerName)

Constructor specifying the provider to use.

Parameters:

providerName - the name of the provider

SecurityProvider

public SecurityProvider(java.lang.String[] providerNames)

Constructor specifying the JCA cryptographic service providers to be used.

Whan an algorithm is requested, it is requested from these providers in the order in which they are presented.

Parameters:

providerNames - the JCA cryptographic service provider names

Method Detail

getSecurityProvider

public static SecurityProvider getSecurityProvider()

Returns the active SecurityProvider. If no provider has been set explicitly using setSecurityProvider() and the IAIK JCE is available this will be the IaikProvider, otherwise it is an instance of this class.

NOTE that the SecurityProvider setting is global.

Returns:

the installed SecurityProvider

setSecurityProvider

public static void setSecurityProvider(SecurityProvider provider)

Sets the global SecurityProvider.

NOTE that the SecurityProvider setting is global.

Parameters:

provider - the SecurityProvider which shall be used

getMessageDigest

public java.security.MessageDigest getMessageDigest(AlgorithmID algorithm)
                                             throws java.security.NoSuchAlgorithmException

This method returns the desired MessageDigest object.

Parameters:

algorithm - the AlgorithmID of the requested digest algorithm

Returns:

the requested MessageDigest engine

Throws:

java.security.NoSuchAlgorithmException - if no MessageDigest engine is available for the requested algorithm

getMac

protected javax.crypto.Mac getMac(java.lang.String algorithm,
                      java.security.Key key)
                           throws java.lang.Exception

This method returns the desired MAC object.

Parameters:

algorithm - the name of the Mac algorithm

key - the key, if not null to be used for initializing the Mac object

Returns:

the requested Mac engine

Throws:

java.lang.Exception - if the key is not valid or no Mac engine is available for the requested algorithm

getSignature

protected java.security.Signature getSignature(java.lang.String algorithm,
                                   int mode,
                                   java.security.Key key)
                                        throws java.lang.Exception

This method returns the desired Signature object. If the mode parameter is SIGNATURE_SIGN or SIGNATURE_VERIFY the signature object has to be initialized with the provided key in the respective mode.

Parameters:

algorithm - the name of the Signature algorithm

mode - the mode indicating if the engine has to be initialized

key - the key for initializing the Signature engine

Returns:

the (if requested initialized) Signature engine

Throws:

java.lang.Exception - if the key is not valid or no Signature engine is available for the requested algorithm

getSignature

protected java.security.Signature getSignature(AlgorithmID signatureAlgorithm,
                                   int mode,
                                   java.security.Key key)
                                        throws java.lang.Exception

This method returns the desired Signature object. If the mode parameter is SIGNATURE_SIGN or SIGNATURE_VERIFY the signature object is to be initialized with the provided key in the respective mode.

Parameters:

signatureAlgorithm - the AlgorithmID of the Signature algorithm

mode - the mode indicating if the engine has to be initialized

key - the key for initializing the Signature engine

Returns:

the (if requested initialized) Signature engine

Throws:

java.lang.Exception - if the key is not valid or no Signature engine is available for the requested algorithm

getKeyAgreement

protected javax.crypto.KeyAgreement getKeyAgreement(AlgorithmID keyAgreementAlgorithm,
                                        java.security.Key key,
                                        java.security.spec.AlgorithmParameterSpec paramSpec)
                                             throws java.lang.Exception

This method returns the desired KeyAgreement object.

Parameters:

keyAgreementAlgorithm - the algorithmID of the key agreement algorithm requested

key - the (private) key for initializing the KeyAgreement

paramSpec - any parameters used for intializing the key agreement

Returns:

the initialized KeyAgreement engine

Throws:

java.lang.Exception - if the key or the parameters are not valid, or no KeyAgreement engine is available for the requested algorithm

calculateSignatureFromSignedAttributes

protected byte[] calculateSignatureFromSignedAttributes(AlgorithmID signatureAlgorithm,
                                            AlgorithmID digestAlgorithm,
                                            java.security.PrivateKey privateKey,
                                            byte[] signedAttributes)
                                                 throws java.lang.Exception

Calculates the signature value for a CMS SignerInfo over the given signed attributes with the given algorithm using the supplied private key.

