61 abstract class RSASignature extends java.security.SignatureSpi |
64 abstract class RSASignature extends java.security.SignatureSpi |
62 { |
65 { |
63 // message digest implementation we use |
66 // message digest implementation we use |
64 private final MessageDigest messageDigest; |
67 private final MessageDigest messageDigest; |
65 |
68 |
66 // flag indicating whether the digest is reset |
69 // message digest name |
|
70 private final String messageDigestAlgorithm; |
|
71 |
|
72 // flag indicating whether the digest has been reset |
67 private boolean needsReset; |
73 private boolean needsReset; |
68 |
74 |
69 // the signing key |
75 // the signing key |
70 private Key privateKey = null; |
76 private Key privateKey = null; |
71 |
77 |
72 // the verification key |
78 // the verification key |
73 private Key publicKey = null; |
79 private Key publicKey = null; |
74 |
80 |
75 |
81 |
|
82 /** |
|
83 * Constructs a new RSASignature. Used by subclasses. |
|
84 */ |
76 RSASignature(String digestName) { |
85 RSASignature(String digestName) { |
77 |
86 |
78 try { |
87 try { |
79 messageDigest = MessageDigest.getInstance(digestName); |
88 messageDigest = MessageDigest.getInstance(digestName); |
|
89 // Get the digest's canonical name |
|
90 messageDigestAlgorithm = messageDigest.getAlgorithm(); |
80 |
91 |
81 } catch (NoSuchAlgorithmException e) { |
92 } catch (NoSuchAlgorithmException e) { |
82 throw new ProviderException(e); |
93 throw new ProviderException(e); |
83 } |
94 } |
84 |
95 |
101 public MD2() { |
130 public MD2() { |
102 super("MD2"); |
131 super("MD2"); |
103 } |
132 } |
104 } |
133 } |
105 |
134 |
106 /** |
135 // initialize for signing. See JCA doc |
107 * Initializes this signature object with the specified |
|
108 * public key for verification operations. |
|
109 * |
|
110 * @param publicKey the public key of the identity whose signature is |
|
111 * going to be verified. |
|
112 * |
|
113 * @exception InvalidKeyException if the key is improperly |
|
114 * encoded, parameters are missing, and so on. |
|
115 */ |
|
116 protected void engineInitVerify(PublicKey key) |
136 protected void engineInitVerify(PublicKey key) |
117 throws InvalidKeyException |
137 throws InvalidKeyException |
118 { |
138 { |
119 // This signature accepts only RSAPublicKey |
139 // This signature accepts only RSAPublicKey |
120 if ((key instanceof java.security.interfaces.RSAPublicKey) == false) { |
140 if ((key instanceof java.security.interfaces.RSAPublicKey) == false) { |
156 |
176 |
157 } else { |
177 } else { |
158 publicKey = (sun.security.mscapi.RSAPublicKey) key; |
178 publicKey = (sun.security.mscapi.RSAPublicKey) key; |
159 } |
179 } |
160 |
180 |
161 if (needsReset) { |
181 this.privateKey = null; |
162 messageDigest.reset(); |
182 resetDigest(); |
163 needsReset = false; |
183 } |
164 } |
184 |
165 } |
185 // initialize for signing. See JCA doc |
166 |
186 protected void engineInitSign(PrivateKey key) throws InvalidKeyException |
167 /** |
|
168 * Initializes this signature object with the specified |
|
169 * private key for signing operations. |
|
170 * |
|
171 * @param privateKey the private key of the identity whose signature |
|
172 * will be generated. |
|
173 * |
|
174 * @exception InvalidKeyException if the key is improperly |
|
175 * encoded, parameters are missing, and so on. |
|
176 */ |
|
177 protected void engineInitSign(PrivateKey key) |
|
178 throws InvalidKeyException |
|
179 { |
187 { |
180 // This signature accepts only RSAPrivateKey |
188 // This signature accepts only RSAPrivateKey |
181 if ((key instanceof sun.security.mscapi.RSAPrivateKey) == false) { |
189 if ((key instanceof sun.security.mscapi.RSAPrivateKey) == false) { |
182 throw new InvalidKeyException("Key type not supported"); |
190 throw new InvalidKeyException("Key type not supported"); |
183 } |
191 } |
187 // the sizes are ok. Round up to nearest byte. |
195 // the sizes are ok. Round up to nearest byte. |
188 RSAKeyFactory.checkKeyLengths(((privateKey.bitLength() + 7) & ~7), |
196 RSAKeyFactory.checkKeyLengths(((privateKey.bitLength() + 7) & ~7), |
189 null, RSAKeyPairGenerator.KEY_SIZE_MIN, |
197 null, RSAKeyPairGenerator.KEY_SIZE_MIN, |
190 RSAKeyPairGenerator.KEY_SIZE_MAX); |
198 RSAKeyPairGenerator.KEY_SIZE_MAX); |
191 |
199 |
|
200 this.publicKey = null; |
|
201 resetDigest(); |
|
202 } |
|
203 |
|
204 /** |
|
205 * Resets the message digest if needed. |
|
206 */ |
|
207 private void resetDigest() { |
192 if (needsReset) { |
208 if (needsReset) { |
193 messageDigest.reset(); |
209 messageDigest.reset(); |
194 needsReset = false; |
210 needsReset = false; |
195 } |
211 } |
|
212 } |
|
213 |
|
214 private byte[] getDigestValue() { |
|
215 needsReset = false; |
|
216 return messageDigest.digest(); |
196 } |
217 } |
197 |
218 |
198 /** |
219 /** |
199 * Updates the data to be signed or verified |
220 * Updates the data to be signed or verified |
200 * using the specified byte. |
221 * using the specified byte. |
252 * initialized properly or if this signature algorithm is unable to |
273 * initialized properly or if this signature algorithm is unable to |
253 * process the input data provided. |
274 * process the input data provided. |
254 */ |
275 */ |
255 protected byte[] engineSign() throws SignatureException { |
276 protected byte[] engineSign() throws SignatureException { |
256 |
277 |
257 byte[] hash = messageDigest.digest(); |
278 byte[] hash = getDigestValue(); |
258 needsReset = false; |
|
259 |
279 |
260 // Sign hash using MS Crypto APIs |
280 // Sign hash using MS Crypto APIs |
261 |
281 |
262 byte[] result = signHash(hash, hash.length, |
282 byte[] result = signHash(hash, hash.length, |
263 messageDigest.getAlgorithm(), privateKey.getHCryptProvider(), |
283 messageDigestAlgorithm, privateKey.getHCryptProvider(), |
264 privateKey.getHCryptKey()); |
284 privateKey.getHCryptKey()); |
265 |
285 |
266 // Convert signature array from little endian to big endian |
286 // Convert signature array from little endian to big endian |
267 return convertEndianArray(result); |
287 return convertEndianArray(result); |
268 } |
288 } |
312 * process the input data provided, etc. |
332 * process the input data provided, etc. |
313 */ |
333 */ |
314 protected boolean engineVerify(byte[] sigBytes) |
334 protected boolean engineVerify(byte[] sigBytes) |
315 throws SignatureException |
335 throws SignatureException |
316 { |
336 { |
317 byte[] hash = messageDigest.digest(); |
337 byte[] hash = getDigestValue(); |
318 needsReset = false; |
|
319 |
338 |
320 return verifySignedHash(hash, hash.length, |
339 return verifySignedHash(hash, hash.length, |
321 messageDigest.getAlgorithm(), convertEndianArray(sigBytes), |
340 messageDigestAlgorithm, convertEndianArray(sigBytes), |
322 sigBytes.length, publicKey.getHCryptProvider(), |
341 sigBytes.length, publicKey.getHCryptProvider(), |
323 publicKey.getHCryptKey()); |
342 publicKey.getHCryptKey()); |
324 } |
343 } |
325 |
344 |
326 /** |
345 /** |