cryptix.provider.elgamal
Class Any_ElGamal_PKCS1Signature

java.lang.Object
  |
  +--java.security.SignatureSpi
        |
        +--java.security.Signature
              |
              +--cryptix.provider.elgamal.Any_ElGamal_PKCS1Signature
Direct Known Subclasses:
MD2_ElGamal_PKCS1Signature, MD5_ElGamal_PKCS1Signature, RIPEMD160_ElGamal_PKCS1Signature, SHA1_ElGamal_PKCS1Signature

public abstract class Any_ElGamal_PKCS1Signature
extends java.security.Signature

An abstract class to digest a message and sign/verify the resulting hash value, using any JCA MessageDigest algorithm with the ElGamal digital signature scheme, and formatting and padding conventions based on PKCS#1.

References:

  1. Bruce Schneier, "Section 19.6 ElGamal," Applied Cryptography, 2nd edition, John Wiley & Sons, 1996.

  2. PKCS#1 An RSA Laboratories Technical Note
    Version 1.5
    Revised November 1, 1993
    An "RSA Data Security, Inc. Public-Key Cryptography Standard (PKCS)"

$Revision: 1.4 $

Since:
Cryptix 2.2.2
Author:
David Hopwood
See Also:
java.security.interfaces.ElGamalKey, ElGamalCipher, Signature

Inner classes inherited from class java.security.Signature
java.security.Signature.Delegate
 
Fields inherited from class java.security.Signature
SIGN, state, UNINITIALIZED, VERIFY
 
Fields inherited from class java.security.SignatureSpi
appRandom
 
Constructor Summary
protected Any_ElGamal_PKCS1Signature(java.lang.String mdAlgorithm)
          Constructor for an Any_ElGamal_PKCS1Signature.
 
Method Summary
protected  java.lang.Object engineGetParameter(java.lang.String param)
          SPI: Returns an algorithm-specific parameter.
protected  void engineInitSign(java.security.PrivateKey key)
          SPI: Initializes the cipher for signing, using the given private key.
protected  void engineInitVerify(java.security.PublicKey key)
          SPI: Initializes the cipher for verification, using the given public key.
protected  void engineSetParameter(java.lang.String param, java.lang.Object value)
          SPI: Sets an algorithm-specific parameter.
protected  byte[] engineSign()
          Terminates the update process and returns the signature bytes of all the data signed so far.
protected  void engineUpdate(byte b)
          Updates the data to be signed or verified, using one byte.
protected  void engineUpdate(byte[] in, int offset, int length)
          Updates the data to be signed or verified, using the specified sub-array of bytes, starting at the specified offset.
protected  boolean engineVerify(byte[] signature)
          Terminates the update process and verifies that the passed signature equals that of a generated one based on the updated data so far.
protected abstract  byte[] getAlgorithmEncoding()
          Returns the ASN.1 bytes of the AlgorithmIdentifier token described in engineSign() method above.
 
Methods inherited from class java.security.Signature
clone, getAlgorithm, getInstance, getInstance, getParameter, getProvider, initSign, initSign, initVerify, initVerify, setParameter, setParameter, sign, sign, toString, update, update, update, verify
 
Methods inherited from class java.security.SignatureSpi
engineInitSign, engineSetParameter, engineSign
 
Methods inherited from class java.lang.Object
, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

Any_ElGamal_PKCS1Signature

protected Any_ElGamal_PKCS1Signature(java.lang.String mdAlgorithm)
Constructor for an Any_ElGamal_PKCS1Signature.
Parameters:
mdAlgorithm - the standard JCA algorithm name of the message digest to be used.
Method Detail

engineInitSign

protected void engineInitSign(java.security.PrivateKey key)
                       throws java.security.InvalidKeyException
SPI: Initializes the cipher for signing, using the given private key. The key object must implement java.security.interfaces.ElGamalPrivateKey.

The input to this algorithm will be padded on the left with random bits, up to the size of a block, before signing.

