Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

iaik.pkcs.pkcs1
Class RSAPssParameterSpec

java.lang.Object
  |
  +--iaik.pkcs.pkcs1.PKCS1AlgorithmParameterSpec
        |
        +--iaik.pkcs.pkcs1.RSAPssSaltParameterSpec
              |
              +--iaik.pkcs.pkcs1.RSAPssParameterSpec
All Implemented Interfaces:
AlgorithmParameterSpec, Cloneable
public class RSAPssParameterSpec
extends RSAPssSaltParameterSpec
implements Cloneable

Algorithm parameter specification for the PKCS#1 RSASSA-PSS signature scheme.

PKCS#1v2.1 defines the following parameters for the PSS signature scheme: 

 RSASSA-PSS-params :: = SEQUENCE {
      hashAlgorithm            [0] HashAlgorithm     DEFAULT sha1,
      maskGenerationAlgorithm  [1] MaskGenAlgorithm  DEFAULT mgf1SHA1,
      saltLength               [2] INTEGER           DEFAULT 20,
      trailerField             [3] TrailerField      DEFAULT trailerFieldBC
 }

 HashAlgorithm ::= AlgorithmIdentifer { {OAEP-PSSDigestAlgorithms} }

 MaskGenAlgorithm ::= AlgorithmIdentifier { {PKCS1MGFAlgorithms} }

 TrailerField ::= INTEGER { trailerFieldBC(1) }
By default PSS uses SHA-1 as hash function, MGF1 (with SHA-1 as hash function parameter) as mask generation algorithm, 20 as salt length, and 1 as trailer field indicating a trailer value of 0xBC.

Hash algorithm, mask generation function, and salt length value have to be supplied when creating a creating a RSAPssParameterSpec object. Trailer field, may be set later. Optionally also hash engine and MGF engine may be set by the application, e.g.: 

 // hash and mgf algorithm ids
 AlgorithmID hashID = (AlgorithmID)AlgorithmID.sha1.clone();
 AlgorithmID mgfID = (AlgorithmID)AlgorithmID.mgf1.clone();
 mgfID.setParameter(hashID.toASN1Object());
 // hash and mgf engines
 MessageDigest hashEngine = hashID.getMessageDigestInstance();
 MaskGenerationAlgorithm mgfEngine = mfgID.getMaskGenerationAlgorithmInstance();
 MGF1ParameterSpec mgf1ParamSpec = new MGF1ParameterSpec(hashID);
 mgf1ParamSpec.setHashEngine(hashEngine);
 mgfEngine.setParameters(mgf1ParamSpec);
 // salt length
 int saltLength = 20;
 // create the RSAPssParameterSpec
 RSAPssParameterSpec pssParamSpec = new RSAPssParameterSpec(hashID, mgfID, saltLength);
 // set engines
 pssParamSpec.setHashEngine(hashEngine);
 pssParamSpec.setMGFEngine(mgfEngine);

Version:
File Revision 16
See Also:
RSAPssParameters, MaskGenerationAlgorithm, MGF1, MGF1ParameterSpec, AlgorithmID, RSAPssSignature

Field Summary
static AlgorithmID DEFAULT_HASH_ALGORITHM
          Default hash algorithm (SHA-1).
static AlgorithmID DEFAULT_MASK_GEN_ALGORITHM
          Default mask generation algorithm (MGF1 with SHA1 as hash algorithm)
static int DEFAULT_TRAILER_FIELD
          Default trailer field number (1 indicating a trailer field byte of 0xBC).
 
Fields inherited from class iaik.pkcs.pkcs1.RSAPssSaltParameterSpec
DEFAULT_SALT_LENGTH, saltLength_
 
Constructor Summary
RSAPssParameterSpec()
          Creates default RSASSA-PSS parameters.
RSAPssParameterSpec(AlgorithmID hashAlgorithm, AlgorithmID maskGenAlgorithm, int saltLength)
          Creates a RSAPssParameterSpec for the given hash algorithm, mask generation function, salt length.
 
Method Summary
 Object clone()
          Returns a clone of this Object.
 AlgorithmID getHashAlgorithm()
          Returns the hash algorihtm.
 MessageDigest getHashEngine()
          Gets the JCA MessageDigest engine used for data hashing.
 AlgorithmID getMaskGenAlgorithm()
          Gets the mask generation algorithm.
 MaskGenerationAlgorithm getMGFEngine()
          Gets the MaskGenerationAlgorithm engine.
 int getTrailerField()
          Gets the trailer field.
 void setHashEngine(MessageDigest hashEngine)
          Sets the JCA MessageDigest engine to be used for data hashing.
 void setMGFEngine(MaskGenerationAlgorithm mgfEngine)
          Sets the MaskGenerationAlgorithm engine to be used.
 void setTrailerField(int trailerField)
          Sets the trailer field.
 String toString()
          Returns a string representation of this RSAPssParameterSpec.
 
