public abstract class PKCS11Signature extends java.security.SignatureSpi implements PKCS11EngineClass
Modifier and Type | Field and Description |
---|---|
protected java.lang.Boolean |
currentKeyIsSoftwareKey_
Indiecates that the currently used key is a software key.
|
protected boolean |
initialized_
Indicates, if this object is initialized and ready for signing or verification.
|
protected int |
operationState_
The state of this object; SIGN or VERIFY.
|
protected boolean |
pkcs11OperationInitialized_
Indicates, if the PKCS#11 signature/verify is already initialized for the next operation round.
|
protected IAIKPKCS11PrivateKey |
privateKey_
The private key to use for signing.
|
protected IAIKPKCS11PublicKey |
publicKey_
The public key to use for verification.
|
protected iaik.pkcs.pkcs11.Session |
session_
The session this object works with.
|
protected static int |
SIGN
Indicates the sign mode.
|
protected java.security.Signature |
softwareDelegate_
The software implementation, if the currently used key is not a PKCS#11 key.
|
protected TokenManager |
tokenManager_
Token manager used to login session, if required.
|
protected iaik.pkcs.pkcs11.MechanismInfo[][] |
usedMechanismInfos_
The mechanism info is the same for all digest mechanisms.
|
protected iaik.pkcs.pkcs11.Mechanism[] |
usedMechanisms_
The list of used mechanisms.
|
protected static int |
VERIFY
Indicates the verify mode.
|
Modifier | Constructor and Description |
---|---|
protected |
PKCS11Signature()
Default constructor.
|
Modifier and Type | Method and Description |
---|---|
protected java.lang.Object |
engineGetParameter(java.lang.String param)
SPI: Gets the value of the specified algorithm parameter.
|
protected void |
engineInitSign(java.security.PrivateKey privateKey)
SPI: Initializes this Signature object with the given RSA private key for going to sign
some data.
|
protected void |
engineInitVerify(java.security.PublicKey publicKey)
SPI: Initializes this Signature object with the given RSA public key for performing a
signature verification.
|
protected void |
engineSetParameter(java.security.spec.AlgorithmParameterSpec parametersSpec)
SPI: Set the parameters for this signature object.
|
protected void |
engineSetParameter(java.lang.String param,
java.lang.Object value)
SPI: Sets the specified algorithm parameter to the specified value.
|
protected byte[] |
engineSign()
SPI: Sign the generated hash.
|
protected void |
engineUpdate(byte dataByte)
SPI: Updates the data to be signed or verified with the specified byte.
|
protected void |
engineUpdate(byte[] data,
int offset,
int length)
SPI: Updates the data to be signed or verified with the specified number of bytes,
beginning at the specified offset within the given byte array.
|
protected boolean |
engineVerify(byte[] signature)
SPI: Verifies the given signature of a message according to PKCS#1.
|
protected void |
finalize()
Tries to close the used session.
|
protected void |
finalizePkcs11Operation()
The internal session finalization method, if the current operation has been finished.
|
protected abstract java.lang.String |
getAlgorithmName()
Get the JCA standard name of this signautre algorithm.
|
protected abstract iaik.pkcs.pkcs11.Mechanism |
getMechanism()
Get the mechanism of this signature object.
|
protected iaik.pkcs.pkcs11.MechanismInfo[][] |
getUsedMechanismFeatures()
Returns an two-dimensional array of MechanismInfos that this engine class uses.
|
protected iaik.pkcs.pkcs11.Mechanism[] |
getUsedMechanisms()
Returns an array of Mechanisms that this engine class uses.
|
protected void |
initializePkcs11Operation()
The internal session initialization method, if all necessary member variables are set.
|
protected void |
initializeSession()
Sets up an appropriate session.
|
protected void |
initializeSoftwareDelegate()
Instantiate a new software cipher to delegate software keys operations.
|
boolean |
isSupportedBy(TokenManager tokenManager)
Check, if the current token of the given token manager supports the required features for this
engine class.
|
protected java.lang.Object |
pkcs11GetParameter(java.lang.String param)
This method is not implemented and only throws an UnsupportedOperationException
|
protected void |
pkcs11InitSign(java.security.PrivateKey privateKey)
Initializes this Signature object with the given RSA private key for going to sign some data.
|
protected void |
pkcs11InitVerify(java.security.PublicKey publicKey)
Initializes this Signature object with the given RSA public key for performing a signature
verification.
|
protected void |
pkcs11SetParameter(java.security.spec.AlgorithmParameterSpec parametersSpec)
SPI: Set the parameters for this signature object.
|
protected void |
pkcs11SetParameter(java.lang.String param,
java.lang.Object value)
This method is not implemented and only throws an UnsupportedOperationException
|
protected byte[] |
pkcs11Sign()
Sign the generated hash.
|
protected void |
pkcs11Update(byte dataByte)
Updates the data to be signed or verified with the specified byte.
|
protected void |
pkcs11Update(byte[] data,
int offset,
int length)
Updates the data to be signed or verified with the specified number of bytes, beginning at the
specified offset within the given byte array.
|
protected boolean |
pkcs11Verify(byte[] signature)
Verifies the given signature of a message according to PKCS#1.
|
protected static final int SIGN
protected static final int VERIFY
protected iaik.pkcs.pkcs11.Session session_
protected TokenManager tokenManager_
protected IAIKPKCS11PublicKey publicKey_
protected IAIKPKCS11PrivateKey privateKey_
protected int operationState_
protected boolean initialized_
protected boolean pkcs11OperationInitialized_
protected java.lang.Boolean currentKeyIsSoftwareKey_
protected java.security.Signature softwareDelegate_
protected iaik.pkcs.pkcs11.Mechanism[] usedMechanisms_
protected iaik.pkcs.pkcs11.MechanismInfo[][] usedMechanismInfos_
protected iaik.pkcs.pkcs11.Mechanism[] getUsedMechanisms()
getRequiredMechanismFeatures()
method.getUsedMechanismFeatures()
. May be empty, but must not be null.protected iaik.pkcs.pkcs11.MechanismInfo[][] getUsedMechanismFeatures()
getUsedMechanisms()
. The array at this index is the list of used feature
combinations used by this engine. The current token must at least support one mechanism and one
of the feature combinations (expressed as a MechanismInfo) of the same machanism.getUsedMechanisms()
. The token must at
least supprot one of these features.public boolean isSupportedBy(TokenManager tokenManager)
isSupportedBy
in interface PKCS11EngineClass
tokenManager
- The token manager. Used to get information about the current token.protected abstract iaik.pkcs.pkcs11.Mechanism getMechanism()
protected void initializeSoftwareDelegate()
protected abstract java.lang.String getAlgorithmName()
protected void engineInitVerify(java.security.PublicKey publicKey) throws java.security.InvalidKeyException
pkcs11
instead of engine
.engineInitVerify
in class java.security.SignatureSpi
publicKey
- The RSA public key belonging to the RSA private key that has been used for signing.java.security.InvalidKeyException
- If a key encoding error occurs.protected void pkcs11InitVerify(java.security.PublicKey publicKey) throws java.security.InvalidKeyException
publicKey
- The RSA public key belonging to the RSA private key that has been used for signing.java.security.InvalidKeyException
- If a key encoding error occurs.protected void engineInitSign(java.security.PrivateKey privateKey) throws java.security.InvalidKeyException
pkcs11
instead of engine
.engineInitSign
in class java.security.SignatureSpi
privateKey
- The RSA private key to be used for signing.java.security.InvalidKeyException
- If a key encoding error occurs.protected void initializeSession()
protected void initializePkcs11Operation() throws java.security.InvalidKeyException
java.security.InvalidKeyException
- If the key is invalid for this operation.protected void finalizePkcs11Operation()
protected void pkcs11InitSign(java.security.PrivateKey privateKey) throws java.security.InvalidKeyException
privateKey
- The RSA private key to be used for signing.java.security.InvalidKeyException
- If a key encoding error occurs.protected void engineUpdate(byte dataByte) throws java.security.SignatureException
pkcs11
instead of engine
.engineUpdate
in class java.security.SignatureSpi
dataByte
- The byte to be used for updating.java.security.SignatureException
- If updating the signature fails.protected void pkcs11Update(byte dataByte) throws java.security.SignatureException
dataByte
- The byte to be used for updating.java.security.SignatureException
- If updating the signature fails.protected void engineUpdate(byte[] data, int offset, int length) throws java.security.SignatureException