Each SignerInfoincluded in a CMS SignedData object may calculate the signature value differently depending on the presence of signed attributes:

• If signed attributes are present the signature is calculated over the DER encoding of the signed attributes.
• If signed attributes are NOT present, the signature is calculated over the content data itsself.

This method is called by class SignerInfofor calculating the signature when signed attributes are present.

When writing your own SecurityProvider and overriding this method, be aware that only the -- yet NOT hashed -- DER encoding of the signed attributes is supplied to this method. For that reason this method can be overriden for use with smartcards requiring to do the digest calculation theirselves: ensure that your iaik.cms.SignerInfoSignerInfo contains signed attributes and override this method in a way to pass the given DER encoding of the signed attributes to your smartcard for doing the signature (and digest) calculation.

Since this method requires to calculate the digest value over the DER encoded signed attributes as part of the signature calculation, it uses a ordinary JCA Signature engine.

Parameters:

signatureAlgorithm - signatureAlgorithm the signature algorithm to be used, e.g. rsaEncryption, DSA

digestAlgorithm - the digest algorithm to be used for hash computation (e.g. SHA-1 or MD5); may be necessary for some signature schemes (e.g. to be included as a DigestInfo in a PKCS#1 RSA signature)

privateKey - the private key of the signer (i.e. the one supplied when creating a SignerInfoobject; may be some kind of "dummy" key when used for smartcards

signedAttributes - the DER encoding of the signed attributes over which the signature shall be calculated

Returns:

the signature value calculated from the given DER encoded signed attributes

Throws:

java.lang.Exception - if the key is not valid, the signature cannot be created, or no Signature engine is available for the requested algorithm

calculateSignatureFromHash

protected byte[] calculateSignatureFromHash(AlgorithmID signatureAlgorithm,
                                AlgorithmID digestAlgorithm,
                                java.security.PrivateKey privateKey,
                                byte[] digest)
                                     throws java.lang.Exception

Calculates the signature value for a CMS SignerInfo over the given digest value with the given algorithm using the supplied private key.

Each SignerInfoincluded in a CMS SignedData object may calculate the signature value differently depending on the presence of signed attributes:

• If signed attributes are present the signature is calculated over the DER encoding of the signed attributes.
• If signed attributes are NOT present, the signature is calculated over the content data itsself.

This method is called by class SignerInfofor calculating the signature when no signed attributes are present. Since the data to be signed may be of arbitrary size this method expects the already hashed data to only calculate the signature value on it (for instance, by doing the digest encrypting when using RSA for signing).

For that reason, when writing your own SecurityProvider and overriding this method, you will need some kind of RAW signature (respectively digest encryption) mechanism only expecting the already hashed data (e.g. a "RawDSA" signature engine when using DSA repectively a Cipher engine when using RSA).

If you want to override this method for use with smartcards, please be sure that your smartcard is able to do the signature (respectively digest encryption) operation only. However, if your smartcard requires to supply the whole data for doing the hash calcualtion itself, you may ensure that your SignerInfocontains signed attributes and override method calculateSignatureFromSignedAttributes for calculating the signature over the DER encoding of the signed attributes (thereby doing the hash computation, too).

Parameters:

signatureAlgorithm - signatureAlgorithm the signature algorithm to be used, e.g. rsaEncryption, DSA

digestAlgorithm - the digest algorithm used for hash computation (e.g. SHA-1 or MD5); may be necessary for some signature schemes (e.g. to be included as a DigestInfo in a PKCS#1 RSA signature)

privateKey - the private key of the signer (i.e. the one supplied when creating a SignerInfoobject; may be some kind of "dummy" key when used for smartcards

digest - the digest value over which the signature shall be calculated

Returns:

the signature value calculated from the given digest value

Throws:

java.lang.Exception - if the key is not valid, the signature cannot be created, or no Signature engine is available for the requested algorithm

verifySignatureFromSignedAttributes

protected boolean verifySignatureFromSignedAttributes(AlgorithmID signatureAlgorithm,
                                          AlgorithmID digestAlgorithm,
                                          java.security.PublicKey publicKey,
                                          byte[] signedAttributes,
                                          byte[] signatureValue)
                                               throws java.lang.Exception

Verifies the signature value of a CMS SignerInfo calculated over the given signed attributes with the given algorithm using the supplied public key.

