src/share/classes/java/security/Signature.java
Print this page
*** 51,64 ****
* of a digital signature algorithm. Digital signatures are used for
* authentication and integrity assurance of digital data.
*
* <p> The signature algorithm can be, among others, the NIST standard
* DSA, using DSA and SHA-1. The DSA algorithm using the
! * SHA-1 message digest algorithm can be specified as <tt>SHA1withDSA</tt>.
* In the case of RSA, there are multiple choices for the message digest
* algorithm, so the signing algorithm could be specified as, for example,
! * <tt>MD2withRSA</tt>, <tt>MD5withRSA</tt>, or <tt>SHA1withRSA</tt>.
* The algorithm name must be specified, as there is no default.
*
* <p> A Signature object can be used to generate and verify digital
* signatures.
*
--- 51,64 ----
* of a digital signature algorithm. Digital signatures are used for
* authentication and integrity assurance of digital data.
*
* <p> The signature algorithm can be, among others, the NIST standard
* DSA, using DSA and SHA-1. The DSA algorithm using the
! * SHA-1 message digest algorithm can be specified as {@code SHA1withDSA}.
* In the case of RSA, there are multiple choices for the message digest
* algorithm, so the signing algorithm could be specified as, for example,
! * {@code MD2withRSA}, {@code MD5withRSA}, or {@code SHA1withRSA}.
* The algorithm name must be specified, as there is no default.
*
* <p> A Signature object can be used to generate and verify digital
* signatures.
*
*** 90,111 ****
* method.
*
* </ol>
*
* <p>Note that this class is abstract and extends from
! * <code>SignatureSpi</code> for historical reasons.
* Application developers should only take notice of the methods defined in
! * this <code>Signature</code> class; all the methods in
* the superclass are intended for cryptographic service providers who wish to
* supply their own implementations of digital signature algorithms.
*
* <p> Every implementation of the Java platform is required to support the
! * following standard <code>Signature</code> algorithms:
* <ul>
! * <li><tt>SHA1withDSA</tt></li>
! * <li><tt>SHA1withRSA</tt></li>
! * <li><tt>SHA256withRSA</tt></li>
* </ul>
* These algorithms are described in the <a href=
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Signature">
* Signature section</a> of the
* Java Cryptography Architecture Standard Algorithm Name Documentation.
--- 90,111 ----
* method.
*
* </ol>
*
* <p>Note that this class is abstract and extends from
! * {@code SignatureSpi} for historical reasons.
* Application developers should only take notice of the methods defined in
! * this {@code Signature} class; all the methods in
* the superclass are intended for cryptographic service providers who wish to
* supply their own implementations of digital signature algorithms.
*
* <p> Every implementation of the Java platform is required to support the
! * following standard {@code Signature} algorithms:
* <ul>
! * <li>{@code SHA1withDSA}</li>
! * <li>{@code SHA1withRSA}</li>
! * <li>{@code SHA256withRSA}</li>
* </ul>
* These algorithms are described in the <a href=
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Signature">
* Signature section</a> of the
* Java Cryptography Architecture Standard Algorithm Name Documentation.
*** 459,469 ****
* <p>If the certificate is of type X.509 and has a <i>key usage</i>
* extension field marked as critical, and the value of the <i>key usage</i>
* extension field implies that the public key in
* the certificate and its corresponding private key are not
* supposed to be used for digital signatures, an
! * <code>InvalidKeyException</code> is thrown.
*
* @param certificate the certificate of the identity whose signature is
* going to be verified.
*
* @exception InvalidKeyException if the public key in the certificate
--- 459,469 ----
* <p>If the certificate is of type X.509 and has a <i>key usage</i>
* extension field marked as critical, and the value of the <i>key usage</i>
* extension field implies that the public key in
* the certificate and its corresponding private key are not
* supposed to be used for digital signatures, an
! * {@code InvalidKeyException} is thrown.
*
* @param certificate the certificate of the identity whose signature is
* going to be verified.
*
* @exception InvalidKeyException if the public key in the certificate
*** 536,549 ****
* The format of the signature depends on the underlying
* signature scheme.
*
* <p>A call to this method resets this signature object to the state
* it was in when previously initialized for signing via a
! * call to <code>initSign(PrivateKey)</code>. That is, the object is
* reset and available to generate another signature from the same
! * signer, if desired, via new calls to <code>update</code> and
! * <code>sign</code>.
*
* @return the signature bytes of the signing operation's result.
*
* @exception SignatureException if this signature object is not
* initialized properly or if this signature algorithm is unable to
--- 536,549 ----
* The format of the signature depends on the underlying
* signature scheme.
*
* <p>A call to this method resets this signature object to the state
* it was in when previously initialized for signing via a
! * call to {@code initSign(PrivateKey)}. That is, the object is
* reset and available to generate another signature from the same
! * signer, if desired, via new calls to {@code update} and
! * {@code sign}.
*
* @return the signature bytes of the signing operation's result.
*
* @exception SignatureException if this signature object is not
* initialized properly or if this signature algorithm is unable to
*** 557,588 ****
"signing");
}
/**
* Finishes the signature operation and stores the resulting signature
! * bytes in the provided buffer <code>outbuf</code>, starting at
! * <code>offset</code>.
* The format of the signature depends on the underlying
* signature scheme.
*
* <p>This signature object is reset to its initial state (the state it
! * was in after a call to one of the <code>initSign</code> methods) and
* can be reused to generate further signatures with the same private key.
*
* @param outbuf buffer for the signature result.
*
! * @param offset offset into <code>outbuf</code> where the signature is
* stored.
*
! * @param len number of bytes within <code>outbuf</code> allotted for the
* signature.
*
! * @return the number of bytes placed into <code>outbuf</code>.
*
* @exception SignatureException if this signature object is not
* initialized properly, if this signature algorithm is unable to
! * process the input data provided, or if <code>len</code> is less
* than the actual signature length.
*
* @since 1.2
*/
public final int sign(byte[] outbuf, int offset, int len)
--- 557,588 ----
"signing");
}
/**
* Finishes the signature operation and stores the resulting signature
! * bytes in the provided buffer {@code outbuf}, starting at
! * {@code offset}.
* The format of the signature depends on the underlying
* signature scheme.
*
* <p>This signature object is reset to its initial state (the state it
! * was in after a call to one of the {@code initSign} methods) and
* can be reused to generate further signatures with the same private key.
*
* @param outbuf buffer for the signature result.
*
! * @param offset offset into {@code outbuf} where the signature is
* stored.
*
! * @param len number of bytes within {@code outbuf} allotted for the
* signature.
*
! * @return the number of bytes placed into {@code outbuf}.
*
* @exception SignatureException if this signature object is not
* initialized properly, if this signature algorithm is unable to
! * process the input data provided, or if {@code len} is less
* than the actual signature length.
*
* @since 1.2
*/
public final int sign(byte[] outbuf, int offset, int len)
*** 604,616 ****
/**
* Verifies the passed-in signature.
*
* <p>A call to this method resets this signature object to the state
* it was in when previously initialized for verification via a
! * call to <code>initVerify(PublicKey)</code>. That is, the object is
* reset and available to verify another signature from the identity
! * whose public key was specified in the call to <code>initVerify</code>.
*
* @param signature the signature bytes to be verified.
*
* @return true if the signature was verified, false if not.
*
--- 604,616 ----
/**
* Verifies the passed-in signature.
*
* <p>A call to this method resets this signature object to the state
* it was in when previously initialized for verification via a
! * call to {@code initVerify(PublicKey)}. That is, the object is
* reset and available to verify another signature from the identity
! * whose public key was specified in the call to {@code initVerify}.
*
* @param signature the signature bytes to be verified.
*
* @return true if the signature was verified, false if not.
*
*** 631,643 ****
* Verifies the passed-in signature in the specified array
* of bytes, starting at the specified offset.
*
* <p>A call to this method resets this signature object to the state
* it was in when previously initialized for verification via a
! * call to <code>initVerify(PublicKey)</code>. That is, the object is
* reset and available to verify another signature from the identity
! * whose public key was specified in the call to <code>initVerify</code>.
*
*
* @param signature the signature bytes to be verified.
* @param offset the offset to start from in the array of bytes.
* @param length the number of bytes to use, starting at offset.
--- 631,643 ----
* Verifies the passed-in signature in the specified array
* of bytes, starting at the specified offset.
*
* <p>A call to this method resets this signature object to the state
* it was in when previously initialized for verification via a
! * call to {@code initVerify(PublicKey)}. That is, the object is
* reset and available to verify another signature from the identity
! * whose public key was specified in the call to {@code initVerify}.
*
*
* @param signature the signature bytes to be verified.
* @param offset the offset to start from in the array of bytes.
* @param length the number of bytes to use, starting at offset.
*** 646,660 ****
*
* @exception SignatureException if this signature object is not
* initialized properly, the passed-in signature is improperly
* encoded or of the wrong type, if this signature algorithm is unable to
* process the input data provided, etc.
! * @exception IllegalArgumentException if the <code>signature</code>
! * byte array is null, or the <code>offset</code> or <code>length</code>
! * is less than 0, or the sum of the <code>offset</code> and
! * <code>length</code> is greater than the length of the
! * <code>signature</code> byte array.
* @since 1.4
*/
public final boolean verify(byte[] signature, int offset, int length)
throws SignatureException {
if (state == VERIFY) {
--- 646,660 ----
*
* @exception SignatureException if this signature object is not
* initialized properly, the passed-in signature is improperly
* encoded or of the wrong type, if this signature algorithm is unable to
* process the input data provided, etc.
! * @exception IllegalArgumentException if the {@code signature}
! * byte array is null, or the {@code offset} or {@code length}
! * is less than 0, or the sum of the {@code offset} and
! * {@code length} is greater than the length of the
! * {@code signature} byte array.
* @since 1.4
*/
public final boolean verify(byte[] signature, int offset, int length)
throws SignatureException {
if (state == VERIFY) {
*** 720,731 ****
}
}
/**
* Updates the data to be signed or verified using the specified
! * ByteBuffer. Processes the <code>data.remaining()</code> bytes
! * starting at at <code>data.position()</code>.
* Upon return, the buffer's position will be equal to its limit;
* its limit will not have changed.
*
* @param data the ByteBuffer
*
--- 720,731 ----
}
}
/**
* Updates the data to be signed or verified using the specified
! * ByteBuffer. Processes the {@code data.remaining()} bytes
! * starting at at {@code data.position()}.
* Upon return, the buffer's position will be equal to its limit;
* its limit will not have changed.
*
* @param data the ByteBuffer
*
*** 788,798 ****
* at this time.
*
* @param param the string identifier of the parameter.
* @param value the parameter value.
*
! * @exception InvalidParameterException if <code>param</code> is an
* invalid parameter for this signature algorithm engine,
* the parameter is already set
* and cannot be set again, a security exception occurs, and so on.
*
* @see #getParameter
--- 788,798 ----
* at this time.
*
* @param param the string identifier of the parameter.
* @param value the parameter value.
*
! * @exception InvalidParameterException if {@code param} is an
* invalid parameter for this signature algorithm engine,
* the parameter is already set
* and cannot be set again, a security exception occurs, and so on.
*
* @see #getParameter
*** 854,864 ****
* @param param the string name of the parameter.
*
* @return the object that represents the parameter value, or null if
* there is none.
*
! * @exception InvalidParameterException if <code>param</code> is an invalid
* parameter for this engine, or another exception occurs while
* trying to get this parameter.
*
* @see #setParameter(String, Object)
*
--- 854,864 ----
* @param param the string name of the parameter.
*
* @return the object that represents the parameter value, or null if
* there is none.
*
! * @exception InvalidParameterException if {@code param} is an invalid
* parameter for this engine, or another exception occurs while
* trying to get this parameter.
*
* @see #setParameter(String, Object)
*
*** 874,884 ****
* Returns a clone if the implementation is cloneable.
*
* @return a clone if the implementation is cloneable.
*
* @exception CloneNotSupportedException if this is called
! * on an implementation that does not support <code>Cloneable</code>.
*/
public Object clone() throws CloneNotSupportedException {
if (this instanceof Cloneable) {
return super.clone();
} else {
--- 874,884 ----
* Returns a clone if the implementation is cloneable.
*
* @return a clone if the implementation is cloneable.
*
* @exception CloneNotSupportedException if this is called
! * on an implementation that does not support {@code Cloneable}.
*/
public Object clone() throws CloneNotSupportedException {
if (this instanceof Cloneable) {
return super.clone();
} else {
*** 938,948 ****
* Returns a clone if the delegate is cloneable.
*
* @return a clone if the delegate is cloneable.
*
* @exception CloneNotSupportedException if this is called on a
! * delegate that does not support <code>Cloneable</code>.
*/
public Object clone() throws CloneNotSupportedException {
chooseFirstProvider();
if (sigSpi instanceof Cloneable) {
SignatureSpi sigSpiClone = (SignatureSpi)sigSpi.clone();
--- 938,948 ----
* Returns a clone if the delegate is cloneable.
*
* @return a clone if the delegate is cloneable.
*
* @exception CloneNotSupportedException if this is called on a
! * delegate that does not support {@code Cloneable}.
*/
public Object clone() throws CloneNotSupportedException {
chooseFirstProvider();
if (sigSpi instanceof Cloneable) {
SignatureSpi sigSpiClone = (SignatureSpi)sigSpi.clone();