JAVA Toolkit
| home | contact




Smartcard Integration

 To, for instance, use a RSA PKCS#1v1.5 compliant smartcard for signature
calculatuion only, you may extend the IAIK-CMS IaikProvider and override
method calculateSignatureFromSignedAttributes, e.g.:
 

public class MySecurityProvider extends IaikProvider {
   ...
  public byte[] calculateSignatureFromSignedAttributes(
      AlgorithmID signatureAlgorithm, 
      AlgorithmID digestAlgorithm, 
      PrivateKey privateKey, 
      byte[] signedAttributes)      
    throws NoSuchAlgorithmException,
               InvalidKeyException, 
               SignatureException {
          
    byte[] signatureValue = null;
    // get the implementation name: RSA?
    String implementationName = 
         signatureAlgorithm.getImplementationName();
    if (implementationName == IMPLEMENTATION_NAME_RSA) {
      // let the smartcard calculate the signature value
      byte[] signatureValue = ...;     
    } else {
      signatureValue = 
          super.calculateSignatureFromSignedAttributes(
                                          signatureAlgorithm, 
                                          digestAlgorithm, 
                                          privateKey, 
                                          signedAttributes);
    } 
    return signatureValue;
  } 
}

 Now tell the IAIK-CMS libary to use your SecurityProvider implementation:

MySecurityProvider mySecurityProvider = ...;
SecurityProvider.setSecurityProvider(mySecurityProvider);

 Note that you also may install a SecurityProvider per CMS object. See our

SecurityProvider description
 and the IAIK-CMS Javadoc for more detailed information.
 

 If the smartcard or HSM your are using supports the PKCS#11 standard,
 you may use our PKCS#11 provider 
 to access it from your Java™ application.
 

 

 
print    tip a friend
back to previous page back  |  top to the top of the page