Each SignerInfoincluded in a CMS SignedData object may calculate the signature value differently depending on the presence of signed attributes:

• If signed attributes are present the signature is calculated over the DER encoding of the signed attributes. For verifying the signature first a hash over the data content has to be compared with the signed MessageDigest attribute. Second the signature value verified against a hash independently computed over the DER encoding of the signed attributes.
• If signed attributes are NOT present, the signature is calculated over the content data itself. For verifying the signature the signature value verified against a hash independently computed over the content data.

This method is called by class SignerInfofor verifying the signature when no signed attributes are present.

When writing your own SecurityProvider and overriding this method, be aware that only the -- yet NOT hashed -- DER encoding of the signed attributes is supplied to this method. Although generally for public key operations smartcards may not be used, this method can be overriden for use with smartcards requiring to do the digest calculation theirselves: ensure that your SignerInfocontains signed attributes and override this method in a way to pass the given DER encoding of the signed attributes to your smartcard for doing the signature verification (including any digest calculation required).

Since this method requires to calculate the digest value over the DER encoded signed attributes as part of the signature verification, it uses a oridinary JCA Signature engine.

Parameters:

signatureAlgorithm - signatureAlgorithm the signature algorithm to be used, e.g. rsaEncryption, DSA

digestAlgorithm - the digest algorithm to be used for hash computation (e.g. SHA-1 or MD5);

publicKey - the public key of the signer

signedAttributes - the DER encoding of the signed attributes over which the signature has been calculated

Returns:

true if the signature is ok, false if not

Throws:

java.lang.Exception - if any kind of exception occurs during signature verification (e.g. NoSuchProviderException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException, SignatureException)

verifySignatureFromHash

protected boolean verifySignatureFromHash(AlgorithmID signatureAlgorithm,
                              AlgorithmID digestAlgorithm,
                              java.security.PublicKey publicKey,
                              byte[] digest,
                              byte[] signatureValue)
                                   throws java.lang.Exception

Verifies the signature value of a CMS SignerInfo object with the given algorithm using the supplied public key.

Each SignerInfoincluded in a CMS SignedData object may calculate the signature value differently depending on the presence of signed attributes:

• If signed attributes are present the signature is calculated over the DER encoding of the signed attributes. For verifying the signature first a hash over the data content has to be compared with the signed MessageDigest attribute. Second the signature value verified against a hash independently computed over the DER encoding of the signed attributes.
• If signed attributes are NOT present, the signature is calculated over the content data itsself. For verifying the signature the signature value verified against a hash independently computed over the content data.

This method is called by class SignerInfofor verifying the signature when no signed attributes are present. Since the data to be verified may be of arbitrary size this method expects the already hashed data to only be verified against the signature value.

For that reason, when writing your own SecurityProvider and overriding this method, you will need some kind of RAW signature (respectively "encrypted digest decryption") mechanism only expecting the already hashed data (e.g. a "RawDSA" signature engine when using DSA repectively a Cipher engine when using RSA).

Although generally for public key operations smartcards may not be used, when overriding this method for use with smartcards, please be sure that your smartcard is able to do the signature verification operation only. However, if your smartcard requires to supply the whole data for doing the hash calcualtion itself, you may ensure that your iaik.cms.SignerInfoSignerInfo contains signed attributes and override method verifySignatureFromSignedAttributes for verifying the signature calculated from the DER encoding of the signed attributes (thereby doing the hash computation, too).