pkcs11
instead of engine
.engineUpdate
in class java.security.SignatureSpi
data
- The byte array holding the data to be used for this update operation.offset
- The offset, indicating the start position within the given byte array.length
- The number of bytes to be obtained from the given byte array, starting at the given
position.java.security.SignatureException
- If updating the signature failsprotected void pkcs11Update(byte[] data, int offset, int length) throws java.security.SignatureException
data
- The byte array holding the data to be used for this update operation.offset
- The offset, indicating the start position within the given byte array.length
- The number of bytes to be obtained from the given byte array, starting at the given
position.java.security.SignatureException
- If updating the signature failsprotected byte[] engineSign() throws java.security.SignatureException
pkcs11
instead
of engine
.engineSign
in class java.security.SignatureSpi
java.security.SignatureException
- If an error occurs when creating the signature.protected byte[] pkcs11Sign() throws java.security.SignatureException
java.security.SignatureException
- If an error occurs when creating the signature.protected boolean engineVerify(byte[] signature) throws java.security.SignatureException
pkcs11
instead of engine
.engineVerify
in class java.security.SignatureSpi
signature
- The signature bytes to be verified.true
if signature is OK, false
otherwise.java.security.SignatureException
- If an error occurs when verifying the signature.protected boolean pkcs11Verify(byte[] signature) throws java.security.SignatureException
signature
- The signature bytes to be verified.true
if signature is OK, false
otherwise.java.security.SignatureException
- If an error occurs when verifying the signature.protected void engineSetParameter(java.security.spec.AlgorithmParameterSpec parametersSpec) throws java.security.InvalidAlgorithmParameterException
engineSetParameter
in class java.security.SignatureSpi
parametersSpec
- The KCS11SignatureParameterSpec that contains the PKCS#11 parameters.java.security.InvalidAlgorithmParameterException
- If the .protected void pkcs11SetParameter(java.security.spec.AlgorithmParameterSpec parametersSpec) throws java.security.InvalidAlgorithmParameterException
parametersSpec
- The KCS11SignatureParameterSpec that contains the PKCS#11 parameters.java.security.InvalidAlgorithmParameterException
- If the .protected void engineSetParameter(java.lang.String param, java.lang.Object value) throws java.security.InvalidParameterException
engineSetParameter
in class java.security.SignatureSpi
param
- The string identifier of the parameter.value
- The parameter value.java.security.InvalidParameterException
- if param is an invalid parameter for this signature algorithm engine, the
parameter is already set and cannot be set again, a security exception occurs, and
so on.java.lang.UnsupportedOperationException
- If this Method is unsupported.protected void pkcs11SetParameter(java.lang.String param, java.lang.Object value) throws java.security.InvalidParameterException
param
- .value
- .java.security.InvalidParameterException
- This Method is not supported.java.lang.UnsupportedOperationException
- This Method is not supported.protected java.lang.Object engineGetParameter(java.lang.String param) throws java.security.InvalidParameterException
engineGetParameter
in class java.security.SignatureSpi
param
- The string name of the parameter.null
, if there is no such parameter.java.security.InvalidParameterException
- This Method is not supported.java.lang.UnsupportedOperationException
- If this Method is unsupported.protected java.lang.Object pkcs11GetParameter(java.lang.String param) throws java.security.InvalidParameterException
param
- The name of the parameter.null
if ther is no such parameter.java.security.InvalidParameterException
- This Method is not supported.java.lang.UnsupportedOperationException
- This Method is not supported.protected void finalize() throws java.lang.Throwable
finalize
in class java.lang.Object
java.lang.Throwable
- If disposing the session fails.IAIK JavaSecurity Website https://jce.iaik.tugraz.at/
IAIK at Graz University of Technology, Austria, Europe
Copyright 2001-2023 IAIK, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria. All Rights Reserved. Version 1.9.4