Methods Summary |
---|
public java.lang.Object | clone()
if (this instanceof Cloneable) {
return super.clone();
} else {
throw new CloneNotSupportedException();
}
|
public final java.lang.String | getAlgorithm()Returns the name of the algorithm of this {@code Signature}.
return algorithm;
|
public static java.security.Signature | getInstance(java.lang.String algorithm)Returns a new instance of {@code Signature} that utilizes the specified
algorithm.
if (algorithm == null) {
throw new NullPointerException(Messages.getString("security.01")); //$NON-NLS-1$
}
Signature result;
synchronized (engine) {
engine.getInstance(algorithm, null);
if (engine.spi instanceof Signature) {
result = (Signature) engine.spi;
result.algorithm = algorithm;
result.provider = engine.provider;
} else {
result = new SignatureImpl((SignatureSpi) engine.spi,
engine.provider, algorithm);
}
}
return result;
|
public static java.security.Signature | getInstance(java.lang.String algorithm, java.lang.String provider)Returns a new instance of {@code Signature} that utilizes the specified
algorithm from the specified provider.
if (algorithm == null) {
throw new NullPointerException(Messages.getString("security.01")); //$NON-NLS-1$
}
if ((provider == null) || (provider.length() == 0)) {
throw new IllegalArgumentException(
Messages.getString("security.02")); //$NON-NLS-1$
}
Provider p = Security.getProvider(provider);
if (p == null) {
throw new NoSuchProviderException(Messages.getString("security.03", provider)); //$NON-NLS-1$
}
return getSignatureInstance(algorithm, p);
|
public static java.security.Signature | getInstance(java.lang.String algorithm, java.security.Provider provider)Returns a new instance of {@code Signature} that utilizes the specified
algorithm from the specified provider.
if (algorithm == null) {
throw new NullPointerException(Messages.getString("security.01")); //$NON-NLS-1$
}
if (provider == null) {
throw new IllegalArgumentException(Messages.getString("security.04")); //$NON-NLS-1$
}
return getSignatureInstance(algorithm, provider);
|
public final java.lang.Object | getParameter(java.lang.String param)Returns the value of the parameter with the specified name.
return engineGetParameter(param);
|
public final java.security.AlgorithmParameters | getParameters()Returns the {@code AlgorithmParameters} of this {@link Signature}
instance.
return engineGetParameters();
|
public final java.security.Provider | getProvider()Returns the provider associated with this {@code Signature}.
return provider;
|
private static java.security.Signature | getSignatureInstance(java.lang.String algorithm, java.security.Provider provider)
Signature result;
synchronized (engine) {
engine.getInstance(algorithm, provider, null);
if (engine.spi instanceof Signature) {
result = (Signature) engine.spi;
result.algorithm = algorithm;
result.provider = provider;
} else {
result = new SignatureImpl((SignatureSpi) engine.spi, provider,
algorithm);
}
}
return result;
|
public final void | initSign(java.security.PrivateKey privateKey)Initializes this {@code Signature} instance for signing, using the
private key of the identity whose signature is going to be generated.
engineInitSign(privateKey);
state = SIGN;
|
public final void | initSign(java.security.PrivateKey privateKey, java.security.SecureRandom random)Initializes this {@code Signature} instance for signing, using the
private key of the identity whose signature is going to be generated and
the specified source of randomness.
engineInitSign(privateKey, random);
state = SIGN;
|
public final void | initVerify(java.security.PublicKey publicKey)Initializes this {@code Signature} instance for signature verification,
using the public key of the identity whose signature is going to be
verified.
engineInitVerify(publicKey);
state = VERIFY;
|
public final void | initVerify(java.security.cert.Certificate certificate)Initializes this {@code Signature} instance for signature verification,
using the certificate of the identity whose signature is going to be
verified.
If the given certificate is an instance of {@link X509Certificate} and
has a key usage parameter that indicates, that this certificate is not to
be used for signing, an {@code InvalidKeyException} is thrown.
if (certificate instanceof X509Certificate) {
Set ce = ((X509Certificate) certificate).getCriticalExtensionOIDs();
boolean critical = false;
if (ce != null && !ce.isEmpty()) {
for (Iterator i = ce.iterator(); i.hasNext();) {
if ("2.5.29.15".equals(i.next())) { //$NON-NLS-1$
//KeyUsage OID = 2.5.29.15
critical = true;
break;
}
}
if (critical) {
boolean[] keyUsage = ((X509Certificate) certificate)
.getKeyUsage();
// As specified in RFC 3280 -
// Internet X.509 Public Key Infrastructure
// Certificate and Certificate Revocation List (CRL) Profile.
