|
|||||||||
| Home >> All >> cryptix >> jce >> provider >> [ pk overview ] | PREV CLASS NEXT CLASS | ||||||||
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||
cryptix.jce.provider.pk
Class RSASignature_PKCS1
java.lang.Objectjava.security.SignatureSpi
- Direct Known Subclasses:
- RSASignature_PKCS1_MD2, RSASignature_PKCS1_MD4, RSASignature_PKCS1_MD5, RSASignature_PKCS1_RIPEMD128, RSASignature_PKCS1_RIPEMD160, RSASignature_PKCS1_SHA1, RSASignature_PKCS1_SHA256, RSASignature_PKCS1_SHA384, RSASignature_PKCS1_SHA512
- public abstract class RSASignature_PKCS1
- extends java.security.SignatureSpi
An abstract class to digest a message and sign/verify the resulting hash value, using any JCA MessageDigest algorithm with the RSA digital signature scheme, and the formatting and padding conventions defined by PKCS#1. These conventions are compatible with PEM (RFC-1423).
References:
- Bruce Schneier, "Section 19.3 RSA," Applied Cryptography, 2nd edition, John Wiley & Sons, 1996.
- PKCS#1
- RFC 1423
- Since:
- Cryptix 2.2.2
| Field Summary | |
private java.math.BigInteger |
exp
|
private java.security.MessageDigest |
md
|
private java.math.BigInteger |
n
|
private static java.math.BigInteger |
ONE
|
private java.math.BigInteger |
p
|
private java.math.BigInteger |
q
|
private java.math.BigInteger |
u
|
private static java.math.BigInteger |
ZERO
|
| Fields inherited from class java.security.SignatureSpi |
appRandom |
| Constructor Summary | |
(package private) |
RSASignature_PKCS1(java.lang.String mdAlgorithm)
Constructor for an Any_RSA_PKCS1Signature. |
| Method Summary | |
protected java.lang.Object |
engineGetParameter(java.lang.String param)
Returns the value for the specified algorithm parameter. |
protected void |
engineInitSign(java.security.PrivateKey key)
Initializes this signature object for signing, using the given private key. |
protected void |
engineInitSign(java.security.PrivateKey privateKey,
java.security.SecureRandom random)
Initializes this instance with the private key and source of randomness for signing purposes. |
protected void |
engineInitVerify(java.security.PublicKey key)
Initializes this signature object for verification, using the given public key. |
protected void |
engineSetParameter(java.security.spec.AlgorithmParameterSpec params)
Sets the signature engine with the specified java.security.spec.AlgorithmParameterSpec. |
protected void |
engineSetParameter(java.lang.String param,
java.lang.Object value)
Sets the specified algorithm parameter to the specified value. |
protected byte[] |
engineSign()
Terminates the update process and returns the signature bytes of all the data signed so far. |
protected void |
engineUpdate(byte b)
Updates the data to be signed or verified, using one byte. |
protected void |
engineUpdate(byte[] in,
int offset,
int length)
Updates the data to be signed or verified, using the specified sub-array of bytes, starting at the specified offset. |
protected boolean |
engineVerify(byte[] signature)
Terminates the update process and verifies that the passed signature equals that of a generated one based on the updated data so far. |
protected abstract byte[] |
getAlgorithmEncoding()
Returns the ASN.1 bytes of the AlgorithmIdentifier token described in engineSign() method above. |
private void |
initCommon()
|
private java.math.BigInteger |
makePKCS1()
Returns a byte array consisting of a padded message digest value, previously computed. |
private int |
modulusByteLength()
Return the length (in bytes) of our modulus. |
| Methods inherited from class java.security.SignatureSpi |
clone, engineGetParameters, engineSign, engineVerify |
| Methods inherited from class java.lang.Object |
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
ZERO
private static final java.math.BigInteger ZERO
ONE
private static final java.math.BigInteger ONE
n
private java.math.BigInteger n
exp
private java.math.BigInteger exp
p
private java.math.BigInteger p
q
private java.math.BigInteger q
u
private java.math.BigInteger u
md
private final java.security.MessageDigest md
| Constructor Detail |
RSASignature_PKCS1
RSASignature_PKCS1(java.lang.String mdAlgorithm)
- Constructor for an Any_RSA_PKCS1Signature.
| Method Detail |
engineInitVerify
protected void engineInitVerify(java.security.PublicKey key) throws java.security.InvalidKeyException
- Initializes this signature object for verification, using
the given public key.
engineInitSign
protected void engineInitSign(java.security.PrivateKey key) throws java.security.InvalidKeyException
- Initializes this signature object for signing, using the
given private key.
initCommon
private void initCommon()
throws java.security.InvalidKeyException
engineInitSign
protected void engineInitSign(java.security.PrivateKey privateKey, java.security.SecureRandom random) throws java.security.InvalidKeyException
- Description copied from class:
java.security.SignatureSpi - Initializes this instance with the private key and source of randomness for
signing purposes.
