412 InvalidKeyException, NoSuchProviderException, SignatureException {
413 if (sigProvider == null) {
414 sigProvider = "";
415 }
416 if ((verifiedPublicKey != null) && verifiedPublicKey.equals(key)) {
417 // this certificate has already been verified using
418 // this public key. Make sure providers match, too.
419 if (sigProvider.equals(verifiedProvider)) {
420 if (verificationResult) {
421 return;
422 } else {
423 throw new SignatureException("Signature does not match.");
424 }
425 }
426 }
427 if (signedCert == null) {
428 throw new CertificateEncodingException("Uninitialized certificate");
429 }
430 // Verify the signature ...
431 Signature sigVerf = null;
432 if (sigProvider.length() == 0) {
433 sigVerf = Signature.getInstance(algId.getName());
434 } else {
435 sigVerf = Signature.getInstance(algId.getName(), sigProvider);
436 }
437
438 sigVerf.initVerify(key);
439
440 // set parameters after Signature.initSign/initVerify call,
441 // so the deferred provider selection happens when key is set
442 try {
443 SignatureUtil.specialSetParameter(sigVerf, getSigAlgParams());
444 } catch (ProviderException e) {
445 throw new CertificateException(e.getMessage(), e.getCause());
446 } catch (InvalidAlgorithmParameterException e) {
447 throw new CertificateException(e);
448 }
449
450 byte[] rawCert = info.getEncodedInfo();
451 sigVerf.update(rawCert, 0, rawCert.length);
452
581 *
582 * @exception NoSuchAlgorithmException on unsupported signature
583 * algorithms
584 * @exception InvalidKeyException on incorrect key
585 * @exception InvalidAlgorithmParameterException on invalid signature
586 * parameters
587 * @exception NoSuchProviderException on incorrect provider
588 * @exception SignatureException on signature errors
589 * @exception CertificateException on encoding errors
590 */
591 public void sign(PrivateKey key, AlgorithmParameterSpec signingParams,
592 String algorithm, String provider)
593 throws CertificateException, NoSuchAlgorithmException,
594 InvalidKeyException, InvalidAlgorithmParameterException,
595 NoSuchProviderException, SignatureException {
596 try {
597 if (readOnly)
598 throw new CertificateEncodingException(
599 "cannot over-write existing certificate");
600 Signature sigEngine = null;
601 if ((provider == null) || (provider.length() == 0))
602 sigEngine = Signature.getInstance(algorithm);
603 else
604 sigEngine = Signature.getInstance(algorithm, provider);
605
606 sigEngine.initSign(key);
607
608 // set parameters after Signature.initSign/initVerify call, so
609 // the deferred provider selection happens when the key is set
610 try {
611 sigEngine.setParameter(signingParams);
612 } catch (UnsupportedOperationException e) {
613 // for backward compatibility, only re-throw when
614 // parameters is not null
615 if (signingParams != null) throw e;
616 }
617
618 // in case the name is reset
619 if (signingParams != null) {
620 algId = AlgorithmId.get(sigEngine.getParameters());
621 } else {
|
412 InvalidKeyException, NoSuchProviderException, SignatureException {
413 if (sigProvider == null) {
414 sigProvider = "";
415 }
416 if ((verifiedPublicKey != null) && verifiedPublicKey.equals(key)) {
417 // this certificate has already been verified using
418 // this public key. Make sure providers match, too.
419 if (sigProvider.equals(verifiedProvider)) {
420 if (verificationResult) {
421 return;
422 } else {
423 throw new SignatureException("Signature does not match.");
424 }
425 }
426 }
427 if (signedCert == null) {
428 throw new CertificateEncodingException("Uninitialized certificate");
429 }
430 // Verify the signature ...
431 Signature sigVerf = null;
432 if (sigProvider.isEmpty()) {
433 sigVerf = Signature.getInstance(algId.getName());
434 } else {
435 sigVerf = Signature.getInstance(algId.getName(), sigProvider);
436 }
437
438 sigVerf.initVerify(key);
439
440 // set parameters after Signature.initSign/initVerify call,
441 // so the deferred provider selection happens when key is set
442 try {
443 SignatureUtil.specialSetParameter(sigVerf, getSigAlgParams());
444 } catch (ProviderException e) {
445 throw new CertificateException(e.getMessage(), e.getCause());
446 } catch (InvalidAlgorithmParameterException e) {
447 throw new CertificateException(e);
448 }
449
450 byte[] rawCert = info.getEncodedInfo();
451 sigVerf.update(rawCert, 0, rawCert.length);
452
581 *
582 * @exception NoSuchAlgorithmException on unsupported signature
583 * algorithms
584 * @exception InvalidKeyException on incorrect key
585 * @exception InvalidAlgorithmParameterException on invalid signature
586 * parameters
587 * @exception NoSuchProviderException on incorrect provider
588 * @exception SignatureException on signature errors
589 * @exception CertificateException on encoding errors
590 */
591 public void sign(PrivateKey key, AlgorithmParameterSpec signingParams,
592 String algorithm, String provider)
593 throws CertificateException, NoSuchAlgorithmException,
594 InvalidKeyException, InvalidAlgorithmParameterException,
595 NoSuchProviderException, SignatureException {
596 try {
597 if (readOnly)
598 throw new CertificateEncodingException(
599 "cannot over-write existing certificate");
600 Signature sigEngine = null;
601 if (provider == null || provider.isEmpty())
602 sigEngine = Signature.getInstance(algorithm);
603 else
604 sigEngine = Signature.getInstance(algorithm, provider);
605
606 sigEngine.initSign(key);
607
608 // set parameters after Signature.initSign/initVerify call, so
609 // the deferred provider selection happens when the key is set
610 try {
611 sigEngine.setParameter(signingParams);
612 } catch (UnsupportedOperationException e) {
613 // for backward compatibility, only re-throw when
614 // parameters is not null
615 if (signingParams != null) throw e;
616 }
617
618 // in case the name is reset
619 if (signingParams != null) {
620 algId = AlgorithmId.get(sigEngine.getParameters());
621 } else {
|