All Packages Class Hierarchy This Package Previous Next Index
Class cryptix.provider.elgamal.Any_ElGamal_PKCS1Signature
java.lang.Object
|
+----java.security.Signature
|
+----cryptix.provider.elgamal.Any_ElGamal_PKCS1Signature
- public abstract class Any_ElGamal_PKCS1Signature
- extends Signature
An abstract class to digest a message and sign/verify the resulting
hash value, using any JCA MessageDigest algorithm with the ElGamal
digital signature scheme, and formatting and padding conventions
based on PKCS#1.
References:
- Bruce Schneier,
"Section 19.6 ElGamal,"
Applied Cryptography, 2nd edition,
John Wiley & Sons, 1996.
- PKCS#1
An RSA Laboratories Technical Note
Version 1.5
Revised November 1, 1993
An "RSA Data Security, Inc. Public-Key Cryptography Standard (PKCS)"
$Revision: 1.3 $
- Author:
- David Hopwood
- See Also:
- ElGamalKey, ElGamalCipher, Signature
-
Any_ElGamal_PKCS1Signature(String)
- Constructor for an Any_ElGamal_PKCS1Signature.
-
engineGetParameter(String)
- SPI: Returns an algorithm-specific parameter.
-
engineInitSign(PrivateKey)
- SPI: Initializes the cipher for signing, using the
given private key.
-
engineInitVerify(PublicKey)
- SPI: Initializes the cipher for verification, using the
given public key.
-
engineSetParameter(String, Object)
- SPI: Sets an algorithm-specific parameter.
-
engineSign()
- Terminates the update process and returns the signature bytes of
all the data signed so far.
-
engineUpdate(byte)
- Updates the data to be signed or verified, using one byte.
-
engineUpdate(byte[], int, int)
- Updates the data to be signed or verified, using the specified
sub-array of bytes, starting at the specified offset.
-
engineVerify(byte[])
- Terminates the update process and verifies that the passed signature
equals that of a generated one based on the updated data so far.
-
getAlgorithmEncoding()
- Returns the ASN.1 bytes of the AlgorithmIdentifier token described
in
engineSign()
method above.
Any_ElGamal_PKCS1Signature
protected Any_ElGamal_PKCS1Signature(String mdAlgorithm)
- Constructor for an Any_ElGamal_PKCS1Signature.
- Parameters:
- mdAlgorithm - the standard JCA algorithm name of the message
digest to be used.
engineInitSign
protected void engineInitSign(PrivateKey key) throws InvalidKeyException
- SPI: Initializes the cipher for signing, using the
given private key. The key object must implement
java.security.interfaces.ElGamalPrivateKey.
The input to this algorithm will be padded on the left with random
bits, up to the size of a block, before signing.
- Parameters:
- key - the private key
- Throws: InvalidKeyException
- if !(key instanceof
java.security.interfaces.ElGamalPrivateKey)
- Overrides:
- engineInitSign in class Signature
engineInitVerify
protected void engineInitVerify(PublicKey key) throws InvalidKeyException
- SPI: Initializes the cipher for verification, using the
given public key. The key object must implement
java.security.interfaces.ElGamalPublicKey.
- Parameters:
- key - the public key
- Throws: InvalidKeyException
- if !(key instanceof
java.security.interfaces.ElGamalPublicKey)
- Overrides:
- engineInitVerify in class Signature
engineUpdate
protected void engineUpdate(byte b) throws SignatureException
- Updates the data to be signed or verified, using one byte.
- Parameters:
- b - the byte to use for the update process.
- Throws: SignatureException
- if the engine is not initialised properly.
- Overrides:
- engineUpdate in class Signature
engineUpdate
protected void engineUpdate(byte in[],
int offset,
int length) throws SignatureException
- Updates the data to be signed or verified, using the specified
sub-array of bytes, starting at the specified offset.
- Parameters:
- in - the array of bytes.
- offset - the offset to start from in in.
- length - the number of bytes to use, starting at offset.
- Throws: SignatureException
- if the engine is not initialised properly.
- Overrides:
- engineUpdate in class Signature
engineSign
protected byte[] engineSign() throws SignatureException
- Terminates the update process and returns the signature bytes of
all the data signed so far.
NOTES: Sun's documentation talks about the bytes returned
being X.509-encoded. For this ElGamal/PKCS#1 implementation, they
conform to PKCS#1 section 10. Practically, the return value will
be formed by concatenating a leading NULL byte, a block type
BT, a padding block PS, another NULLbyte, and
finally a data block D;
ie:
return = 0x00 || BT || PS || 0x00 || D.
For signing, PKCS#1 block type 01 encryption-block formatting
scheme is employed. The block type BT is a single byte valued
0x01 and the padding block PS is enough 0xFF bytes to make the
length of the complete Multi Precision Integer equal to the length
of the public modulus. The data block D consists of the MIC --
Message Integrity Check, or message digest value-- and the MIC
algorithm ASN.1 encoded identifier. The formal syntax in ASN.1
notation is:
SEQUENCE {
digestAlgorithm AlgorithmIdentifier,
digest OCTET STRING
}
AlgorithmIdentifier ::= SEQUENCE {
algorithm OBJECT IDENTIFIER,
parameters ANY DEFINED BY algorithm OPTIONAL
}
- Returns:
- the bytes of the signing operation's result.
- Throws: SignatureException
- if the engine is not initialised properly.
- Overrides:
- engineSign in class Signature
engineVerify
protected boolean engineVerify(byte signature[]) throws SignatureException
- Terminates the update process and verifies that the passed signature
equals that of a generated one based on the updated data so far.
NOTES: Sun's documentation talks about the bytes received
being X.509-encoded. For this ElGamal/PKCS#1 implementation, the bytes
received are assumed to conform to PKCS#1 section 10, or have
been generated by a previous invocation of the engineSign
method.
- Parameters:
- signature - the signature bytes to be verified.
- Returns:
- true if the signature was verified successfully, false
otherwise.
- Throws: SignatureException
- if the engine is not initialised
properly, the received signature data is improperly
encoded or of the wrong type, etc.
- Overrides:
- engineVerify in class Signature
engineSetParameter
protected void engineSetParameter(String param,
Object value)
- SPI: Sets an algorithm-specific parameter.
ElGamal has one algorithm-specific parameter called "random", of type
java.util.Random. It specifies the source of random bits used for
generating the k values needed for signing. If this parameter
is not set when initSign
is called, the result of
new SecureRandom()
will be used.
You can set the "random" parameter using the following code:
try {
elgamal.setParameter("random", random_number_generator);
} catch (InvalidParameterException e) { ... }
This is not useful if the Signature object will only be used for
verification.
- Parameters:
- param - the string identifier of the parameter.
- value - the parameter value.
- Throws: InvalidParameterException
- if !(param.equals("random") &&
value instanceof java.util.Random)
- Overrides:
- engineSetParameter in class Signature
engineGetParameter
protected Object engineGetParameter(String param)
- SPI: Returns an algorithm-specific parameter.
ElGamal has one algorithm-specific parameter called "random", as described
above. It is guaranteed to be a subclass
of java.util.Random. Calling this method with a param string
other than "random" will return null.
- Parameters:
- param - the string name of the parameter.
- Returns:
- the object that represents the parameter value, or null if there
is none.
- Overrides:
- engineGetParameter in class Signature
getAlgorithmEncoding
protected abstract byte[] getAlgorithmEncoding()
- Returns the ASN.1 bytes of the AlgorithmIdentifier token described
in
engineSign()
method above.
- Returns:
- the AlgorithmIdentifier bytes.
All Packages Class Hierarchy This Package Previous Next Index