Parameters:

signatureAlgorithm - signatureAlgorithm the signature algorithm to be used for verification, e.g. rsaEncryption, DSA

digestAlgorithm - the digest algorithm that has been used for hash computation (e.g. SHA-1 or MD5); may be necessary for some signature schemes (e.g. to be check against a DigestInfo in a PKCS#1 RSA signature)

publicKey - the public key of the signer

digest - the digest value to be verified

Returns:

true if the signature is ok, false if not

Throws:

java.lang.Exception - if any kind of exception occurs during signature verification (e.g. NoSuchProviderException, NoSuchAlgorithmException (if another signature algorithm than PKCS#1 RSA, DSA or ECDSA is requested), BadPaddingException, InvalidKeyException, SignatureException)

encryptKey

public byte[] encryptKey(javax.crypto.SecretKey cek,
                AlgorithmID kea,
                java.security.PublicKey recipientKey)
                  throws java.lang.Exception

Encrypts the given secret content encryption key for a KeyTransRecipientInfo.

CMS EnvelopedData uses the KeyTransRecipientInfo type for encrypting the secret content encryption key with the public key of the recipient. Currently in general RSA PKCS#1v1.5 is used for key transport. RSA-OAEP is also supported. If rsaEncryption is requested as key encryption algorithm this method uses a RSA Cipher ("RSA/ECB/PKCS1Padding/Encrypt") for encrypting the key. If any other algorithm is requested, this method throws a NoSuchAlgorithmException. An application wishing to support another algorithm may override this method.

Parameters:

cek - the secret content encryption key to be encrypted

kea - the key encryption alglorithm to be used, e.g. rsaEncryption

recipientKey - the public key of the recipient to be used for encrypting content encryption key

Returns:

the encrypted content encryption key as byte array

Throws:

java.lang.Exception - if any kind of exception occurs during cek encryption (e.g. NoSuchProviderException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException)

Since:

Entrust 7.0

decryptKey

public javax.crypto.SecretKey decryptKey(byte[] encryptedKey,
                                AlgorithmID kea,
                                java.security.PrivateKey recipientKey)
                                  throws java.lang.Exception

Decrypts the given encrypted content encryption key for a KeyTransRecipientInfo.

CMS EnvelopedData uses the KeyTransRecipientInfo type for encrypting the secret content encryption key with the public key of the recipient. Currently in general RSA PKCS#1v1.5 is used for key transport. RSA-OAEP is also supported. If rsaEncryption is requested as key encryption algorithm this method uses a RSA Cipher ("RSA/ECB/PKCS1Padding/Encrypt") for decrypting the encrypted content encryption key with the supplied private key of the recipient. If any other algorithm requested, this method throws a NoSuchAlgorithmException. An application wishing to support another algorithm may override this method.

Parameters:

encryptedKey - the encrypted content encryption key to be decrypted

kea - the key encryption alglorithm to be used, e.g. rsaEncryption

recipientKey - the private key of the recipient to be used for decrypting the encrypted content encryption key

Returns:

the decrypted content encryption key

Throws:

java.lang.Exception - if any kind of exception occurs during cek encryption (e.g. NoSuchProviderException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException)

getCipher

protected javax.crypto.Cipher getCipher(java.lang.String algorithm,
                            int mode,
                            java.security.Key key,
                            java.security.AlgorithmParameters params)
                                 throws java.lang.Exception

This method returns the desired Cipher object.

The symmetric ciphers shall explain themselves.

RSA/ECB/PKCS1Padding means RSA en/decryption with padding as defined in PKCS#1 1.5 where the padding block type is automatically selected based on the type of key used (block type 1 for signature operations, block type 2 for encryption operations). This cipher will be always used the same way (other methods need not to be implemented!):

 
  Cipher rsa = provider.getCipher("RSA/ECB/PKCS1Padding/...", ...);
  crypted = rsa.doFinal(plain);
  
 

If the mode parameter is CIPHER_ENCRYPT, CIPHER_WRAP CIPHER_DECRYPT, or CIPHER_UNWRAP the cipher object has to be initialized with the provided key in the respective mode.

