JAVA Toolkit
| home | contact

Smartcard Integration

 To, for instance, use a RSA PKCS#1v1.5 compliant smartcard for signature
calculatuion only, you may extend the IAIK-CMS IaikProvider and override
method calculateSignatureFromSignedAttributes, e.g.:

public class MySecurityProvider extends IaikProvider {
  public byte[] calculateSignatureFromSignedAttributes(
      AlgorithmID signatureAlgorithm, 
      AlgorithmID digestAlgorithm, 
      PrivateKey privateKey, 
      byte[] signedAttributes)      
    throws NoSuchAlgorithmException,
               SignatureException {
    byte[] signatureValue = null;
    // get the implementation name: RSA?
    String implementationName = 
    if (implementationName == IMPLEMENTATION_NAME_RSA) {
      // let the smartcard calculate the signature value
      byte[] signatureValue = ...;     
    } else {
      signatureValue = 
    return signatureValue;

 Now tell the IAIK-CMS libary to use your SecurityProvider implementation:

MySecurityProvider mySecurityProvider = ...;

 Note that you also may install a SecurityProvider per CMS object. See our

SecurityProvider description
 and the IAIK-CMS Javadoc for more detailed information.

 If the smartcard or HSM your are using supports the PKCS#11 standard,
 you may use our PKCS#11 provider 
 to access it from your Java™ application.


print    tip a friend
back to previous page back  |  top to the top of the page