Overrides:
engineInitSign in class java.security.SignatureSpi
Parameters:
key - the private key
Throws:
java.security.InvalidKeyException - if !(key instanceof java.security.interfaces.ElGamalPrivateKey)

engineInitVerify

protected void engineInitVerify(java.security.PublicKey key)
                         throws java.security.InvalidKeyException
SPI: Initializes the cipher for verification, using the given public key. The key object must implement java.security.interfaces.ElGamalPublicKey.
Overrides:
engineInitVerify in class java.security.SignatureSpi
Parameters:
key - the public key
Throws:
java.security.InvalidKeyException - if !(key instanceof java.security.interfaces.ElGamalPublicKey)

engineUpdate

protected void engineUpdate(byte b)
                     throws java.security.SignatureException
Updates the data to be signed or verified, using one byte.
Overrides:
engineUpdate in class java.security.SignatureSpi
Parameters:
b - the byte to use for the update process.
Throws:
java.security.SignatureException - if the engine is not initialised properly.

engineUpdate

protected void engineUpdate(byte[] in,
                            int offset,
                            int length)
                     throws java.security.SignatureException
Updates the data to be signed or verified, using the specified sub-array of bytes, starting at the specified offset.
Overrides:
engineUpdate in class java.security.SignatureSpi
Parameters:
in - the array of bytes.
offset - the offset to start from in in.
length - the number of bytes to use, starting at offset.
Throws:
java.security.SignatureException - if the engine is not initialised properly.

engineSign

protected byte[] engineSign()
                     throws java.security.SignatureException
Terminates the update process and returns the signature bytes of all the data signed so far.

NOTES: Sun's documentation talks about the bytes returned being X.509-encoded. For this ElGamal/PKCS#1 implementation, they conform to PKCS#1 section 10. Practically, the return value will be formed by concatenating a leading NULL byte, a block type BT, a padding block PS, another NULLbyte, and finally a data block D; ie:

     return = 0x00 || BT || PS || 0x00 || D.
 
For signing, PKCS#1 block type 01 encryption-block formatting scheme is employed. The block type BT is a single byte valued 0x01 and the padding block PS is enough 0xFF bytes to make the length of the complete Multi Precision Integer equal to the length of the public modulus. The data block D consists of the MIC -- Message Integrity Check, or message digest value-- and the MIC algorithm ASN.1 encoded identifier. The formal syntax in ASN.1 notation is:
   SEQUENCE {
     digestAlgorithm  AlgorithmIdentifier,
     digest           OCTET STRING
   }

   AlgorithmIdentifier ::= SEQUENCE {
     algorithm        OBJECT IDENTIFIER,
     parameters       ANY DEFINED BY algorithm OPTIONAL
   }
 
Overrides:
engineSign in class java.security.SignatureSpi
Returns:
the bytes of the signing operation's result.
Throws:
java.security.SignatureException - if the engine is not initialised properly.

engineVerify

protected boolean engineVerify(byte[] signature)
                        throws java.security.SignatureException
Terminates the update process and verifies that the passed signature equals that of a generated one based on the updated data so far.

NOTES: Sun's documentation talks about the bytes received being X.509-encoded. For this ElGamal/PKCS#1 implementation, the bytes received are assumed to conform to PKCS#1 section 10, or have been generated by a previous invocation of the engineSign method.

Overrides:
engineVerify in class java.security.SignatureSpi
Parameters:
signature - the signature bytes to be verified.
Returns:
true if the signature was verified successfully, false otherwise.
Throws:
java.security.SignatureException - if the engine is not initialised properly, the received signature data is improperly encoded or of the wrong type, etc.

engineSetParameter

protected void engineSetParameter(java.lang.String param,
                                  java.lang.Object value)
SPI: Sets an algorithm-specific parameter.

ElGamal has one algorithm-specific parameter called "random", of type java.util.Random. It specifies the source of random bits used for generating the k values needed for signing. If this parameter is not set when initSign is called, the result of new SecureRandom() will be used.

You can set the "random" parameter using the following code:

   try {
       elgamal.setParameter("random", random_number_generator);
   } catch (InvalidParameterException e) { ... }
 

This is not useful if the Signature object will only be used for verification.

Overrides:
engineSetParameter in class java.security.SignatureSpi
Parameters:
param - the string identifier of the parameter.
value - the parameter value.
Throws:
java.security.InvalidParameterException - if !(param.equals("random") && value instanceof java.util.Random)

engineGetParameter

protected java.lang.Object engineGetParameter(java.lang.String param)
SPI: Returns an algorithm-specific parameter.

ElGamal has one algorithm-specific parameter called "random", as described above. It is guaranteed to be a subclass of java.util.Random. Calling this method with a param string other than "random" will return null.

Overrides:
engineGetParameter in class java.security.SignatureSpi
Parameters:
param - the string name of the parameter.
Returns:
the object that represents the parameter value, or null if there is none.

getAlgorithmEncoding

protected abstract byte[] getAlgorithmEncoding()
Returns the ASN.1 bytes of the AlgorithmIdentifier token described in engineSign() method above.
Returns:
the AlgorithmIdentifier bytes.