Parameters:

algorithm - the name of the requested algorithm

mode - the mode indicating if the Cipher has to be initialized

key - the key to be used for initializing the cipher

params - the parameters to be used to initialize the cipher

Returns:

the initialized Cipher object

Throws:

java.lang.Exception - if key or parameters are no valid, a padding error occurs, or no Cipher engine is available for the algorithm in mind

getCipher

protected javax.crypto.Cipher getCipher(AlgorithmID algorithm,
                            int mode,
                            java.security.Key key,
                            java.security.AlgorithmParameters params)
                                 throws java.security.InvalidKeyException,
                                        java.security.NoSuchAlgorithmException,
                                        java.security.InvalidAlgorithmParameterException

Returns the desired Cipher object for the requested algorithm.

If the mode parameter is CIPHER_ENCRYPT, CIPEHER_WRAP,CIPHER_DECRYPT or CIPHER_UNWRAP the cipher object is to be initialized with the provided key and parameters in the respective mode.

If initializing the cipher for encryption/wrapping any parameters used for initializing or produced by the Cipher engine have to be included in the supplied algorithmID, e.g.:

 if ((mode == CIPHER_ENCRYPT) || (mode == CIPHER_WRAP)) {
        AlgorithmParameters parameters = cipher.getParameters();
        if (parameters != null) {
                algorithm.setAlgorithmParameters(parameters);
        }
 }
 

Since getParameters may not be implemented by some particular provider, in this case this methods looks if the cipher produced an IV and includes it into the AlgorithmID (however, only if the AlgorithmID yet does not include parameters):

 if ((mode == CIPHER_ENCRYPT) || (mode == CIPHER_WRAP)) {
        // any parameters to set for the AlgorithmID?
        AlgorithmParameters parameters = cipher.getParameters();
        if (parameters != null) {
                algorithm.setAlgorithmParameters(parameters);
        } else {
                if (algorithm.getParameter() == null) {
                        if (params != null) {
                                algorithm.setAlgorithmParameters(params);
                        } else {
                                // iv?
                                byte[] iv = cipher.getIV();
                                if (iv != null) {
                                        algorithm.setParameter(new OCTET_STRING(iv));
                                }
                        }
                }
        }
 }
 

Parameters:

algorithm - the algorithm for which to create a Cipher engine

mode - the Cipher mode (CIPHER_ENCRYPT, CIPHER_WRAP, CIPHER_DECRYPT, CIPHER_UNWRAP)

key - the key to be used for initializing the cipher

params - any algorithm parameters used for initializing the cipher

Returns:

the already initialized Cipher engine

Throws:

java.security.InvalidKeyException - if the key is not valid

java.security.InvalidAlgorithmParameterException - if the parameters are not valid

java.security.NoSuchAlgorithmException - if no Cipher engine is available for the requested algorithm

getCipher

protected javax.crypto.Cipher getCipher(AlgorithmID algorithm,
                            int mode,
                            java.security.Key key,
                            java.security.spec.AlgorithmParameterSpec params)
                                 throws java.security.InvalidKeyException,
                                        java.security.NoSuchAlgorithmException,
                                        java.security.InvalidAlgorithmParameterException

Returns the desired Cipher object for the requested algorithm.

If the mode parameter is CIPHER_ENCRYPT, CIPEHER_WRAP,CIPHER_DECRYPT or CIPHER_UNWRAP the cipher object is to be initialized with the provided key and parameters in the respective mode.

