|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--java.security.SignatureSpi | +--java.security.Signature | +--cryptix.provider.elgamal.Any_ElGamal_PKCS1Signature
An abstract class to digest a message and sign/verify the resulting hash value, using any JCA MessageDigest algorithm with the ElGamal digital signature scheme, and formatting and padding conventions based on PKCS#1.
References:
$Revision: 1.4 $
java.security.interfaces.ElGamalKey
,
ElGamalCipher
,
Signature
Inner classes inherited from class java.security.Signature |
java.security.Signature.Delegate |
Fields inherited from class java.security.Signature |
SIGN, state, UNINITIALIZED, VERIFY |
Fields inherited from class java.security.SignatureSpi |
appRandom |
Constructor Summary | |
protected |
Any_ElGamal_PKCS1Signature(java.lang.String mdAlgorithm)
Constructor for an Any_ElGamal_PKCS1Signature. |
Method Summary | |
protected java.lang.Object |
engineGetParameter(java.lang.String param)
SPI: Returns an algorithm-specific parameter. |
protected void |
engineInitSign(java.security.PrivateKey key)
SPI: Initializes the cipher for signing, using the given private key. |
protected void |
engineInitVerify(java.security.PublicKey key)
SPI: Initializes the cipher for verification, using the given public key. |
protected void |
engineSetParameter(java.lang.String param,
java.lang.Object value)
SPI: Sets an algorithm-specific parameter. |
protected byte[] |
engineSign()
Terminates the update process and returns the signature bytes of all the data signed so far. |
protected void |
engineUpdate(byte b)
Updates the data to be signed or verified, using one byte. |
protected void |
engineUpdate(byte[] in,
int offset,
int length)
Updates the data to be signed or verified, using the specified sub-array of bytes, starting at the specified offset. |
protected boolean |
engineVerify(byte[] signature)
Terminates the update process and verifies that the passed signature equals that of a generated one based on the updated data so far. |
protected abstract byte[] |
getAlgorithmEncoding()
Returns the ASN.1 bytes of the AlgorithmIdentifier token described in engineSign() method above. |
Methods inherited from class java.security.Signature |
clone, getAlgorithm, getInstance, getInstance, getParameter, getProvider, initSign, initSign, initVerify, initVerify, setParameter, setParameter, sign, sign, toString, update, update, update, verify |
Methods inherited from class java.security.SignatureSpi |
engineInitSign, engineSetParameter, engineSign |
Methods inherited from class java.lang.Object |
|
Constructor Detail |
protected Any_ElGamal_PKCS1Signature(java.lang.String mdAlgorithm)
mdAlgorithm
- the standard JCA algorithm name of the message
digest to be used.Method Detail |
protected void engineInitSign(java.security.PrivateKey key) throws java.security.InvalidKeyException
The input to this algorithm will be padded on the left with random bits, up to the size of a block, before signing.
engineInitSign
in class java.security.SignatureSpi
key
- the private keyjava.security.InvalidKeyException
- if !(key instanceof
java.security.interfaces.ElGamalPrivateKey)protected void engineInitVerify(java.security.PublicKey key) throws java.security.InvalidKeyException
engineInitVerify
in class java.security.SignatureSpi
key
- the public keyjava.security.InvalidKeyException
- if !(key instanceof
java.security.interfaces.ElGamalPublicKey)protected void engineUpdate(byte b) throws java.security.SignatureException
engineUpdate
in class java.security.SignatureSpi
b
- the byte to use for the update process.java.security.SignatureException
- if the engine is not initialised properly.protected void engineUpdate(byte[] in, int offset, int length) throws java.security.SignatureException
engineUpdate
in class java.security.SignatureSpi
in
- the array of bytes.offset
- the offset to start from in in.length
- the number of bytes to use, starting at offset.java.security.SignatureException
- if the engine is not initialised properly.protected byte[] engineSign() throws java.security.SignatureException
NOTES: Sun's documentation talks about the bytes returned being X.509-encoded. For this ElGamal/PKCS#1 implementation, they conform to PKCS#1 section 10. Practically, the return value will be formed by concatenating a leading NULL byte, a block type BT, a padding block PS, another NULLbyte, and finally a data block D; ie:
return = 0x00 || BT || PS || 0x00 || D.For signing, PKCS#1 block type 01 encryption-block formatting scheme is employed. The block type BT is a single byte valued 0x01 and the padding block PS is enough 0xFF bytes to make the length of the complete Multi Precision Integer equal to the length of the public modulus. The data block D consists of the MIC -- Message Integrity Check, or message digest value-- and the MIC algorithm ASN.1 encoded identifier. The formal syntax in ASN.1 notation is:
SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING } AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL }
engineSign
in class java.security.SignatureSpi
java.security.SignatureException
- if the engine is not initialised properly.protected boolean engineVerify(byte[] signature) throws java.security.SignatureException
NOTES: Sun's documentation talks about the bytes received
being X.509-encoded. For this ElGamal/PKCS#1 implementation, the bytes
received are assumed to conform to PKCS#1 section 10, or have
been generated by a previous invocation of the engineSign
method.
engineVerify
in class java.security.SignatureSpi
signature
- the signature bytes to be verified.java.security.SignatureException
- if the engine is not initialised
properly, the received signature data is improperly
encoded or of the wrong type, etc.protected void engineSetParameter(java.lang.String param, java.lang.Object value)
ElGamal has one algorithm-specific parameter called "random", of type
java.util.Random. It specifies the source of random bits used for
generating the k values needed for signing. If this parameter
is not set when initSign
is called, the result of
new SecureRandom()
will be used.
You can set the "random" parameter using the following code:
try { elgamal.setParameter("random", random_number_generator); } catch (InvalidParameterException e) { ... }
This is not useful if the Signature object will only be used for verification.
engineSetParameter
in class java.security.SignatureSpi
param
- the string identifier of the parameter.value
- the parameter value.java.security.InvalidParameterException
- if !(param.equals("random") &&
value instanceof java.util.Random)protected java.lang.Object engineGetParameter(java.lang.String param)
ElGamal has one algorithm-specific parameter called "random", as described above. It is guaranteed to be a subclass of java.util.Random. Calling this method with a param string other than "random" will return null.
engineGetParameter
in class java.security.SignatureSpi
param
- the string name of the parameter.protected abstract byte[] getAlgorithmEncoding()
engineSign()
method above.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |