java.security
Class Signature
Signature is used to provide an interface to digital signature
algorithms. Digital signatures provide authentication and data integrity of
digital data.
The GNU provider provides the NIST standard DSA which uses DSA and SHA-1.
It can be specified by SHA/DSA, SHA-1/DSA or its OID. If the RSA signature
algorithm is provided then it could be MD2/RSA. MD5/RSA, or SHA-1/RSA. The
algorithm must be specified because there is no default.
Signature provides implementation-independent algorithms which are
requested by the user through the
getInstance()<?code> methods. It can
be requested by specifying just the algorithm name or by specifying both the
algorithm name and provider name.
The three phases of using Signature are:
- Initializing:
- It must be initialized with a private key for signing.
- It must be initialized with a public key for verifying.
- Updating:
Update the bytes for signing or verifying with calls to update.
- Signing or Verify the signature on the currently stored bytes by
calling sign or verify.
protected static int | SIGN- Possible state value which signifies that this instance has been
initialized for signing purposes.
|
protected static int | UNINITIALIZED- Possible state value which signifies that this instance has not yet been
initialized.
|
protected static int | VERIFY- Possible state value which signifies that this instance has been
initialized for verification purposes.
|
protected int | state- Current sate of this instance.
|
Signature(String algorithm)- Constructs a new
Signature instance for a designated digital
signature algorithm.
|
Object | clone()- Returns a clone of this instance.
|
String | getAlgorithm()- Returns the name of the algorithm currently used.
|
static Signature | getInstance(String algorithm)- Returns an instance of
Signature representing the specified
signature.
|
static Signature | getInstance(String algorithm, String provider)- Returns an instance of
Signature representing the specified
signature from the named provider.
|
static Signature | getInstance(String algorithm, Provider provider)- Returns an instance of
Signature representing the specified
signature from the specified Provider.
|
Object | getParameter(String param)- use the other getParameter
|
AlgorithmParameters | getParameters()- Return the parameters of the algorithm used in this instance as an
AlgorithmParameters.
|
Provider | getProvider()- Returns the
Provider of this instance.
|
void | initSign(PrivateKey privateKey)- Initializes this class with the private key for signing purposes.
|
void | initSign(PrivateKey privateKey, SecureRandom random)- Initializes this class with the private key and source of randomness for
signing purposes.
|
void | initVerify(PublicKey publicKey)- Initializes this instance with the public key for verification purposes.
|
void | initVerify(Certificate certificate)- Verify a signature with a designated
Certificate.
|
void | setParameter(String param, Object value)- use the other setParameter
|
void | setParameter(AlgorithmParameterSpec params)- Sets the signature engine with the specified
AlgorithmParameterSpec.
|
byte[] | sign()- Returns the signature bytes of all the data fed to this instance.
|
int | sign(byte[] outbuf, int offset, int len)- Generates signature bytes of all the data fed to this instance and stores
it in the designated array.
|
String | toString()- Returns a rstring representation of this instance.
|
void | update(byte b)- Updates the data to be signed or verified with the specified byte.
|
void | update(byte[] data)- Updates the data to be signed or verified with the specified bytes.
|
void | update(byte[] data, int off, int len)- Updates the data to be signed or verified with the specified bytes.
|
void | update(ByteBuffer input)- Update this signature with the
Buffer.remaining()
bytes of the input buffer.
|
boolean | verify(byte[] signature)- Verifies a designated signature.
|
boolean | verify(byte[] signature, int offset, int length)- Verifies a designated signature.
|
clone, engineGetParameter, engineGetParameters, engineInitSign, engineInitSign, engineInitVerify, engineSetParameter, engineSetParameter, engineSign, engineSign, engineUpdate, engineUpdate, engineUpdate, engineVerify, engineVerify |
clone, equals, extends Object> getClass, finalize, hashCode, notify, notifyAll, toString, wait, wait, wait |
SIGN
protected static final int SIGN
Possible state value which signifies that this instance has been
initialized for signing purposes.
UNINITIALIZED
protected static final int UNINITIALIZED
Possible state value which signifies that this instance has not yet been
initialized.
VERIFY
protected static final int VERIFY
Possible state value which signifies that this instance has been
initialized for verification purposes.
state
protected int state
Current sate of this instance.
Signature
protected Signature(String algorithm)
Constructs a new Signature instance for a designated digital
signature algorithm.
algorithm - the algorithm to use.
getAlgorithm
public final String getAlgorithm()
Returns the name of the algorithm currently used. The names of algorithms
are usually SHA/DSA or SHA/RSA.
getInstance
public static Signature getInstance(String algorithm)
throws NoSuchAlgorithmException Returns an instance of Signature representing the specified
signature.
algorithm - the algorithm to use.
- a new instance repesenting the desired algorithm.
initSign
public final void initSign(PrivateKey privateKey)
throws InvalidKeyException Initializes this class with the private key for signing purposes.
privateKey - the private key to sign with.
initVerify
public final void initVerify(PublicKey publicKey)
throws InvalidKeyException Initializes this instance with the public key for verification purposes.
publicKey - the public key to verify with.
initVerify
public final void initVerify(Certificate certificate)
throws InvalidKeyException Verify a signature with a designated
Certificate. This is a FIPS
140-1 compatible method since it verifies a signature with a certificate.
If the
Certificate is an X.509 one, has a
KeyUsage
parameter and that parameter indicates this key is not to be used for
signing then an exception is thrown.
certificate - a Certificate containing a public key to verify with.
setParameter
public final void setParameter(String param,
Object value)
throws InvalidParameterExceptionuse the other setParameter
Sets the specified algorithm parameter to the specified value.
param - the parameter name.value - the parameter value.
InvalidParameterException - if the parameter is invalid, the parameter is already set and
can not be changed, a security exception occured, etc.
sign
public final byte[] sign()
throws SignatureException Returns the signature bytes of all the data fed to this instance. The
format of the output depends on the underlying signature algorithm.
sign
public final int sign(byte[] outbuf,
int offset,
int len)
throws SignatureException Generates signature bytes of all the data fed to this instance and stores
it in the designated array. The format of the result depends on the
underlying signature algorithm.
After calling this method, the instance is reset to its initial state
and can then be used to generate additional signatures.
IMPLEMENTATION NOTE: Neither this method nor the GNU provider
will return partial digests. If
len is less than the
signature length, this method will throw a
SignatureException. If
it is greater than or equal then it is ignored.
outbuf - array of bytes of where to store the resulting signature bytes.offset - the offset to start at in the array.len - the number of the bytes to use in the array.
- the real number of bytes used.
toString
public String toString()
Returns a rstring representation of this instance.
- toString in interface Object
- a rstring representation of this instance.
update
public final void update(byte b)
throws SignatureException Updates the data to be signed or verified with the specified byte.
b - the byte to update with.
update
public final void update(byte[] data)
throws SignatureException Updates the data to be signed or verified with the specified bytes.
data - the array of bytes to use.
update
public final void update(byte[] data,
int off,
int len)
throws SignatureException Updates the data to be signed or verified with the specified bytes.
data - an array of bytes to use.off - the offset to start at in the array.len - the number of bytes to use from the array.
verify
public final boolean verify(byte[] signature)
throws SignatureException Verifies a designated signature.
signature - the signature bytes to verify.
true if verified, false otherwise.
SignatureException - if the engine is not properly initialized or the signature does
not check.
verify
public final boolean verify(byte[] signature,
int offset,
int length)
throws SignatureException Verifies a designated signature.
signature - the signature bytes to verify.offset - the offset to start at in the array.length - the number of the bytes to use from the array.
true if verified, false otherwise.
IllegalArgumentException - if the signature byte array is null,
or the offset or length is less
than 0, or the sum of the offset
and length is greater than the length of the
signature byte array.SignatureException - if the engine is not properly initialized or the signature does
not check.
Signature.java --- Signature Class
Copyright (C) 1999, 2002, 2003, 2004 Free Software Foundation, Inc.
This file is part of GNU Classpath.
GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Classpath; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301 USA.
Linking this library statically or dynamically with other modules is
making a combined work based on this library. Thus, the terms and
conditions of the GNU General Public License cover the whole
combination.
As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent
modules, and to copy and distribute the resulting executable under
terms of your choice, provided that you also meet, for each linked
independent module, the terms and conditions of the license of that
module. An independent module is a module which is not derived from
or based on this library. If you modify this library, you may extend
this exception to your version of the library, but you are not
obligated to do so. If you do not wish to do so, delete this
exception statement from your version.