|
6.2 (c) 2002 IAIK, (c) 2003 - 2025 SIC |
|
public class RIPEMD128withRSAISO9796P2Signature extends RSAISO9796P2Signature
ISO 9796 (2002) Part 2 ("Digital Signature schemes giving message
recovery, Part 2: Integer factorization based mechanisms") specifies
three digital signature schemes S1,
S2 and
S3. S1 and S3 are deterministic,
S2 is randomized by a random salt value. ISO 9796-2 recommends to use the randomized
scheme (S2) where possible; and to prefer S3 to S1, which only shall be used if
backwards compatibility to the 1997 version of the ISO 9796-2 standard is required.
This class implements the S1 scheme for the RSA public key system with RIPEMD-128
as hash algorithm. See RIPEMD128withRSAISO9796P2S2S3andMGF1Signature for the corresponding implementation of
signature schemes S2 and S3.
The table below shows the default configuration for this RSA based
ISO 9796-2 Signature engine. For each option, the column "changeable"
tells you if you can change the corresponding setting with an alternative value,
supplied as ISO9796P2ParameterSpec.
Value |
Changeable |
|
Hash Algorithm |
RIPEMD-128 |
no |
Hash ID
| 0x32 |
no |
Hash Engine |
iaik.security.md.RipeMd128 |
yes
(but must be a MessageDigest engine for the RIPEMD-128 algorithm) |
Explicit Trailer Field |
false |
|
Alternative Signature Function |
true |
|
SecureRandom |
iaik.security.random.RipeMd128Random |
When creating a RSA-ISO9796-2 Signature engine for signature scheme S2 with RIPEMD-128
as hash algorithm, you have to specify "RIPEMD128/RSA-ISO9796-2" as algorithm name (the
"2" in the name indicates the "Part 2" version of the ISO 9796 Signature standard).
Subsequently init the Signature engine with the private signing or public verification
RSA key and then specify the data to be signed/verified through one or -- if required --
more calls of method update. Finally create or verify the signature value
by calling method sign or verify, respectively, e.g.
(see also demo source of class demo.TestSignature):
// create Signature engine
Signature signatureEngine = Signature.getInstance("RIPEMD128/RSA-ISO9796-2");
// the private signing key
PrivateKey privateKey = ...;
signatureEngine.initSign(privateKey);
// supply data to be signed by one or more update calls
signatureEngine.update(...);
...
// create signature
byte[] signature = signatureEngine.sign();
And on the verification side:
// create Signature engine
Signature signatureEngine = Signature.getInstance("RIPEMD128/RSA-ISO9796-2");
// the public verification key
PublicKey publicKey = ...;
signatureEngine.initVerify(publicKey);
// supply data to be verified by one or more update calls
signatureEngine.update(...);
...
// verify signature
boolean ok = signatureEngine.verify(signature);
Since ISO 9796-2 represents a signature algorithm giving message recovery,
you may get the recovered part
of the message after having verified the signature, e.g.:
// get the recovered message: AlgorithmParameters recoveredMessage = (AlgorithmParameters)signatureEngine.getParameters(); byte[] rm = recoveredMessage.getEncoded();The recovered message will be equal to the original message if total recovery has been applied. In this case it is possible to verify the signature without calling method
update of the
Signature engine at all (see Javadoc of RecoveredMessage for more information).
This Signature engine also can operate in "raw" mode where the
hash value is calulated outside the engine and specified when
calling method update. However, when running this
engine in raw mode, you have to specify the total message length
and the recoverable part of the message as RawISO9796P2ParameterSpec.
Signature,
ISO9796P2Signature,
ISO9796P2ParameterSpec,
RawISO9796P2ParameterSpec,
RecoveredMessage,
RSAISO9796P2Signature,
SHAwithRSAISO9796P2Signature,
SHA256withRSAISO9796P2Signature,
SHA384withRSAISO9796P2Signature,
SHA512withRSAISO9796P2Signature,
RIPEMD160withRSAISO9796P2Signature,
RSAISO9796P2S2S3Signature| Modifier and Type | Field and Description |
|---|---|
static byte |
HASH_ID
ID for RIPEMD128 hash algorithm; implicitly specified in trailer field.
|
hashEngine_, secureRandom_| Constructor and Description |
|---|
RIPEMD128withRSAISO9796P2Signature()
Default Constructor.
|
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
checkHashEngineName(java.lang.String hashAlgName)
Checks whether the given hash algorithm name is suitable for
this Signature engine.
|
protected java.security.SecureRandom |
getSecureRandom()
Gets the SecureRandom used by this Signature engine.
|
engineInitSign, engineInitSign, engineInitVerify, openSignature, produceSignaturecalculateCapacity, engineGetParameter, engineGetParameters, engineSetParameter, engineSetParameter, engineSign, engineUpdate, engineUpdate, engineVerify, registerHashEngine, reset, setSecureRandompublic static final byte HASH_ID
public RIPEMD128withRSAISO9796P2Signature()
Applications do not call this constructor. They shall use one of the
getInstance methods of the java.security.Signature
class for instantiating a RIPEMD128/RSA-ISO9796-2 Signature object:
Signature signatureEngine = Signature.getInstance("RIPEMD128/RSA-ISO9796-2", "IAIK");
Signature.getInstance(java.lang.String)protected boolean checkHashEngineName(java.lang.String hashAlgName)
checkHashEngineName in class ISO9796P2SignaturehashAlgName - the name of hash algorithm of the MessageDigest
engine that has been supplied as parameter to
this Signature enginetrue if the given hashAlgName is "RIPEMD128"
or "RIPEMD-128" (case insensitive), false otherwiseprotected java.security.SecureRandom getSecureRandom()
getSecureRandom in class ISO9796P2Signature