If initializing the cipher for encryption/wrapping any parameters used for initializing or produced by the Cipher engine have to be included in the supplied algorithmID, e.g.:

 if ((mode == CIPHER_ENCRYPT) || (mode == CIPHER_WRAP)) {
        AlgorithmParameters parameters = cipher.getParameters();
        if (parameters != null) {
                algorithm.setAlgorithmParameters(parameters);
        }
 }
 

Since getParameters may not be implemented by some particular provider, in this case this methods looks if the cipher produced an IV and includes it into the AlgorithmID (however, only if the AlgorithmID yet does not include parameters):

 if ((mode == CIPHER_ENCRYPT) || (mode == CIPHER_WRAP)) {
        // any parameters to set for the AlgorithmID?
        AlgorithmParameters parameters = cipher.getParameters();
        if (parameters != null) {
                algorithm.setAlgorithmParameters(parameters);
        } else {
                if (algorithm.getParameter() == null) {
                        // iv?
                        byte[] iv = cipher.getIV();
                        if (iv != null) {
                                algorithm.setParameter(new OCTET_STRING(iv));
                        }
                }
        }
 }
 

Parameters:

algorithm - the algorithm for which to create a Cipher engine

mode - the Cipher mode (CIPHER_ENCRYPT, CIPHER_WRAP, CIPHER_DECRYPT, CIPHER_UNWRAP)

key - the key to be used for initializing the cipher

params - any algorithm parameters used for initializing the cipher

Returns:

the already initialized Cipher engine

Throws:

java.security.InvalidKeyException - if the key is not valid

java.security.InvalidAlgorithmParameterException - if the parameters are not valid

java.security.NoSuchAlgorithmException - if no Cipher engine is available for the requested algorithm

getKeyPairGenerator

protected java.security.KeyPairGenerator getKeyPairGenerator(AlgorithmID algorithm)
                                                      throws java.security.NoSuchAlgorithmException

Return a KeyPairGenerator for the requested algorithm.

Parameters:

algorithm - the requested algorithm

Returns:

the KeyPairGenerator for the requested algorithm

Throws:

NoSuchSuchAlgorithmException - if no KeyPairGenerator for the requested algorithm is available

java.security.NoSuchAlgorithmException

getKeyGenerator

public javax.crypto.KeyGenerator getKeyGenerator(AlgorithmID algorithm,
                                        int keyLength)
                                          throws java.security.NoSuchAlgorithmException

Return a KeyGenerator for the requested algorithm.

Parameters:

algorithm - the requested algorithm

keyLength - the length of the key to be generated, may be required for algorithms with variable key size

Returns:

the KeyGenerator for the requested algorithm

Throws:

NoSuchSuchAlgorithmException - if no KeyGenerator for the requested algorithm is available

java.security.NoSuchAlgorithmException

getSecretKeyFactory

public javax.crypto.SecretKeyFactory getSecretKeyFactory(AlgorithmID algorithm)
                                                  throws java.security.NoSuchAlgorithmException

Return a SecretKeyFactory for the requested algorithm.

Parameters:

algorithm - the requested algorithm

Returns:

the SecretKeyFactory for the requested algorithm

Throws:

NoSuchSuchAlgorithmException - if no KeyGenerator for the requested algorithm is available

java.security.NoSuchAlgorithmException

getKeyFactory

public java.security.KeyFactory getKeyFactory(AlgorithmID algorithm)
                                       throws java.security.NoSuchAlgorithmException

This method returns the desired KeyFactory object.

Parameters:

algorithm - the name of the algorithm for which to get a KeyFactory

Returns:

the KeyFactory engine

Throws:

java.security.NoSuchAlgorithmException - if no KeyFactory is available for the requested algorithm

wrapKey

protected byte[] wrapKey(javax.crypto.SecretKey cek,
             AlgorithmID kea,
             javax.crypto.SecretKey kek,
             java.security.AlgorithmParameters params)
                  throws java.lang.Exception

Wraps the given secret content encryption key for a KEKRecipientInfoor KeyAgreeRecipientInfo.

The given secret content encryption key is wrapped by encrypting it with the given secret key encryption key using the requested key encryption algorithm. If algorithm parameters are supplied they are used for initializing the key encryption cipher. Attention: If algorithm parameters are to be used (or produced by the cipher) this method has to include them into the parameters field of the supplied key encryption AlgorithmID, too (this only may work if the Cipher engine supports method getParameters.

