< prev index next >
src/java.base/share/classes/sun/security/rsa/RSASignature.java
Print this page
*** 1,7 ****
/*
! * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 28,47 ****
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.*;
import java.security.interfaces.*;
import sun.security.util.*;
import sun.security.x509.AlgorithmId;
/**
! * PKCS#1 RSA signatures with the various message digest algorithms.
* This file contains an abstract base class with all the logic plus
* a nested static class for each of the message digest algorithms
* (see end of the file). We support MD2, MD5, SHA-1, SHA-224, SHA-256,
! * SHA-384, and SHA-512.
*
* @since 1.5
* @author Andreas Sterbenz
*/
public abstract class RSASignature extends SignatureSpi {
--- 28,49 ----
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.*;
import java.security.interfaces.*;
+ import java.security.spec.AlgorithmParameterSpec;
+ import sun.security.rsa.RSAUtil.KeyType;
import sun.security.util.*;
import sun.security.x509.AlgorithmId;
/**
! * PKCS#1 v1.5 RSA signatures with the various message digest algorithms.
* This file contains an abstract base class with all the logic plus
* a nested static class for each of the message digest algorithms
* (see end of the file). We support MD2, MD5, SHA-1, SHA-224, SHA-256,
! * SHA-384, SHA-512, SHA-512/224, and SHA-512/256.
*
* @since 1.5
* @author Andreas Sterbenz
*/
public abstract class RSASignature extends SignatureSpi {
*** 83,107 ****
--- 85,112 ----
digestReset = true;
encodedLength = baseLength + oidLength + md.getDigestLength();
}
// initialize for verification. See JCA doc
+ @Override
protected void engineInitVerify(PublicKey publicKey)
throws InvalidKeyException {
RSAPublicKey rsaKey = (RSAPublicKey)RSAKeyFactory.toRSAKey(publicKey);
this.privateKey = null;
this.publicKey = rsaKey;
initCommon(rsaKey, null);
}
// initialize for signing. See JCA doc
+ @Override
protected void engineInitSign(PrivateKey privateKey)
throws InvalidKeyException {
engineInitSign(privateKey, null);
}
// initialize for signing. See JCA doc
+ @Override
protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
throws InvalidKeyException {
RSAPrivateKey rsaKey =
(RSAPrivateKey)RSAKeyFactory.toRSAKey(privateKey);
this.privateKey = rsaKey;
*** 112,121 ****
--- 117,131 ----
/**
* Init code common to sign and verify.
*/
private void initCommon(RSAKey rsaKey, SecureRandom random)
throws InvalidKeyException {
+ try {
+ RSAUtil.checkParamsAgainstType(KeyType.RSA, rsaKey.getParams());
+ } catch (ProviderException e) {
+ throw new InvalidKeyException("Invalid key for RSA signatures", e);
+ }
resetDigest();
int keySize = RSACore.getByteLength(rsaKey);
try {
padding = RSAPadding.getInstance
(RSAPadding.PAD_BLOCKTYPE_1, keySize, random);
*** 146,175 ****
--- 156,192 ----
digestReset = true;
return md.digest();
}
// update the signature with the plaintext data. See JCA doc
+ @Override
protected void engineUpdate(byte b) throws SignatureException {
md.update(b);
digestReset = false;
}
// update the signature with the plaintext data. See JCA doc
+ @Override
protected void engineUpdate(byte[] b, int off, int len)
throws SignatureException {
md.update(b, off, len);
digestReset = false;
}
// update the signature with the plaintext data. See JCA doc
+ @Override
protected void engineUpdate(ByteBuffer b) {
md.update(b);
digestReset = false;
}
// sign the data and return the signature. See JCA doc
+ @Override
protected byte[] engineSign() throws SignatureException {
+ if (privateKey == null) {
+ throw new SignatureException("Missing private key");
+ }
byte[] digest = getDigestValue();
try {
byte[] encoded = encodeSignature(digestOID, digest);
byte[] padded = padding.pad(encoded);
byte[] encrypted = RSACore.rsa(padded, privateKey, true);
*** 181,191 ****
--- 198,212 ----
}
}
// verify the data and return the result. See JCA doc
// should be reset to the state after engineInitVerify call.
+ @Override
protected boolean engineVerify(byte[] sigBytes) throws SignatureException {
+ if (publicKey == null) {
+ throw new SignatureException("Missing public key");
+ }
try {
if (sigBytes.length != RSACore.getByteLength(publicKey)) {
throw new SignatureException("Signature length not correct: got " +
sigBytes.length + " but was expecting " +
RSACore.getByteLength(publicKey));
*** 246,267 ****
--- 267,305 ----
return digest;
}
// set parameter, not supported. See JCA doc
@Deprecated
+ @Override
protected void engineSetParameter(String param, Object value)
throws InvalidParameterException {
throw new UnsupportedOperationException("setParameter() not supported");
}
+ // See JCA doc
+ @Override
+ protected void engineSetParameter(AlgorithmParameterSpec params)
+ throws InvalidAlgorithmParameterException {
+ if (params != null) {
+ throw new InvalidAlgorithmParameterException("No parameters accepted");
+ }
+ }
+
// get parameter, not supported. See JCA doc
@Deprecated
+ @Override
protected Object engineGetParameter(String param)
throws InvalidParameterException {
throw new UnsupportedOperationException("getParameter() not supported");
}
+ // See JCA doc
+ @Override
+ protected AlgorithmParameters engineGetParameters() {
+ return null;
+ }
+
// Nested class for MD2withRSA signatures
public static final class MD2withRSA extends RSASignature {
public MD2withRSA() {
super("MD2", AlgorithmId.MD2_oid, 10);
}
*** 307,312 ****
--- 345,363 ----
public SHA512withRSA() {
super("SHA-512", AlgorithmId.SHA512_oid, 11);
}
}
+ // Nested class for SHA512/224withRSA signatures
+ public static final class SHA512_224withRSA extends RSASignature {
+ public SHA512_224withRSA() {
+ super("SHA-512/224", AlgorithmId.SHA512_224_oid, 11);
+ }
+ }
+
+ // Nested class for SHA512/256withRSA signatures
+ public static final class SHA512_256withRSA extends RSASignature {
+ public SHA512_256withRSA() {
+ super("SHA-512/256", AlgorithmId.SHA512_256_oid, 11);
+ }
+ }
}
< prev index next >