This method cannot be abstract for backward compatibility reasons.
engineUpdate
protected void engineUpdate(byte b)
throws java.security.SignatureException
- Updates the data to be signed or verified, using one byte.
engineUpdate
protected void engineUpdate(byte[] in,
int offset,
int length)
throws java.security.SignatureException
- Updates the data to be signed or verified, using the specified
sub-array of bytes, starting at the specified offset.
engineSign
protected byte[] engineSign()
throws java.security.SignatureException
- Terminates the update process and returns the signature bytes of
all the data signed so far.
NOTES: Sun's documentation talks about the bytes returned being X.509-encoded. For this RSA/PKCS#1 implementation, they conform to PKCS#1 section 10. Practically, the return value will be formed by concatenating a leading NULL byte, a block type BT, a padding block PS, another NULLbyte, and finally a data block D; ie:
return = 0x00 || BT || PS || 0x00 || D.For signing, PKCS#1 block type 01 encryption-block formatting scheme is employed. The block type BT is a single byte valued 0x01 and the padding block PS is enough 0xFF bytes to make the length of the complete RSA Multi Precision Integer equal to the length of the public modulus. The data block D consists of the MIC -- Message Integrity Check, or message digest value-- and the MIC algorithm ASN.1 encoded identifier. The formal syntax in ASN.1 notation is:SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING } AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL }
engineVerify
protected boolean engineVerify(byte[] signature)
throws java.security.SignatureException
- Terminates the update process and verifies that the passed signature
equals that of a generated one based on the updated data so far.
NOTES: Sun's documentation talks about the bytes received being X.509-encoded. For this RSA/PKCS#1 implementation, the bytes received are assumed to conform to PKCS#1 section 10, or have been generated by a previous invocation of the
engineSignmethod.
engineSetParameter
protected void engineSetParameter(java.lang.String param, java.lang.Object value) throws java.security.InvalidParameterException
- Description copied from class:
java.security.SignatureSpi - Sets the specified algorithm parameter to the specified value.
engineSetParameter
protected void engineSetParameter(java.security.spec.AlgorithmParameterSpec params) throws java.security.InvalidAlgorithmParameterException
- Description copied from class:
java.security.SignatureSpi - Sets the signature engine with the specified java.security.spec.AlgorithmParameterSpec.
This method cannot be abstract for backward compatibility reasons. By default it always throws java.lang.UnsupportedOperationException unless overridden.
engineGetParameter
protected java.lang.Object engineGetParameter(java.lang.String param) throws java.security.InvalidParameterException
- Description copied from class:
java.security.SignatureSpi - Returns the value for the specified algorithm parameter.
makePKCS1
private java.math.BigInteger makePKCS1() throws java.security.SignatureException
- Returns a byte array consisting of a padded message digest value,
previously computed. This packet will be RSA-encrypted with the
private key of this object to act as an authentication for whatever
was digested.
As described in the engineSign() method above, the return array will consist of:
MSB LSB 00 01 FF-1 ... FF-n 00 AID-1 ... AID-n 04 LL MD-1 ... MD-n | BT |----- PS -----| |-- AlgorithmId --|------ digest ------|The AID bytes form the AlgorithmIdentifier token. The OCTET STRING tag is 04 and LL is the length byte (the number of bytes in the message digest proper, i.e. n).
Bytes MD-1 to MD-n are the message digest value of the material updated so far, thus completing the digest token in the SEQUENCE described in engineSign() above.
modulusByteLength
private int modulusByteLength()
- Return the length (in bytes) of our modulus.
getAlgorithmEncoding
protected abstract byte[] getAlgorithmEncoding()
- Returns the ASN.1 bytes of the AlgorithmIdentifier token
described in
engineSign()method above.
|
|||||||||
| Home >> All >> cryptix >> jce >> provider >> [ pk overview ] | PREV CLASS NEXT CLASS | ||||||||
|
SUMMARY: JAVADOC | SOURCE | DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||