// (http://www.ietf.org/rfc/rfc3280.txt)
//
// KeyUsage ::= BIT STRING { digitalSignature (0), <skipped> }
if ((keyUsage != null) && (!keyUsage[0])) { // digitalSignature
throw new InvalidKeyException(
Messages.getString("security.26")); //$NON-NLS-1$
}
}
}
}
engineInitVerify(certificate.getPublicKey());
state = VERIFY;
|
public final void | setParameter(java.lang.String param, java.lang.Object value)Sets the specified parameter to the given value.
engineSetParameter(param, value);
|
public final void | setParameter(java.security.spec.AlgorithmParameterSpec params)Sets the specified {@code AlgorithmParameterSpec}.
engineSetParameter(params);
|
public final byte[] | sign()Generates and returns the signature of all updated data.
This {@code Signature} instance is reset to the state of its last
initialization for signing and thus can be used for another signature
from the same identity.
if (state != SIGN) {
throw new SignatureException(
Messages.getString("security.27")); //$NON-NLS-1$
}
return engineSign();
|
public final int | sign(byte[] outbuf, int offset, int len)Generates and stores the signature of all updated data in the provided
{@code byte[]} at the specified position with the specified length.
This {@code Signature} instance is reset to the state of its last
initialization for signing and thus can be used for another signature
from the same identity.
if (outbuf == null || offset < 0 || len < 0 ||
offset + len > outbuf.length) {
throw new IllegalArgumentException(
Messages.getString("security.05")); //$NON-NLS-1$
}
if (state != SIGN) {
throw new SignatureException(
Messages.getString("security.27")); //$NON-NLS-1$
}
return engineSign(outbuf, offset, len);
|
private java.lang.String | stateToString(int state)
switch (state) {
case UNINITIALIZED:
return "UNINITIALIZED"; //$NON-NLS-1$
case SIGN:
return "SIGN"; //$NON-NLS-1$
case VERIFY:
return "VERIFY"; //$NON-NLS-1$
default:
return ""; //$NON-NLS-1$
}
|
public java.lang.String | toString()Returns a string containing a concise, human-readable description of this
{@code Signature} including its algorithm and its state.
return "SIGNATURE " + algorithm + " state: " + stateToString(state); //$NON-NLS-1$ //$NON-NLS-2$
|
public final void | update(byte b)Updates the data to be verified or to be signed, using the specified
{@code byte}.
if (state == UNINITIALIZED) {
throw new SignatureException(
Messages.getString("security.27")); //$NON-NLS-1$
}
engineUpdate(b);
|
public final void | update(byte[] data)Updates the data to be verified or to be signed, using the specified
{@code byte[]}.
if (state == UNINITIALIZED) {
throw new SignatureException(
Messages.getString("security.27")); //$NON-NLS-1$
}
engineUpdate(data, 0, data.length);
|
public final void | update(byte[] data, int off, int len)Updates the data to be verified or to be signed, using the given {@code
byte[]}, starting form the specified index for the specified length.
if (state == UNINITIALIZED) {
throw new SignatureException(
Messages.getString("security.27")); //$NON-NLS-1$
}
if (data == null || off < 0 || len < 0 ||
off + len > data.length) {
throw new IllegalArgumentException(
Messages.getString("security.05")); //$NON-NLS-1$
}
engineUpdate(data, off, len);
|
public final void | update(java.nio.ByteBuffer data)Updates the data to be verified or to be signed, using the specified
{@code ByteBuffer}.
if (state == UNINITIALIZED) {
throw new SignatureException(
Messages.getString("security.27")); //$NON-NLS-1$
}
engineUpdate(data);
|
public final boolean | verify(byte[] signature)Indicates whether the given {@code signature} can be verified using the
public key or a certificate of the signer.
This {@code Signature} instance is reset to the state of its last
initialization for verifying and thus can be used to verify another
signature of the same signer.
if (state != VERIFY) {
throw new SignatureException(
Messages.getString("security.27")); //$NON-NLS-1$
}
return engineVerify(signature);
|
public final boolean | verify(byte[] signature, int offset, int length)Indicates whether the given {@code signature} starting at index {@code
offset} with {@code length} bytes can be verified using the public key or
a certificate of the signer.
This {@code Signature} instance is reset to the state of its last
initialization for verifying and thus can be used to verify another
signature of the same signer.
if (state != VERIFY) {
throw new SignatureException(
Messages.getString("security.27")); //$NON-NLS-1$
}
if (signature == null || offset < 0 || length < 0 ||
offset + length > signature.length) {
throw new IllegalArgumentException(
Messages.getString("security.05")); //$NON-NLS-1$
}
return engineVerify(signature, offset, length);
|