Parameters:

cek - the secret content encryption key to be wrapped (encrypted)

kea - the key wrap (encryption) alglorithm to be used (eg AlgorithmID.cms_3DES_wrap)

kek - the key encryption key to be used for encrypting the content encryption key

params - any algorithm parameters required for initializing the key encryption cipher

Returns:

the wrapped (encrypted) content encryption key as byte array

Throws:

java.lang.Exception - if any kind of exception occurs during cek encryption (e.g. NoSuchProviderException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException)

unwrapKey

protected javax.crypto.SecretKey unwrapKey(byte[] wrappedCek,
                               AlgorithmID kea,
                               javax.crypto.SecretKey kek,
                               java.security.AlgorithmParameters params,
                               java.lang.String cekAlgName)
                                    throws java.lang.Exception

Unwraps the given wrapped (encrypted) secret content encryption key for a KEKRecipientInfoor KeyAgreeRecipientInfo.

The given wrapped secret content encryption key is unwrapped by decrypting it with the given secret key encryption key using the requested key encryption algorithm. If algorithm parameters are supplied they are used for initializing the key (un)wrapping cipher.

Parameters:

wrappedCek - the wrapped secret content encryption key to be unwrapped (decrypted)

kea - the key (un)wrap (en/decryption) alglorithm to be used (eg AlgorithmID.cms_3DES_wrap)

kek - the key encryption key to be used for decrypting the encrypted content encryption key

params - any algorithm parameters required for initializing the cipher

cekAlgName - the name of the content encryption cipher (required by the unwrap method of a JCE cipher engine)

Returns:

the unwrapped decrypted) content encryption key

Throws:

java.lang.Exception - if any kind of exception occurs during cek decryption (e.g. NoSuchProviderException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException)

createSharedKeyEncryptionKey

protected javax.crypto.SecretKey createSharedKeyEncryptionKey(AlgorithmID keyAgreeAlg,
                                                  java.security.PrivateKey myKey,
                                                  java.security.PublicKey otherKey,
                                                  AlgorithmID kea,
                                                  int kekLength,
                                                  byte[] ukm,
                                                  java.lang.String kekName)
                                                       throws java.lang.Exception

Create a shared secret key encryption key for the given key agree algorithm.

Creating a shared key encryption key is required when a key agreement algorithm is used as key management protocol for the recipient of an EnvelopedData or AuthenticatedData object. The shared key encryption key will be used by an KeyAgreeRecipientInfoto encrypt the secret content encryption key or Mac key.

This method works for Ephemral Static Difiie Hellman (ESDH) and ephemeral-static Elliptic Curve Diffie Hellman (ECDH).

Parameters:

keyAgreeAlg - the key agreement algorithm

myKey - the private key agreement key of the one party

otherKey - the public key agreement key of the other party

kea - the key ancryption algorithm (may be required for kek generation)

kekLength - the length of the shared key encryption key to be generated

ukm - any user keying material that may be required for kek generation

kekName - the name of the key encryption algorithm

Returns:

the shared key encryption key generated

Throws:

java.lang.Exception - if the key cannot be generated for some reason (e.g. no engine for the requested algorithm is available, any of the keys is not valid,...).

checkDomainParameters

protected void checkDomainParameters(java.security.PrivateKey myKey,
                         java.security.PublicKey otherKey)
                              throws java.security.InvalidParameterException

Checks if the given private and public key agreement keys have the same domain parameters.

Only for DH and ECDH keys is there a general way to access the parameters through the JCE API. CMS, however, per default uses ephemeral static DH (ESDH) (EnvelopedData, AuthenticatedData). For also supporting ESDH in a general way this method tries to get the parameters from the key Algorithm IDs and compares their encodings if the supplied keys are not standard JCE DH keys. Since this proceeding involves some encoding - decoding overhead, it might be appropriate to override this method for an ESDH supporting provider (as done for IAIK by the IaikProvider.

