001: /*
002: *
003: *
004: * Copyright 1990-2007 Sun Microsystems, Inc. All Rights Reserved.
005: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
006: *
007: * This program is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU General Public License version
009: * 2 only, as published by the Free Software Foundation.
010: *
011: * This program is distributed in the hope that it will be useful, but
012: * WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * General Public License version 2 for more details (a copy is
015: * included at /legal/license.txt).
016: *
017: * You should have received a copy of the GNU General Public License
018: * version 2 along with this work; if not, write to the Free Software
019: * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA
021: *
022: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
023: * Clara, CA 95054 or visit www.sun.com if you need additional
024: * information or have any questions.
025: */
026:
027: package java.security;
028:
029: import com.sun.satsa.crypto.RSAPublicKey;
030:
031: /**
032: * This <code>Signature</code> class is used to provide applications
033: * the functionality
034: * of a digital signature algorithm. Digital signatures are used for
035: * authentication and integrity assurance of digital data.
036: *
037: * <p> The signature algorithm can be, among others, the NIST standard
038: * DSA, using DSA and SHA-1. The DSA algorithm using the
039: * SHA-1 message digest algorithm can be specified as <tt>SHA1withDSA</tt>.
040: * In the case of RSA, there are multiple choices for the message digest
041: * algorithm, so the signing algorithm could be specified as, for example,
042: * <tt>MD2withRSA</tt>, <tt>MD5withRSA</tt>, or <tt>SHA1withRSA</tt>.
043: * The algorithm name must be specified, as there is no default.
044: *
045: * When an algorithm name is specified, the system will
046: * determine if there is an implementation of the algorithm requested
047: * available in the environment, and if there is more than one, if
048: * there is a preferred one.<p>
049: *
050: * <p>A <code>Signature</code> object can be used to generate and
051: * verify digital signatures.
052: *
053: * <p>There are three phases to the use of a <code>Signature</code>
054: * object for verifying a signature:<ol>
055: *
056: * <li>Initialization, with a public key, which initializes the
057: * signature for verification
058: * </li>
059: *
060: * <li>Updating
061: *
062: * <p>Depending on the type of initialization, this will update the
063: * bytes to be verified. </li>
064: * <li> Verifying a signature on all updated bytes. </li>
065: *
066: * </ol>
067: *
068: *
069: * @version 1.91, 01/23/03
070: */
071:
072: public abstract class Signature {
073:
074: /**
075: * Signature implementation.
076: */
077: com.sun.midp.crypto.Signature sign;
078:
079: /**
080: * Creates a <code>Signature</code> object for the specified algorithm.
081: *
082: * @param algorithm the standard string name of the algorithm.
083: * See Appendix A in the
084: * Java Cryptography Architecture API Specification & Reference
085: * for information about standard algorithm names.
086: */
087: Signature(String algorithm) {
088: }
089:
090: /**
091: * Generates a <code>Signature</code> object that implements
092: * the specified digest
093: * algorithm.
094: *
095: * @param algorithm the standard name of the algorithm requested.
096: * See Appendix A in the
097: * Java Cryptography Architecture API Specification & Reference
098: * for information about standard algorithm names.
099: *
100: * @return the new <code>Signature</code> object.
101: *
102: * @exception NoSuchAlgorithmException if the algorithm is
103: * not available in the environment.
104: */
105: public static Signature getInstance(String algorithm)
106: throws NoSuchAlgorithmException {
107: try {
108: return new SignatureImpl(algorithm,
109: com.sun.midp.crypto.Signature
110: .getInstance(algorithm));
111: } catch (com.sun.midp.crypto.NoSuchAlgorithmException e) {
112: throw new NoSuchAlgorithmException(e.getMessage());
113: }
114: }
115:
116: /**
117: * Initializes this object for verification. If this method is called
118: * again with a different argument, it negates the effect
119: * of this call.
120: *
121: * @param publicKey the public key of the identity whose signature is
122: * going to be verified.
123: *
124: * @exception InvalidKeyException if the key is invalid.
125: */
126: public final void initVerify(PublicKey publicKey)
127: throws InvalidKeyException {
128: if (!(publicKey instanceof RSAPublicKey)) {
129: throw new InvalidKeyException();
130: }
131:
132: try {
133: sign.initVerify(((RSAPublicKey) publicKey).getKey());
134: } catch (com.sun.midp.crypto.InvalidKeyException e) {
135: throw new InvalidKeyException(e.getMessage());
136: }
137: }
138:
139: /**
140: * Verifies the passed-in signature.
141: *
142: * <p>A call to this method resets this signature object to the state
143: * it was in when previously initialized for verification via a
144: * call to <code>initVerify(PublicKey)</code>. That is, the object is
145: * reset and available to verify another signature from the identity
146: * whose public key was specified in the call to <code>initVerify</code>.
147: *
148: * @param signature the signature bytes to be verified.
149: *
150: * @return true if the signature was verified, false if not.
151: *
152: * @exception SignatureException if this signature object is not
153: * initialized properly, or the passed-in signature is improperly
154: * encoded or of the wrong type, etc.
155: */
156: public final boolean verify(byte[] signature)
157: throws SignatureException {
158: try {
159: return sign.verify(signature);
160: } catch (com.sun.midp.crypto.SignatureException e) {
161: throw new SignatureException(e.getMessage());
162: }
163: }
164:
165: /**
166: * Updates the data to be verified, using the specified
167: * array of bytes, starting at the specified offset.
168: *
169: * @param data the array of bytes.
170: * @param off the offset to start from in the array of bytes.
171: * @param len the number of bytes to use, starting at offset.
172: *
173: * @exception SignatureException if this signature object is not
174: * initialized properly.
175: */
176: public final void update(byte[] data, int off, int len)
177: throws SignatureException {
178: try {
179: sign.update(data, off, len);
180: } catch (com.sun.midp.crypto.SignatureException e) {
181: throw new SignatureException(e.getMessage());
182: }
183: }
184: }
185:
186: /**
187: * The non-abstract signature.
188: */
189: class SignatureImpl extends Signature {
190:
191: /**
192: * Creates a <code>Signature</code> object for the specified algorithm.
193: *
194: * @param algorithm the standard string name of the algorithm.
195: * See Appendix A in the
196: * Java Cryptography Architecture API Specification & Reference
197: * for information about standard algorithm names.
198: * @param sign signature implementation
199: */
200: SignatureImpl(String algorithm, com.sun.midp.crypto.Signature sign) {
201: super(algorithm);
202: this.sign = sign;
203: }
204: }
|