|
|||||||||
| Home >> All >> gnu >> java >> security >> sig >> [ rsa overview ] | PREV CLASS NEXT CLASS | ||||||||
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||
gnu.java.security.sig.rsa
Class EMSA_PSS
java.lang.Objectgnu.java.security.sig.rsa.EMSA_PSS
- All Implemented Interfaces:
- java.lang.Cloneable
- public class EMSA_PSS
- extends java.lang.Object
- implements java.lang.Cloneable
- extends java.lang.Object
An implementation of the EMSA-PSS encoding/decoding scheme.
EMSA-PSS coincides with EMSA4 in IEEE P1363a D5 except that EMSA-PSS acts on octet strings and not on bit strings. In particular, the bit lengths of the hash and the salt must be multiples of 8 in EMSA-PSS. Moreover, EMSA4 outputs an integer of a desired bit length rather than an octet string.
EMSA-PSS is parameterized by the choice of hash function Hash and mask generation function MGF. In this submission, MGF is based on a Hash definition that coincides with the corresponding definitions in IEEE Std 1363-2000, PKCS #1 v2.0, and the draft ANSI X9.44. In PKCS #1 v2.0 and the draft ANSI X9.44, the recommended hash function is SHA-1, while IEEE Std 1363-2000 recommends SHA-1 and RIPEMD-160.
References:
-
RSA-PSS Signature Scheme with Appendix, part B.
Primitive specification and supporting documentation.
Jakob Jonsson and Burt Kaliski.
| Field Summary | |
private static boolean |
DEBUG
|
private static int |
debuglevel
|
private static java.io.PrintWriter |
err
|
private gnu.java.security.hash.IMessageDigest |
hash
The underlying hash function to use with this instance. |
private int |
hLen
The output size of the hash function in octets. |
private static java.lang.String |
NAME
|
| Constructor Summary | |
private |
EMSA_PSS(gnu.java.security.hash.IMessageDigest hash)
Trivial private constructor to enforce use through Factory method. |
| Method Summary | |
java.lang.Object |
clone()
This method may be called to create a new copy of the Object. |
private static void |
debug(java.lang.String s)
|
boolean |
decode(byte[] mHash,
byte[] EM,
int emBits,
int sLen)
The decoding operation EMSA-PSS-Decode recovers the message hash from an encoded message EM and compares it to the hash of
M. |
byte[] |
encode(byte[] mHash,
int emBits,
byte[] salt)
The encoding operation EMSA-PSS-Encode computes the hash of a message M using a hash function and maps the result to an encoded
message EM of a specified length using a mask generation
function. |
static EMSA_PSS |
getInstance(java.lang.String mdName)
Returns an instance of this object given a designated name of a hash function. |
private byte[] |
MGF(byte[] Z,
int l)
A mask generation function takes an octet string of variable length and a desired output length as input, and outputs an octet string of the desired length. |
| Methods inherited from class java.lang.Object |
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
NAME
private static final java.lang.String NAME
- See Also:
- Constant Field Values
DEBUG
private static final boolean DEBUG
- See Also:
- Constant Field Values
debuglevel
private static final int debuglevel
- See Also:
- Constant Field Values
err
private static final java.io.PrintWriter err
hash
private gnu.java.security.hash.IMessageDigest hash
- The underlying hash function to use with this instance.
hLen
private int hLen
- The output size of the hash function in octets.
| Constructor Detail |
EMSA_PSS
private EMSA_PSS(gnu.java.security.hash.IMessageDigest hash)
Trivial private constructor to enforce use through Factory method.
| Method Detail |
debug
private static void debug(java.lang.String s)
getInstance
public static EMSA_PSS getInstance(java.lang.String mdName)
Returns an instance of this object given a designated name of a hash function.
clone
public java.lang.Object clone()
- Description copied from class:
java.lang.Object - This method may be called to create a new copy of the
Object. The typical behavior is as follows:
o == o.clone()is falseo.getClass() == o.clone().getClass()is trueo.equals(o)is true
However, these are not strict requirements, and may be violated if necessary. Of the three requirements, the last is the most commonly violated, particularly if the subclass does not override Object.equals(Object)>
Object.equals(Object)55 .If the Object you call clone() on does not implement java.lang.Cloneable (which is a placeholder interface), then a CloneNotSupportedException is thrown. Notice that Object does not implement Cloneable; this method exists as a convenience for subclasses that do.
Object's implementation of clone allocates space for the new Object using the correct class, without calling any constructors, and then fills in all of the new field values with the old field values. Thus, it is a shallow copy. However, subclasses are permitted to make a deep copy.
All array types implement Cloneable, and override this method as follows (it should never fail):
public Object clone() { try { super.clone(); } catch (CloneNotSupportedException e) { throw new InternalError(e.getMessage()); } }
encode
public byte[] encode(byte[] mHash,
int emBits,
byte[] salt)
The encoding operation EMSA-PSS-Encode computes the hash of a message
Musing a hash function and maps the result to an encoded messageEMof a specified length using a mask generation function.
decode
public boolean decode(byte[] mHash,
byte[] EM,
int emBits,
int sLen)
The decoding operation EMSA-PSS-Decode recovers the message hash from an encoded message
EMand compares it to the hash ofM.
MGF
private byte[] MGF(byte[] Z,
int l)
A mask generation function takes an octet string of variable length and a desired output length as input, and outputs an octet string of the desired length. There may be restrictions on the length of the input and output octet strings, but such bounds are generally very large. Mask generation functions are deterministic; the octet string output is completely determined by the input octet string. The output of a mask generation function should be pseudorandom, that is, it should be infeasible to predict, given one part of the output but not the input, another part of the output. The provable security of RSA-PSS relies on the random nature of the output of the mask generation function, which in turn relies on the random nature of the underlying hash function.
|
|||||||||
| Home >> All >> gnu >> java >> security >> sig >> [ rsa overview ] | PREV CLASS NEXT CLASS | ||||||||
|
SUMMARY: JAVADOC | SOURCE | DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||