iaik.security.rsa

Class Sha384RSASignature

java.lang.Object

java.security.SignatureSpi

iaik.security.rsa.RSASignature

iaik.security.rsa.Sha384RSASignature

public class Sha384RSASignature
extends RSASignature

This class implements the RSA PKCS#1v1.5 digital signature algorithm (RSASSA-PKCS1-v1_5) using SHA384 as message digest algorithm.

The PKCS#1v1.5 "SHA384 with RSA" signature algorithm is described in PKCS#1.

An application wishing to sign some message or to verify some signature using the "SHA384 with RSA" algorithm, generally has to perform three steps:

• First an instance of the desired signature algorithm has to be created using a proper getInstance method, e.g.

   Signature sha_rsa = Signature.getInstance("SHA384withRSA");
   

• Second, the Signature object just created has to be properly initialized for signing a message respectively verifying a signature using a RSA private respectively RSA public key, e.g.:
  • Initialize for Signing: sha_rsa.initSign(rsaPrivateKey);
  • Initialize for Verifying: sha_rsa.initVerify(rsaPublicKey);

• Finally, if the Signature object has been initialized for signing, the data to be signed is supplied to it and subsequently the signature is created by calling the sign method returning the signature as byte array. Otherwise, if the Signature object has been initialized for verifying, first the data to be verified is supplied to the Signature object, and subsequently the signature is verified by calling the verify method, supplied with the byte array holding the corresponding signature value:
  • Supply the data to be signed, and subsequently sign it:

     sha_rsa.update(data);
     byte[] signature = sha_rsa.sign();
     

  • Supply the data to be verified, and verify the signature:

     sha_rsa.update(data);
     System.out.println("Signature " + (sha_rsa.verify(signature) ? "correct!" : "not correct!"));
     

Version:

File Revision 12

See Also:

SHA384, RSASignature, Signature

Field Summary

Fields

Modifier and Type	Field and Description
protected java.security.MessageDigest	hash The MessageDigest engine used to hash the data; supplied with an instance of the desired MessageDigest algorithm by any extending subclass.

Fields inherited from class java.security.SignatureSpi

appRandom

Constructor Summary

Constructors

Constructor and Description
Sha384RSASignature() Default Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
protected java.lang.Object	engineGetParameter(java.lang.String param) This method is not used and only throws an InvalidParameterException.
protected void	engineInitSign(java.security.PrivateKey pk) SPI: Initializes this Signature object with the given RSA private key for going to sign some data.
protected void	engineInitSign(java.security.PrivateKey pk, java.security.SecureRandom random) SPI: Initializes this Signature object with the given RSA private key for going to sign some data.
protected void	engineInitVerify(java.security.PublicKey pk) SPI: Initializes this Signature object with the given RSA public key for performing a signature verification.
protected void	engineSetParameter(java.security.spec.AlgorithmParameterSpec params) Allows to supply a SecureRandom object if required by the underlying signature scheme (e.g.
protected void	engineSetParameter(java.lang.String param, java.lang.Object value) Allows to supply a SecureRandom object if required by the underlying signature scheme (e.g.
protected void	engineUpdate(byte b) SPI: Updates the data to be signed or verified with the specified byte.
protected void	engineUpdate(byte[] b, int off, int len) SPI: Updates the data to be signed or verified with the specified number of bytes, beginning at the specified offset within the given byte array.

Methods inherited from class iaik.security.rsa.RSASignature

engineSign, engineVerify

Methods inherited from class java.security.SignatureSpi

clone, engineGetParameters, engineSign, engineUpdate, engineVerify

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

hash

protected java.security.MessageDigest hash

The MessageDigest engine used to hash the data; supplied with an instance of the desired MessageDigest algorithm by any extending subclass.

Constructor Detail

Sha384RSASignature

public Sha384RSASignature()

Default Constructor.

Applications do not call this constructor. They shall use one of the getInstance methods of the java.security.Signature class:

 Signature sig = Signature.getInstance("SHA384withRSA");
 

See Also:

Signature.getInstance(java.lang.String)

Method Detail

engineInitVerify

protected void engineInitVerify(java.security.PublicKey pk)
                         throws java.security.InvalidKeyException

SPI: Initializes this Signature object with the given RSA public key for performing a signature verification.

Specified by:

engineInitVerify in class java.security.SignatureSpi

Parameters:

pk - the RSA public key belonging to the RSA private key that has been used for signing.

Throws:

java.security.InvalidKeyException - if a key encoding error occurs

engineInitSign

protected void engineInitSign(java.security.PrivateKey pk)
                       throws java.security.InvalidKeyException

SPI: Initializes this Signature object with the given RSA private key for going to sign some data.

Specified by:

engineInitSign in class java.security.SignatureSpi

Parameters:

pk - the RSA private key to be used for signing.

Throws:

java.security.InvalidKeyException - if a key encoding error occurs

engineInitSign

protected void engineInitSign(java.security.PrivateKey pk,
                  java.security.SecureRandom random)
                       throws java.security.InvalidKeyException

SPI: Initializes this Signature object with the given RSA private key for going to sign some data. The supplied SecureRandom may be used by the signature engine if random numbers are required (e.g. PSS).

If a SecureRandom never has been supplied by the application, the signature engine will use a default SecureRandom, if required.

Overrides:

engineInitSign in class java.security.SignatureSpi

Parameters:

pk - the RSA private key to be used for signing.

random - the SecureRandom if random numbers are required by the signature engine (e.g. PSS)

Throws:

java.security.InvalidKeyException - if a key encoding error occurs

engineUpdate

protected void engineUpdate(byte b)

SPI: Updates the data to be signed or verified with the specified byte.

Specified by:

engineUpdate in class java.security.SignatureSpi

Parameters:

b - the byte to be used for updating.

engineUpdate

protected void engineUpdate(byte[] b,
                int off,
                int len)

SPI: Updates the data to be signed or verified with the specified number of bytes, beginning at the specified offset within the given byte array.

Specified by:

engineUpdate in class java.security.SignatureSpi

Parameters:

b - the byte array holding the data to be used for this update operation.

off - the offset, indicating the start position within the given byte array.

len - the number of bytes to be obtained from the given byte array, starting at the given position.

engineSetParameter

protected void engineSetParameter(java.lang.String param,
                      java.lang.Object value)
                           throws java.security.InvalidParameterException

Allows to supply a SecureRandom object if required by the underlying signature scheme (e.g. PSS). When using JDK versions prior JDK 1.2 method initSign(PrivateKey, SecureRandom) is not available. If required by the underlying signature scheme (e.g. PSS) an application may supply a SecureRandom object as parameter. If a SecureRandom never has been supplied by the application, the signature engine will use a default SecureRandom, if required.

Specified by:

engineSetParameter in class java.security.SignatureSpi

Parameters:

param - ignored

value - the SecureRandom supplied as PKCS1AlgorithmParameterSpec

Throws:

java.security.InvalidParameterException - if the SecureRandom is not supplied as PKCS1AlgorithmParameterSpec

engineSetParameter

protected void engineSetParameter(java.security.spec.AlgorithmParameterSpec params)
                           throws java.security.InvalidAlgorithmParameterException

Allows to supply a SecureRandom object if required by the underlying signature scheme (e.g. PSS). JDK 1.2 (or later) based applications may prefer to use method initSign(PrivateKey, SecureRandom) to supply a SecureRandom object if required. If a SecureRandom never has been supplied by the application, the signature engine will use a default SecureRandom, if required.

Overrides:

engineSetParameter in class java.security.SignatureSpi

Parameters:

params - the SecureRandom supplied as PKCS1AlgorithmParameterSpec

Throws:

java.security.InvalidParameterException - if the SecureRandom is not supplied as PKCS1AlgorithmParameterSpec

java.security.InvalidAlgorithmParameterException

engineGetParameter

protected java.lang.Object engineGetParameter(java.lang.String param)
                                       throws java.security.InvalidParameterException

This method is not used and only throws an InvalidParameterException.

Specified by:

engineGetParameter in class java.security.SignatureSpi

Throws:

java.security.InvalidParameterException - This Method is not supported