Parameters:

myKey - the private key of the first party

otherKey - the public key of the other party

Throws:

InvalidParameterEyception - if domain parameters are included in both keys, but the domain parameters do not match

java.security.InvalidParameterException

generateKeyAgreementKeyPair

protected java.security.KeyPair generateKeyAgreementKeyPair(AlgorithmID keyAgreeAlgorithm,
                                                java.security.PublicKey otherKey)
                                                     throws java.lang.Exception

Generates a key pair with same domain parameters of the given public key for the given key agreement method. Attention: This method ALWAYS throws an exception since there is no general way for initializing a KeyPairGenerator with algorithm parameters. When using a different provider as IAIK this method has to be overriden to create the requested key pair! For the IAIK cryptography provider this method is overriden for (ES)DH key agreement methods to use its (ES)DH KeyPairGenerator which can be initialized with the parameters of the other party´s public key. This provider also supports ECDH key agreement methods

This method is called by the library for creating the originator key pair if the OriginatorPublicKey alternative is used for representing the public key of the originator within a . The public key supplied to this method is the one of the recipient and the key pair returned by this method must have domain parameters matching to those of the given recipient public key. Note that ephemeral static Diffie Hellmean (ESDH) is the default key agreement method used by the CMS types EnvelopedData and AuthenticatedData. According RFC 2630 the OriginatorPublicKey has to be used for representing the public key of the originator if ESDH is used as key agreement algorithm.

Parameters:

keyAgreeAlgorithm - the key agreement algorithm to be used

otherKey - the public key of the other party

Returns:

the originator key pair with domain parameters matching to those of the supplied key of the other party

Throws:

java.lang.Exception - always thrown when calling this method since there is no general way for initializing a KeyPairGenerator with algorithm parameters

getAlgorithmParameters

public java.security.AlgorithmParameters getAlgorithmParameters(AlgorithmID algorithm)
                                                         throws java.lang.Exception

Gets the algorithm parameters from the given AlgorithmID.

Parameters:

algorithm - the AlgorithmID form which to extract the parameters.

Returns:

the algorithm parameters or null if no parameters are included

Throws:

java.lang.Exception - if some error occurs when trying to get the algorithm parameters

getPBEKey

public java.security.Key getPBEKey(char[] password,
                          AlgorithmID pbeAlg)
                            throws java.lang.Exception

Creates secret key from the supplied password using the specified PBE algorithm.

Parameters:

password - the password for creating the secret key

pbeAlg - the PBE algorithm to be used

Returns:

the secret key

Throws:

java.lang.Exception - if the PBE key cannot be created

getSecureRandom

public java.security.SecureRandom getSecureRandom()

Returns the random number generator.

setSecureRandom

public void setSecureRandom(java.security.SecureRandom random)

Sets the random number generator.

Parameters:

random - the secure random to be set

convertCipherMode

protected static int convertCipherMode(int mode)

Converts the SecurityProvider Cipher mode to the javax.crypto Cipher mode.

CIPHER_ENCRYPT --> Cipher.ENCRYPT_MODE CIPHER_DECRYPT --> Cipher.DECRYPT_MODE CIPHER_WRAP --> Cipher.WRAP_MODE CIPHER_UNWRAP --> Cipher.UNWRAP_MODE

Returns:

the java.crypto Cipher mode

getMicAlgs

public AlgorithmID[] getMicAlgs(java.lang.String micalg)

Returns an array of AlgorithmIDs specified by the given micalg String.

The micalg parameter of an multipart/signed message may specify more than only one hash algorithm, separated by commas. This method steps through the algorithm names and tries to get the corresponding AlgorithmIDs.

Note that this method only recognizes following by default used by S/MIMEv3:

• MD5: "md5", "rsa-md5"
• SHA-1: "sha", "sha1", "sha-1", "rsa-sha1"
• SHA-224: "sha224"
• SHA-256: "sha256"
• SHA-384: "sha384"
• SHA-512: "sha-512"

If you want to support additional hash algorithms, you may override this method.

Parameters:

micalg - the micalg parameters string, e.g. "sha1"

Returns:

an array of AlgorithmIDs for the hash algorithms specified in the micag string