Methods inherited from class iaik.pkcs.pkcs1.RSAPssSaltParameterSpec
getSaltLength
 
Methods inherited from class iaik.pkcs.pkcs1.PKCS1AlgorithmParameterSpec
getSecureRandom, setSecureRandom
 
Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

DEFAULT_HASH_ALGORITHM

public static final AlgorithmID DEFAULT_HASH_ALGORITHM
Default hash algorithm (SHA-1).

DEFAULT_MASK_GEN_ALGORITHM

public static final AlgorithmID DEFAULT_MASK_GEN_ALGORITHM
Default mask generation algorithm (MGF1 with SHA1 as hash algorithm)

DEFAULT_TRAILER_FIELD

public static final int DEFAULT_TRAILER_FIELD
Default trailer field number (1 indicating a trailer field byte of 0xBC).
Constructor Detail

RSAPssParameterSpec

public RSAPssParameterSpec()
Creates default RSASSA-PSS parameters.

By default PSS uses SHA-1 as hash function, MGF1 (with SHA-1 as hash function parameter) as mask generation algorithm, 20 as salt length, and 1 as trailer field indicating a trailer value of 0xBC, see (see PKCS#1v2.1: 

 rsaSSA-PSS-Default-Identifier    RSASSA-AlgorithmIdentifier ::= {
   algorithm   id-RSASSA-PSS,
   parameters  RSASSA-PSS-params : {
      hashAlgorithm            sha1,
      maskGenerationAlgorithm  mgf1SHA1,
      saltLength               20,
      trailerField             trailerFieldBC
   }
 }

 TrailerField ::= INTEGER { trailerFieldBC(1) }

RSAPssParameterSpec

public RSAPssParameterSpec(AlgorithmID hashAlgorithm,
                           AlgorithmID maskGenAlgorithm,
                           int saltLength)
Creates a RSAPssParameterSpec for the given hash algorithm, mask generation function, salt length.
Parameters:
hashAlgorithm - the hash algorithm to be used
Throws:
IllegalArgumentException - if saltLength < 0, or hashAlgorithm or maskGenAlgorithm are null
Method Detail

setTrailerField

public void setTrailerField(int trailerField)
Sets the trailer field.
Parameters:
trailerField - the trailer field number as used for the parameter encoding

getTrailerField

public int getTrailerField()
Gets the trailer field.
Returns:
the trailer field (as used for the parameter encoding)

getHashAlgorithm

public AlgorithmID getHashAlgorithm()
Returns the hash algorihtm.
Returns:
the hash algorithm

getMaskGenAlgorithm

public AlgorithmID getMaskGenAlgorithm()
Gets the mask generation algorithm.
Returns:
the mask generation algorithm

setHashEngine

public void setHashEngine(MessageDigest hashEngine)
Sets the JCA MessageDigest engine to be used for data hashing.

This method may be used to set a JCA MessageDigest engine to be used for doing the any required hashing operations. If not set by this method, getHashEngine will try to create a MessageDigest engine from the hash algorithm id.

Parameters:
hashEngine - the JCA MessageDigest engine to be used

getHashEngine

public MessageDigest getHashEngine()
                            throws NoSuchAlgorithmException
Gets the JCA MessageDigest engine used for data hashing.

If method setHashEngine has been used to set a MessageDigest engine, this engine is returned; otherwise it is tried to create a MessageDigest engine from the hash algorithm id.

Returns:
the MessageDigest engine to be used

setMGFEngine

public void setMGFEngine(MaskGenerationAlgorithm mgfEngine)
Sets the MaskGenerationAlgorithm engine to be used.

This method may be used to set a MaskGenerationAlgorithm engine. If not set by this method, getMGFEngine will try to create a MaskGenerationAlgorithm engine from the mask generation algorithm id.

Parameters:
mgfEngine - the MaskGenerationAlgorithm engine to be used

getMGFEngine

public MaskGenerationAlgorithm getMGFEngine()
                                     throws NoSuchAlgorithmException
Gets the MaskGenerationAlgorithm engine.

If method setMGFEngine has been used to set a MGF engine, this engine is returned; otherwise it is tried to create a MGF engine from the Mask generation algorithm id.

Returns:
the MGF engine to be used

clone

public Object clone()
Returns a clone of this Object.
Overrides:
clone in class Object
Returns:
a clone of this Object

toString

public String toString()
Returns a string representation of this RSAPssParameterSpec.
Overrides:
toString in class RSAPssSaltParameterSpec
Returns:
a string representation
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK