|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectjava.security.SignatureSpi
java.security.Signature
public abstract class Signature
Signature
is used to provide an interface to digital signature
algorithms. Digital signatures provide authentication and data integrity of
digital data.
The GNU provider provides the NIST standard DSA which uses DSA and SHA-1. It can be specified by SHA/DSA, SHA-1/DSA or its OID. If the RSA signature algorithm is provided then it could be MD2/RSA. MD5/RSA, or SHA-1/RSA. The algorithm must be specified because there is no default.
Signature provides implementation-independent algorithms which are
requested by the user through the getInstance() methods. It can
be requested by specifying just the algorithm name or by specifying both the
algorithm name and provider name.
The three phases of using Signature
are:
Update the bytes for signing or verifying with calls to update.
Field Summary | |
---|---|
protected static int |
SIGN
Possible state value which signifies that this instance has been initialized for signing purposes. |
protected int |
state
Current sate of this instance. |
protected static int |
UNINITIALIZED
Possible state value which signifies that this instance has not yet been initialized. |
protected static int |
VERIFY
Possible state value which signifies that this instance has been initialized for verification purposes. |
Fields inherited from class java.security.SignatureSpi |
---|
appRandom |
Constructor Summary | |
---|---|
protected |
Signature(String algorithm)
Constructs a new Signature instance for a designated digital
signature algorithm. |
Method Summary | |
---|---|
Object |
clone()
Returns a clone of this instance. |
String |
getAlgorithm()
Returns the name of the algorithm currently used. |
static Signature |
getInstance(String algorithm)
Returns an instance of Signature representing the specified
signature. |
static Signature |
getInstance(String algorithm,
Provider provider)
Returns an instance of Signature representing the specified
signature from the specified Provider . |
static Signature |
getInstance(String algorithm,
String provider)
Returns an instance of Signature representing the specified
signature from the named provider. |
Object |
getParameter(String param)
Deprecated. use the other getParameter |
AlgorithmParameters |
getParameters()
Return the parameters of the algorithm used in this instance as an AlgorithmParameters . |
Provider |
getProvider()
Returns the Provider of this instance. |
void |
initSign(PrivateKey privateKey)
Initializes this class with the private key for signing purposes. |
void |
initSign(PrivateKey privateKey,
SecureRandom random)
Initializes this class with the private key and source of randomness for signing purposes. |
void |
initVerify(Certificate certificate)
Verify a signature with a designated Certificate . |
void |
initVerify(PublicKey publicKey)
Initializes this instance with the public key for verification purposes. |
void |
setParameter(AlgorithmParameterSpec params)
Sets the signature engine with the specified AlgorithmParameterSpec . |
void |
setParameter(String param,
Object value)
Deprecated. use the other setParameter |
byte[] |
sign()
Returns the signature bytes of all the data fed to this instance. |
int |
sign(byte[] outbuf,
int offset,
int len)
Generates signature bytes of all the data fed to this instance and stores it in the designated array. |
String |
toString()
Returns a rstring representation of this instance. |
void |
update(byte b)
Updates the data to be signed or verified with the specified byte. |
void |
update(byte[] data)
Updates the data to be signed or verified with the specified bytes. |
void |
update(byte[] data,
int off,
int len)
Updates the data to be signed or verified with the specified bytes. |
void |
update(ByteBuffer input)
Update this signature with the Buffer.remaining()
bytes of the input buffer. |
boolean |
verify(byte[] signature)
Verifies a designated signature. |
boolean |
verify(byte[] signature,
int offset,
int length)
Verifies a designated signature. |
Methods inherited from class java.security.SignatureSpi |
---|
engineGetParameter, engineGetParameters, engineInitSign, engineInitSign, engineInitVerify, engineSetParameter, engineSetParameter, engineSign, engineSign, engineUpdate, engineUpdate, engineUpdate, engineVerify, engineVerify |
Methods inherited from class java.lang.Object |
---|
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
protected static final int UNINITIALIZED
protected static final int SIGN
protected static final int VERIFY
protected int state
Constructor Detail |
---|
protected Signature(String algorithm)
Signature
instance for a designated digital
signature algorithm.
algorithm
- the algorithm to use.Method Detail |
---|
public static Signature getInstance(String algorithm) throws NoSuchAlgorithmException
Signature
representing the specified
signature.
algorithm
- the algorithm to use.
NoSuchAlgorithmException
- if the algorithm is not implemented by any
provider.
IllegalArgumentException
- if algorithm
is
null
or is an empty string.public static Signature getInstance(String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException
Signature
representing the specified
signature from the named provider.
algorithm
- the algorithm to use.provider
- the name of the provider to use.
NoSuchProviderException
- if the named provider was not found.
NoSuchAlgorithmException
- if the algorithm is not implemented by the
named provider.
IllegalArgumentException
- if either algorithm
or
provider
is null
or empty.public static Signature getInstance(String algorithm, Provider provider) throws NoSuchAlgorithmException
Signature
representing the specified
signature from the specified Provider
.
algorithm
- the algorithm to use.provider
- the Provider
to use.
NoSuchAlgorithmException
- if the algorithm is not implemented by the
Provider
.
IllegalArgumentException
- if either algorithm
or
provider
is null
, or if
algorithm
is an empty string.public final Provider getProvider()
Provider
of this instance.
Provider
of this instance.public final void initVerify(PublicKey publicKey) throws InvalidKeyException
publicKey
- the public key to verify with.
InvalidKeyException
- if the key is invalid.public final void initVerify(Certificate certificate) throws InvalidKeyException
Certificate
. This is a FIPS
140-1 compatible method since it verifies a signature with a certificate.
If the Certificate
is an X.509 one, has a KeyUsage
parameter and that parameter indicates this key is not to be used for
signing then an exception is thrown.
certificate
- a Certificate
containing a public key to verify with.
InvalidKeyException
- if the key is invalid.public final void initSign(PrivateKey privateKey) throws InvalidKeyException
privateKey
- the private key to sign with.
InvalidKeyException
- if the key is invalid.public final void initSign(PrivateKey privateKey, SecureRandom random) throws InvalidKeyException
privateKey
- the private key to sign with.random
- the SecureRandom
to use.
InvalidKeyException
- if the key is invalid.public final byte[] sign() throws SignatureException
SignatureException
- if the engine is not properly initialized.public final int sign(byte[] outbuf, int offset, int len) throws SignatureException
After calling this method, the instance is reset to its initial state and can then be used to generate additional signatures.
IMPLEMENTATION NOTE: Neither this method nor the GNU provider
will return partial digests. If len
is less than the
signature length, this method will throw a SignatureException
. If
it is greater than or equal then it is ignored.
outbuf
- array of bytes of where to store the resulting signature bytes.offset
- the offset to start at in the array.len
- the number of the bytes to use in the array.
SignatureException
- if the engine is not properly initialized.public final boolean verify(byte[] signature) throws SignatureException
signature
- the signature bytes to verify.
true
if verified, false
otherwise.
SignatureException
- if the engine is not properly initialized or the signature does
not check.public final boolean verify(byte[] signature, int offset, int length) throws SignatureException
signature
- the signature bytes to verify.offset
- the offset to start at in the array.length
- the number of the bytes to use from the array.
true
if verified, false
otherwise.
IllegalArgumentException
- if the signature
byte array is null
,
or the offset
or length
is less
than 0
, or the sum of the offset
and length
is greater than the length of the
signature
byte array.
SignatureException
- if the engine is not properly initialized or the signature does
not check.public final void update(byte b) throws SignatureException
b
- the byte to update with.
SignatureException
- if the engine is not properly initialized.public final void update(byte[] data) throws SignatureException
data
- the array of bytes to use.
SignatureException
- if the engine is not properly initialized.public final void update(byte[] data, int off, int len) throws SignatureException
data
- an array of bytes to use.off
- the offset to start at in the array.len
- the number of bytes to use from the array.
SignatureException
- if the engine is not properly initialized.public final void update(ByteBuffer input) throws SignatureException
Buffer.remaining()
bytes of the input buffer.
input
- The input buffer.
SignatureException
- If this instance was not properly
initialized.public final String getAlgorithm()
public String toString()
toString
in class Object
Object.getClass()
,
Object.hashCode()
,
Class.getName()
,
Integer.toHexString(int)
public final void setParameter(String param, Object value) throws InvalidParameterException
param
- the parameter name.value
- the parameter value.
InvalidParameterException
- if the parameter is invalid, the parameter is already set and
can not be changed, a security exception occured, etc.public final void setParameter(AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException
AlgorithmParameterSpec
.
By default, and unless overriden by the concrete SPI, this method always
throws an UnsupportedOperationException
.
params
- the parameters to use for intializing this instance.
InvalidParameterException
- if the parameter is invalid, the parameter is already set and
cannot be changed, a security exception occured, etc.
InvalidAlgorithmParameterException
public final AlgorithmParameters getParameters()
AlgorithmParameters
.
null
if
this instance does not use any parameters.public final Object getParameter(String param) throws InvalidParameterException
param
- the parameter name.
InvalidParameterException
- if the parameter is invalid.public Object clone() throws CloneNotSupportedException
clone
in class SignatureSpi
CloneNotSupportedException
- if the implementation does not support cloning.Cloneable
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |