The following examples are copied from the JSR 177 specification.
This example shows how to use CMSMessageSignatureService
to generate signatures:
String caName = new String("cn=ca_name,ou=ou_name,o=org_name,c=ie"); String[] caNames = new String[1]; String stringToSign = new String("JSR 177 Approved"); String userPrompt = new String("Please insert the security element " + "issued by bank ABC" + "for the application XYZ."); byte[] byteArrayToSign = new byte[8]; byte[] authSignature; byte[] signSignature; caNames[0] = caName; try { // Generate a formatted authentication signature that includes the // content that was signed in addition to the certificate. // Selection of the key is implicit in selection of the certificate, // which is selected through the caNames parameter. // If the appropriate key is not found in any of the security // elements present in the device, the implementation may guide // the user to insert an alternative security element using // the securityElementPrompt parameter. authSignature = CMSMessageSignatureService.authenticate( byteArrayToSign, CMSMessageSignatureService.SIG_INCLUDE_CERTIFICATE |CMSMessageSignatureService.SIG_INCLUDE_CONTENT, caNames, userPrompt); // Generate a formatted signature that includes the // content that was signed in addition to the certificate. // Selection of the key is implicit in selection of the certificate, // which is selected through the caNames parameter. // If the appropriate key is not found in any of the // security elements present in the device, the implementation // may guide the user to insert an alternative // security element using the securityElementPrompt parameter. signSignature = CMSMessageSignatureService.sign( stringToSign, CMSMessageSignatureService.SIG_INCLUDE_CERTIFICATE |CMSMessageSignatureService.SIG_INCLUDE_CONTENT, caNames, userPrompt); } catch (IllegalArgumentException iae) { // Perform error handling iae.printStackTrace(); } catch (CMSMessageSignatureServiceException ce) { if (ce.getReason() == ce.CRYPTO_FORMAT_ERROR) { System.out.println("Error formatting signature."); } else { System.out.println(ce.getMessage()); } }
The following example demonstrates the use of UserCredentialManager
.
// Parameters for certificate request message. String nameInfo = new String("CN=User Name"); byte[] enrollmentRequest = null; int keyLength = 1024; // User friendly names and prompts. String securityElementID = new String("Bank XYZ"); String securityElementPrompt = new String ("Please insert bank XYZ security element before proceeding"); String friendlyName = new String("My Credential"); // Certificate chain and URI from registration response. byte[] pkiPath; String uri; // Obtain a certificate enrollment request message. try { enrollmentRequest = UserCredentialManager.generateCSR (nameInfo, UserCredentialManager.ALGORITHM_RSA, keyLength, UserCredentialManager.KEY_USAGE_NON_REPUDIATION, securityElementID, securityElementPrompt, false); // Send it to a registration server. ... // Assign values for pkipath and certificate uri // from the registration response. ... // Store the certificate on the security element. UserCredentialManager.addCredential(friendlyName, pkiPath, uri); } catch (IllegalArgumentException iae) { iae.printStackTrace(); } catch (NullPointerException npe) { npe.printStackTrace(); } catch (CMSMessageSignatureServiceException cmse) { cmse.printStackTrace(); } catch (UserCredentialManagerException pkie) { pkie.printStackTrace(); }
SATSA Developer's Guide SATSA Reference Implementation 1.0 |
Copyright © 2004 Sun Microsystems, Inc. All rights reserved.