|
Java Card v2.2.2 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface SignatureMessageRecovery
A subclass of the abstract Signature
class must implement this
SignatureMessageRecovery
interface to provide message recovery
functionality. An instance implementing this interface is returned by the
Signature.getInstance(byte, boolean)
method when algorithm type with suffix *_MR
is specified. e.g.Signature.ALG_RSA_SHA_ISO9796_MR
.
This interface provides specialized versions of some of the methods defined
in the Signature
class to provide message recovery functions. An alternate
version of the sign()
and verify()
methods is supported here
along with a new beginVerify
method to allow the message encoded
in the signature to be recovered.
For signing a message with message recovery functionality, the user must
cast the Signature
object to this interface, initialize the object for signing
with a private key using the init()
method, and issue 0 or more update()
method
calls and then finally call the sign()
method to obtain the signature.
For recovering the encoded message and verifying functionality, the user must
cast the Signature
object to this interface, initialize the object for verifying
with a public key using the init()
method, first recover the message
using the beginVerify()
method and then issue 0 or more update()
method
calls and then finally call the verify()
method to verify the signature.
Note:
A Signature
object implementing this interface must throw CryptoException
with CryptoException.ILLEGAL_USE
reason code
when one of the following methods applicable only to a Signature
object which
does not include message recovery functionality, is called:
Method Summary | |
---|---|
short |
beginVerify(byte[] sigAndRecDataBuff,
short buffOffset,
short sigLength)
This method begins the verification sequence by recovering the message encoded within the signature itself and initializing the internal hash function. |
byte |
getAlgorithm()
Gets the Signature algorithm. |
short |
getLength()
Returns the byte length of the signature data. |
void |
init(Key theKey,
byte theMode)
Initializes the Signature object with the appropriate Key . |
short |
sign(byte[] inBuff,
short inOffset,
short inLength,
byte[] sigBuff,
short sigOffset,
short[] recMsgLen,
short recMsgLenOffset)
Generates the signature of all/last input data. |
void |
update(byte[] inBuff,
short inOffset,
short inLength)
Accumulates a signature of the input data. |
boolean |
verify(byte[] inBuff,
short inOffset,
short inLength)
Verifies the signature of all/last input data against the passed in signature. |
Method Detail |
---|
void init(Key theKey, byte theMode) throws CryptoException
Signature
object with the appropriate Key
.
This method should be used for algorithms which do not need initialization parameters
or use default parameter values.
init()
must be used to update the Signature
object with a new key.
If the Key
object is modified after invoking the init()
method,
the behavior of the update()
, sign()
, and verify()
methods is unspecified.
theKey
- the key object to use for signing or verifyingtheMode
- one of MODE_SIGN
or MODE_VERIFY
CryptoException
- with the following reason codes:CryptoException.ILLEGAL_VALUE
if theMode
option is an undefined value or
if the Key
is inconsistent with theMode
or with the Signature
implementation.
CryptoException.UNINITIALIZED_KEY
if theKey
instance is uninitialized.
short beginVerify(byte[] sigAndRecDataBuff, short buffOffset, short sigLength) throws CryptoException
sigAndRecDataBuff
input byte array.
Notes:
update()
or the verify()
methods during verification.
sigLength
- recovered message length) bytes of
signature data in sigAndRecDataBuff
may also be overwritten
by this method.
sigAndRecDataBuff
- contains the signature data as input and also
contains the recoverable part of the message as output.buffOffset
- offset into the sigAndRecDataBuff array where data begins
for signature and where this method will start writing recovered message data.sigLength
- the length of signature data
sigAndRecDataBuff
CryptoException
- with the following reason codes:CryptoException.ILLEGAL_USE
for the following conditions:sigLength
is inconsistent with this Signature
algorithm
CryptoException.UNINITIALIZED_KEY
if key not initialized.
CryptoException.INVALID_INIT
if this Signature
object is
not initialized.
short sign(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff, short sigOffset, short[] recMsgLen, short recMsgLenOffset) throws CryptoException
A call to this method also resets this Signature
object to the state it was in
when previously initialized via a call to init()
.
That is, the object is reset and available to sign another message.
The input and output buffer data may overlap.
inBuff
- the input buffer of data to be signedinOffset
- the offset into the input buffer at which to begin signature generationinLength
- the byte length to signsigBuff
- the output buffer to store signature datasigOffset
- the offset into sigBuff at which to begin signature datarecMsgLen
- the output buffer containing the number of bytes of the recoverable message
beginning with the first byte of the message that was encoded into the signature itselfrecMsgLenOffset
- offset into the recMsgLen
output buffer where
the byte length of the recoverable message is stored. Note that a single short value is
stored at recMsgLenOffset
offset.
CryptoException
- with the following reason codes:CryptoException.UNINITIALIZED_KEY
if key not initialized.
CryptoException.INVALID_INIT
if this Signature
object is
not initialized or initialized for signature verify mode.
boolean verify(byte[] inBuff, short inOffset, short inLength) throws CryptoException
A call to this method also resets this Signature
object to the state it was in
when previously initialized via a call to init()
.
That is, the object is reset and available to verify another message.
inBuff
- the input buffer of data to be verifiedinOffset
- the offset into the input buffer at which to begin signature generationinLength
- the byte length to sign
true
if the signature verifies, false
otherwise
CryptoException
- with the following reason codes:CryptoException.UNINITIALIZED_KEY
if key not initialized.
CryptoException.INVALID_INIT
if this Signature
object is
not initialized or initialized for signature sign mode.
CryptoException.ILLEGAL_USE
if one of the following conditions is met:beginVerify
method has not been called.
byte getAlgorithm()
Signature
instance.short getLength() throws CryptoException
CryptoException
- with the following reason codes:CryptoException.INVALID_INIT
if this Signature
object is
not initialized.
CryptoException.UNINITIALIZED_KEY
if key not initialized.
void update(byte[] inBuff, short inOffset, short inLength) throws CryptoException
sign()
or beginVerify
method and verify()
method is recommended.
The sign()
or verify()
method must be called to complete processing of input data accumulated by one or more
calls to the update()
method.
Note:
inLength
is 0 this method does nothing.
inBuff
- the input buffer of data to be signed/verifiedinOffset
- the offset into the input buffer where input data beginsinLength
- the byte length to sign/verify
CryptoException
- with the following reason codes:CryptoException.UNINITIALIZED_KEY
if key not initialized.
CryptoException.INVALID_INIT
if this Signature
object is
not initialized.
CryptoException.ILLEGAL_USE
if the mode set in the init()
method is MODE_VERIFY and the beginVerify()
method is not yet called.
sign(byte[], short, short, byte[], short, short[], short)
,
verify(byte[], short, short)
|
Java Card v2.2.2 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |