Site Tools


Sidebar

Smart Card Solution

User Manual

JavaCard API Samples

Java Card Specification

Knowledge Sharing

javacard:java-card-api:signature

javacard.security

Class Signature


public abstract class Signatureextends Object

The Signature class is the base class for Signature algorithms. Implementations of Signature algorithms must extend this class and implement all the abstract methods. The term “pad” is used in the public key signature algorithms below to refer to all the operations specified in the referenced scheme to transform the message digest into the encryption block size.

A tear or card reset event resets an initialized 

Signature object to the state it was in when previously initialized via a call to init(). For algorithms which support keys with transient key data sets, such as DES, triple DES, AES, and Korean SEED the Signature object key becomes uninitialized on clear events associated with the Key object used to initialize the Signature object.

Even if a transaction is in progress, update of intermediate result state in the implementation

instance shall not participate in the transaction. Note:

  • On a tear or card reset event, the AES, DES, triple DES and Korean SEED algorithms in CBC mode reset the initial vector(IV) to 0. The initial vector(IV) can be re-initialized using the init(Key, byte, byte[], short, short) method.



Field Summary
static byte ALG_AES_MAC_128_NOPAD           Signature algorithm ALG_AES_MAC_128_NOPAD generates a 16-byte MAC using AES with blocksize 128 in CBC mode and does not pad input data.
static byte ALG_DES_MAC4_ISO9797_1_M2_ALG3           Signature algorithm ALG_DES_MAC4_ISO9797_1_M2_ALG3 generates a 4-byte MAC using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed as described in MAC Algorithm 3 of the ISO 9797-1 specification.
static byte ALG_DES_MAC4_ISO9797_M1           Signature algorithm ALG_DES_MAC4_ISO9797_M1 generates a 4-byte MAC (most significant 4 bytes of encrypted block) using DES in CBC modeor triple DES in outer CBC mode.
static byte ALG_DES_MAC4_ISO9797_M2           Signature algorithm ALG_DES_MAC4_ISO9797_M2 generates a 4-byte MAC (most significant 4 bytes of encrypted block) using DES in CBC modeor triple DES in outer CBC mode.
static byte ALG_DES_MAC4_NOPAD           Signature algorithm ALG_DES_MAC4_NOPAD generates a 4-byte MAC (most significant 4 bytes of encrypted block) using DES in CBC modeor triple DES in outer CBC mode.
static byte ALG_DES_MAC4_PKCS5           Signature algorithm ALG_DES_MAC4_PKCS5 generates a 4-byte MAC (most significant 4 bytes of encrypted block) using DES in CBC modeor triple DES in outer CBC mode.
static byte ALG_DES_MAC8_ISO9797_1_M2_ALG3           Signature algorithm ALG_DES_MAC8_ISO9797_1_M2_ALG3 generates an 8-byte MAC using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed as described in MAC Algorithm 3 of the ISO 9797-1 specification.
static byte ALG_DES_MAC8_ISO9797_M1           Signature algorithm ALG_DES_MAC8_ISO9797_M1 generates an 8-byte MAC using DES in CBC mode or triple DES in outer CBC mode.
static byte ALG_DES_MAC8_ISO9797_M2           Signature algorithm ALG_DES_MAC8_ISO9797_M2 generates an 8-byte MAC using DES in CBC mode or triple DES in outer CBC mode.
static byte ALG_DES_MAC8_NOPAD           Signature algorithm ALG_DES_MAC_8_NOPAD generates an 8-byte MAC using DES in CBC mode or triple DES in outer CBC mode.
static byte ALG_DES_MAC8_PKCS5           Signature algorithm ALG_DES_MAC8_PKCS5 generates an 8-byte MAC using DES in CBC mode or triple DES in outer CBC mode.
static byte ALG_DSA_SHA           Signature algorithm ALG_DSA_SHA generates a 20-byte SHA digest and signs/verifies the digests using DSA.
static byte ALG_ECDSA_SHA           Signature algorithm ALG_ECDSA_SHA generates a 20-byte SHA digest and signs/verifies the digest using ECDSA.
static byte ALG_HMAC_MD5           HMAC message authentication algorithm ALG_HMAC_MD5 This algorithm generates an HMAC following the steps found in RFC: 2104 using MD5 as the hashing algorithm.
static byte ALG_HMAC_RIPEMD160           HMAC message authentication algorithm ALG_HMAC_RIPEMD160 This algorithm generates an HMAC following the steps found in RFC: 2104 using RIPEMD160 as the hashing algorithm.
static byte ALG_HMAC_SHA_256           HMAC message authentication algorithm ALG_HMAC_SHA_256 This algorithm generates an HMAC following the steps found in RFC: 2104 using SHA-256 as the hashing algorithm.
static byte ALG_HMAC_SHA_384           HMAC message authentication algorithm ALG_HMAC_SHA_384 This algorithm generates an HMAC following the steps found in RFC: 2104 using SHA-384 as the hashing algorithm.
static byte ALG_HMAC_SHA_512           HMAC message authentication algorithm ALG_HMAC_SHA_512 This algorithm generates an HMAC following the steps found in RFC: 2104 using SHA-512 as the hashing algorithm.
static byte ALG_HMAC_SHA1           HMAC message authentication algorithm ALG_HMAC_SHA1 This algorithm generates an HMAC following the steps found in RFC: 2104 using SHA1 as the hashing algorithm.
static byte ALG_KOREAN_SEED_MAC_NOPAD           Signature algorithm ALG_KOREAN_SEED_MAC_NOPAD generates an 16-byte MAC using Korean SEED in CBC mode.
static byte ALG_RSA_MD5_PKCS1           Signature algorithm ALG_RSA_MD5_PKCS1 generates a 16-byte MD5 digest, pads the digest according to the PKCS#1 (v1.5) scheme, and encrypts it using RSA.
static byte ALG_RSA_MD5_PKCS1_PSS           Signature algorithm ALG_RSA_MD5_PKCS1_PSS generates a 16-byte MD5 digest, pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000), and encrypts it using RSA.
static byte ALG_RSA_MD5_RFC2409           Signature algorithm ALG_RSA_MD5_RFC2409 generates a 16-byte MD5 digest, pads the digest according to the RFC2409 scheme, and encrypts it using RSA.
static byte ALG_RSA_RIPEMD160_ISO9796           Signature algorithm ALG_RSA_RIPEMD160_ISO9796 generates a 20-byte RIPE MD-160 digest, pads the digest according to the ISO 9796 scheme, and encrypts it using RSA.
static byte ALG_RSA_RIPEMD160_ISO9796_MR           Signature algorithmALG_RSA_RIPEMD160_ISO9796_MR generates 20-byteRIPE MD-160 digest, pads it according to the ISO9796-2 specification and encrypts using RSA.
static byte ALG_RSA_RIPEMD160_PKCS1           Signature algorithm ALG_RSA_RIPEMD160_PKCS1 generates a 20-byte RIPE MD-160 digest, pads the digest according to the PKCS#1 (v1.5) scheme, and encrypts it using RSA.
static byte ALG_RSA_RIPEMD160_PKCS1_PSS           Signature algorithm ALG_RSA_RIPEMD160_PKCS1_PSS generates a 20-byte RIPE MD-160 digest, pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000), and encrypts it using RSA.
static byte ALG_RSA_SHA_ISO9796           Signature algorithm ALG_RSA_SHA_ISO9796 generates a 20-byte SHA digest, pads the digest according to the ISO 9796-2 scheme as specified in EMV '96 and EMV 2000, and encrypts it using RSA.
static byte ALG_RSA_SHA_ISO9796_MR           Signature algorithmALG_RSA_SHA_ISO9796_MR generates 20-byteSHA-1 digest, pads it according to the ISO9796-2 specification and encrypts using RSA.
static byte ALG_RSA_SHA_PKCS1           Signature algorithm ALG_RSA_SHA_PKCS1 generates a 20-byte SHA digest, pads the digest according to the PKCS#1 (v1.5) scheme, and encrypts it using RSA.
static byte ALG_RSA_SHA_PKCS1_PSS           Signature algorithm ALG_RSA_SHA_PKCS1_PSS generates a 20-byte SHA-1 digest, pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000), and encrypts it using RSA.
static byte ALG_RSA_SHA_RFC2409           Signature algorithm ALG_RSA_SHA_RFC2409 generates a 20-byte SHA digest, pads the digest according to the RFC2409 scheme, and encrypts it using RSA.
static byte MODE_SIGN           Used in init() methods to indicate signature sign mode.
static byte MODE_VERIFY           Used in init() methods to indicate signature verify mode.

 

Constructor Summary
protected Signature ()          Protected Constructor

 

Method Summary
abstract  byte getAlgorithm ()          Gets the Signature algorithm.
static Signature getInstance (byte algorithm,boolean externalAccess)          Creates a Signature object instance of the selected algorithm.
abstract  short getLength ()          Returns the byte length of the signature data.
abstract  void init (Key  theKey,byte theMode)          Initializes the Signature object with the appropriate Key.
abstract  void init (Key  theKey,byte theMode,byte[] bArray,short bOff,short bLen)          Initializes the Signature object with the appropriate Key and algorithm specific parameters.
abstract  short sign (byte[] inBuff,short inOffset,short inLength,byte[] sigBuff,short sigOffset)          Generates the signature of all/last input data.
abstract  void update (byte[] inBuff,short inOffset,short inLength)          Accumulates a signature of the input data.
abstract  boolean verify (byte[] inBuff,short inOffset,short inLength,byte[] sigBuff,short sigOffset,short sigLength)          Verifies the signature of all/last input data against the passed in signature.

 

Methods inherited from class java.lang.Object
equals

 

Field Detail

ALG_DES_MAC4_NOPAD

public static final byte ALG_DES_MAC4_NOPAD

Signature algorithm ALG_DES_MAC4_NOPAD generates a 4-byte MAC (most significant 4 bytes of encrypted block) using DES in CBC mode or triple DES in outer CBC mode. This algorithm does not pad input data. If the input data is not (8 byte) block aligned it throws CryptoException with the reason code ILLEGAL_USE.

See Also:Constant Field Values


ALG_DES_MAC8_NOPAD

public static final byte ALG_DES_MAC8_NOPAD

Signature algorithm ALG_DES_MAC_8_NOPAD generates an 8-byte MAC using DES in CBC mode or triple DES in outer CBC mode. This algorithm does not pad input data. If the input data is not (8 byte) block aligned it throws CryptoException with the reason code ILLEGAL_USE. Note:


  • This algorithm must not be implemented if export restrictions apply.


See Also:Constant Field Values


ALG_DES_MAC4_ISO9797_M1

public static final byte ALG_DES_MAC4_ISO9797_M1

Signature algorithm ALG_DES_MAC4_ISO9797_M1 generates a 4-byte MAC (most significant 4 bytes of encrypted block) using DES in CBC mode or triple DES in outer CBC mode. Input data is padded according to the ISO 9797 method 1 scheme.

See Also:Constant Field Values


ALG_DES_MAC8_ISO9797_M1

public static final byte ALG_DES_MAC8_ISO9797_M1

Signature algorithm ALG_DES_MAC8_ISO9797_M1 generates an 8-byte MAC using DES in CBC mode or triple DES in outer CBC mode. Input data is padded according to the ISO 9797 method 1 scheme. Note:


  • This algorithm must not be implemented if export restrictions apply.


See Also:Constant Field Values


ALG_DES_MAC4_ISO9797_M2

public static final byte ALG_DES_MAC4_ISO9797_M2

Signature algorithm ALG_DES_MAC4_ISO9797_M2 generates a 4-byte MAC (most significant 4 bytes of encrypted block) using DES in CBC mode or triple DES in outer CBC mode. Input data is padded according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.

See Also:Constant Field Values


ALG_DES_MAC8_ISO9797_M2

public static final byte ALG_DES_MAC8_ISO9797_M2

Signature algorithm ALG_DES_MAC8_ISO9797_M2 generates an 8-byte MAC using DES in CBC mode or triple DES in outer CBC mode. Input data is padded according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme. Note:


  • This algorithm must not be implemented if export restrictions apply.


See Also:Constant Field Values


ALG_DES_MAC4_PKCS5

public static final byte ALG_DES_MAC4_PKCS5

Signature algorithm ALG_DES_MAC4_PKCS5 generates a 4-byte MAC (most significant 4 bytes of encrypted block) using DES in CBC mode or triple DES in outer CBC mode. Input data is padded according to the PKCS#5 scheme.

See Also:Constant Field Values


ALG_DES_MAC8_PKCS5

public static final byte ALG_DES_MAC8_PKCS5

Signature algorithm ALG_DES_MAC8_PKCS5 generates an 8-byte MAC using DES in CBC mode or triple DES in outer CBC mode. Input data is padded according to the PKCS#5 scheme. Note:


  • This algorithm must not be implemented if export restrictions apply.


See Also:Constant Field Values


ALG_RSA_SHA_ISO9796

public static final byte ALG_RSA_SHA_ISO9796

Signature algorithm ALG_RSA_SHA_ISO9796 generates a 20-byte SHA digest, pads the digest according to the ISO 9796-2 scheme as specified in EMV '96 and EMV 2000, and encrypts it using RSA. Note:


  • The verify method does not support the message recovery semantics of this algorithm.


See Also:Constant Field Values


ALG_RSA_SHA_PKCS1

public static final byte ALG_RSA_SHA_PKCS1

Signature algorithm ALG_RSA_SHA_PKCS1 generates a 20-byte SHA digest, pads the digest according to the PKCS#1 (v1.5) scheme, and encrypts it using RSA. Note:

  • The encryption block(EB) during signing is built as follows:   EB = 00 || 01 || PS || 00 || T       :: where T is the DER encoding of :             digestInfo ::= SEQUENCE {             digestAlgorithm AlgorithmIdentifier of SHA-1,             digest OCTET STRING             }       :: PS is an octet string of length k-3-||T|| with value FF. The length of PS must be at least 8 octets.       :: k is the RSA modulus size. DER encoded SHA-1 AlgorithmIdentifier = 30 21 30 09 06 05 2B 0E 03 02 1A 05 00 04 14.


See Also:Constant Field Values


ALG_RSA_MD5_PKCS1

public static final byte ALG_RSA_MD5_PKCS1

Signature algorithm ALG_RSA_MD5_PKCS1 generates a 16-byte MD5 digest, pads the digest according to the PKCS#1 (v1.5) scheme, and encrypts it using RSA. Note:

  • The encryption block(EB) during signing is built as follows: <   EB = 00 || 01 || PS || 00 || T       :: where T is the DER encoding of :             digestInfo ::= SEQUENCE {             digestAlgorithm AlgorithmIdentifier of MD5,             digest OCTET STRING             }       :: PS is an octet string of length k-3-||T|| with value FF. The length of PS must be at least 8 octets.       :: k is the RSA modulus size. DER encoded MD5 AlgorithmIdentifier = 30 20 30 0C 06 08 2A 86 48 86 F7 0D 02 05 05 00 04 10.


See Also:Constant Field Values


ALG_RSA_RIPEMD160_ISO9796

public static final byte ALG_RSA_RIPEMD160_ISO9796

Signature algorithm ALG_RSA_RIPEMD160_ISO9796 generates a 20-byte RIPE MD-160 digest, pads the digest according to the ISO 9796 scheme, and encrypts it using RSA.

See Also:Constant Field Values


ALG_RSA_RIPEMD160_PKCS1

public static final byte ALG_RSA_RIPEMD160_PKCS1

Signature algorithm ALG_RSA_RIPEMD160_PKCS1 generates a 20-byte RIPE MD-160 digest, pads the digest according to the PKCS#1 (v1.5) scheme, and encrypts it using RSA. Note:

  • The encryption block(EB) during signing is built as follows: <   EB = 00 || 01 || PS || 00 || T       :: where T is the DER encoding of :             digestInfo ::= SEQUENCE {             digestAlgorithm AlgorithmIdentifier of RIPEMD160,             digest OCTET STRING             }       :: PS is an octet string of length k-3-||T|| with value FF. The length of PS must be at least 8 octets.       :: k is the RSA modulus size.


See Also:Constant Field Values


ALG_DSA_SHA

public static final byte ALG_DSA_SHA

Signature algorithm ALG_DSA_SHA generates a 20-byte SHA digest and signs/verifies the digests using DSA. The signature is encoded as an ASN.1 sequence of two INTEGER values, r and s, in that order: SEQUENCE ::= { r INTEGER, s INTEGER }

See Also:Constant Field Values


ALG_RSA_SHA_RFC2409

public static final byte ALG_RSA_SHA_RFC2409

Signature algorithm ALG_RSA_SHA_RFC2409 generates a 20-byte SHA digest, pads the digest according to the RFC2409 scheme, and encrypts it using RSA.

See Also:Constant Field Values


ALG_RSA_MD5_RFC2409

public static final byte ALG_RSA_MD5_RFC2409

Signature algorithm ALG_RSA_MD5_RFC2409 generates a 16-byte MD5 digest, pads the digest according to the RFC2409 scheme, and encrypts it using RSA.

See Also:Constant Field Values


ALG_ECDSA_SHA

public static final byte ALG_ECDSA_SHA

Signature algorithm ALG_ECDSA_SHA generates a 20-byte SHA digest and signs/verifies the digest using ECDSA. The signature is encoded as an ASN.1 sequence of two INTEGER values, r and s, in that order: SEQUENCE ::= { r INTEGER, s INTEGER }

See Also:Constant Field Values


ALG_AES_MAC_128_NOPAD

public static final byte ALG_AES_MAC_128_NOPAD

Signature algorithm ALG_AES_MAC_128_NOPAD generates a 16-byte MAC using AES with blocksize 128 in CBC mode and does not pad input data. If the input data is not (16-byte) block aligned it throws CryptoException with the reason code ILLEGAL_USE.

See Also:Constant Field Values


ALG_DES_MAC4_ISO9797_1_M2_ALG3

public static final byte ALG_DES_MAC4_ISO9797_1_M2_ALG3

Signature algorithm ALG_DES_MAC4_ISO9797_1_M2_ALG3 generates a 4-byte MAC using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed as described in MAC Algorithm 3 of the ISO 9797-1 specification. The left key block of the triple DES key is used as a single DES key(K) and the right key block of the triple DES key is used as a single DES Key (K') during MAC processing. The final result is truncated to 4 bytes as described in ISO9797-1.

See Also:Constant Field Values


ALG_DES_MAC8_ISO9797_1_M2_ALG3

public static final byte ALG_DES_MAC8_ISO9797_1_M2_ALG3

Signature algorithm ALG_DES_MAC8_ISO9797_1_M2_ALG3 generates an 8-byte MAC using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed as described in MAC Algorithm 3 of the ISO 9797-1 specification. The left key block of the triple DES key is used as a single DES key(K) and the right key block of the triple DES key is used as a single DES Key (K') during MAC processing. The final result is truncated to 8 bytes as described in ISO9797-1.

See Also:Constant Field Values


ALG_RSA_SHA_PKCS1_PSS

public static final byte ALG_RSA_SHA_PKCS1_PSS

Signature algorithm ALG_RSA_SHA_PKCS1_PSS generates a 20-byte SHA-1 digest, pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000), and encrypts it using RSA.

See Also:Constant Field Values


ALG_RSA_MD5_PKCS1_PSS

public static final byte ALG_RSA_MD5_PKCS1_PSS

Signature algorithm ALG_RSA_MD5_PKCS1_PSS generates a 16-byte MD5 digest, pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000), and encrypts it using RSA.

See Also:Constant Field Values


ALG_RSA_RIPEMD160_PKCS1_PSS

public static final byte ALG_RSA_RIPEMD160_PKCS1_PSS

Signature algorithm ALG_RSA_RIPEMD160_PKCS1_PSS generates a 20-byte RIPE MD-160 digest, pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000), and encrypts it using RSA.

See Also:Constant Field Values


ALG_HMAC_SHA1

public static final byte ALG_HMAC_SHA1

HMAC message authentication algorithm ALG_HMAC_SHA1 This algorithm generates an HMAC following the steps found in RFC: 2104 using SHA1 as the hashing algorithm.

See Also:Constant Field Values


ALG_HMAC_SHA_256

public static final byte ALG_HMAC_SHA_256

HMAC message authentication algorithm ALG_HMAC_SHA_256 This algorithm generates an HMAC following the steps found in RFC: 2104 using SHA-256 as the hashing algorithm.

See Also:Constant Field Values


ALG_HMAC_SHA_384

public static final byte ALG_HMAC_SHA_384

HMAC message authentication algorithm ALG_HMAC_SHA_384 This algorithm generates an HMAC following the steps found in RFC: 2104 using SHA-384 as the hashing algorithm.

See Also:Constant Field Values


ALG_HMAC_SHA_512

public static final byte ALG_HMAC_SHA_512

HMAC message authentication algorithm ALG_HMAC_SHA_512 This algorithm generates an HMAC following the steps found in RFC: 2104 using SHA-512 as the hashing algorithm.

See Also:Constant Field Values


ALG_HMAC_MD5

public static final byte ALG_HMAC_MD5

HMAC message authentication algorithm ALG_HMAC_MD5 This algorithm generates an HMAC following the steps found in RFC: 2104 using MD5 as the hashing algorithm.

See Also:Constant Field Values


ALG_HMAC_RIPEMD160

public static final byte ALG_HMAC_RIPEMD160

HMAC message authentication algorithm ALG_HMAC_RIPEMD160 This algorithm generates an HMAC following the steps found in RFC: 2104 using RIPEMD160 as the hashing algorithm.

See Also:Constant Field Values


ALG_RSA_SHA_ISO9796_MR

public static final byte ALG_RSA_SHA_ISO9796_MR

Signature algorithmALG_RSA_SHA_ISO9796_MR generates 20-byte SHA-1 digest, pads it according to the ISO9796-2 specification and encrypts using RSA. This algorithm is conformant with EMV2000. This algorithm uses the first part of the input message as padding bytes during signing. During verification, these message bytes (recoverable message) can be recovered to reconstruct the message. To use this algorithm the Signature object instance returned by the getInstance method must be cast to the SignatureMessageRecovery interface to invoke the applicable methods.

See Also:Constant Field Values


ALG_RSA_RIPEMD160_ISO9796_MR

public static final byte ALG_RSA_RIPEMD160_ISO9796_MR

Signature algorithmALG_RSA_RIPEMD160_ISO9796_MR generates 20-byte RIPE MD-160 digest, pads it according to the ISO9796-2 specification and encrypts using RSA. This algorithm uses the first part of the input message as padding bytes during signing. During verification, these message bytes (recoverable message) can be recovered to reconstruct the message. To use this algorithm the Signature object instance returned by the getInstance method must be cast to the SignatureMessageRecovery interface to invoke the applicable methods.

See Also:Constant Field Values


ALG_KOREAN_SEED_MAC_NOPAD

public static final byte ALG_KOREAN_SEED_MAC_NOPAD

Signature algorithm ALG_KOREAN_SEED_MAC_NOPAD generates an 16-byte MAC using Korean SEED in CBC mode. This algorithm does not pad input data. If the input data is not (16 byte) block aligned it throws CryptoException with the reason code ILLEGAL_USE. Note:


  • This algorithm must not be implemented if export restrictions apply.


See Also:Constant Field Values


MODE_SIGN

public static final byte MODE_SIGN

Used in init() methods to indicate signature sign mode.

See Also:Constant Field Values


MODE_VERIFY

public static final byte MODE_VERIFY

Used in init() methods to indicate signature verify mode.

See Also:Constant Field Values

Constructor Detail

Signature

protected Signature()

Protected Constructor

Method Detail

getInstance

public static final Signature getInstance(byte algorithm, boolean externalAccess) throws CryptoException

Creates a Signature object instance of the selected algorithm.

Parameters:algorithm - the desired Signature algorithm. Valid codes listed in ALG_* constants above e.g. ALG_DES_MAC4_NOPAD .

externalAccess - true indicates that the instance will be shared among multiple applet instances and that the Signature instance will also be accessed (via a Shareable interface) when the owner of the Signature instance is not the currently selected applet. If true the implementation must not allocate CLEAR_ON_DESELECT transient space for internal data.

Returns:the Signature object instance of the requested algorithm

Throws: CryptoException - with the following reason codes:

  • CryptoException.NO_SUCH_ALGORITHM if the requested algorithm or shared access mode is not supported.



init

public abstract void init(Key  theKey, byte theMode) throws CryptoException

Initializes the Signature object with the appropriate Key. This method should be used for algorithms which do not need initialization parameters or use default parameter values. init() must be used to update the Signature object with a new key. If the Key object is modified after invoking the init() method, the behavior of the update(), sign(), and verify() methods is unspecified. Note:

  • AES, DES, triple DES, and Korean SEED algorithms in CBC mode will use 0 for initial vector(IV) if this method is used.


  • For optimal performance, when the theKey parameter is a transient key, the implementation should, whenever possible, use transient space for internal storage.


Parameters:theKey - the key object to use for signing or verifying

theMode - one of MODE_SIGN or MODE_VERIFY

Throws: CryptoException - with the following reason codes:

  • CryptoException.ILLEGAL_VALUE if theMode option is an undefined value or if the Key is inconsistent with theMode or with the Signature implementation.


  • CryptoException.UNINITIALIZED_KEY if theKey instance is uninitialized.



init

public abstract void init(Key  theKey, byte theMode, byte[] bArray, short bOff, short bLen) throws CryptoException

Initializes the Signature object with the appropriate Key and algorithm specific parameters. init() must be used to update the Signature object with a new key. If the Key object is modified after invoking the init() method, the behavior of the update(), sign(), and verify() methods is unspecified. Note:

  • DES and triple DES algorithms in CBC mode expect an 8-byte parameter value for the initial vector(IV) in bArray.


  • AES algorithms in CBC mode expect a 16-byte parameter value for the initial vector(IV) in bArray.


  • Korean SEED algorithms in CBC mode expect a 16-byte parameter value for the initial vector(IV) in bArray.


  • ECDSA, RSA, and DSA algorithms throw CryptoException.ILLEGAL_VALUE.


  • For optimal performance, when the theKey parameter is a transient key, the implementation should, whenever possible, use transient space for internal storage.


Parameters:theKey - the key object to use for signing

theMode - one of MODE_SIGN or MODE_VERIFY

bArray - byte array containing algorithm specific initialization information

bOff - offset within bArray where the algorithm specific data begins

bLen - byte length of algorithm specific parameter data

Throws: CryptoException - with the following reason codes:

  • CryptoException.ILLEGAL_VALUE if theMode option is an undefined value or if a byte array parameter option is not supported by the algorithm or if the bLen is an incorrect byte length for the algorithm specific data or if the Key is inconsistent with theMode or with the Signature implementation.


  • CryptoException.UNINITIALIZED_KEY if theKey instance is uninitialized.



getAlgorithm

public abstract byte getAlgorithm()

Gets the Signature algorithm.

Returns:the algorithm code defined above


getLength

public abstract short getLength() throws CryptoException

Returns the byte length of the signature data.

Returns:the byte length of the signature data

Throws: CryptoException - with the following reason codes:

  • CryptoException.INVALID_INIT if this Signature object is not initialized.


  • CryptoException.UNINITIALIZED_KEY if key not initialized.



update

public abstract void update(byte[] inBuff, short inOffset, short inLength) throws CryptoException

Accumulates a signature of the input data. This method requires temporary storage of intermediate results. In addition, if the input data length is not block aligned (multiple of block size) then additional internal storage may be allocated at this time to store a partial input data block. This may result in additional resource consumption and/or slow performance. This method should only be used if all the input data required for signing/verifying is not available in one byte array. If all of the input data required for signing/verifying is located in a single byte array, use of the sign() or verify() method is recommended. The sign() or verify() method must be called to complete processing of input data accumulated by one or more calls to the update() method. Note:

  • If inLength is 0 this method does nothing.


Parameters:inBuff - the input buffer of data to be signed/verified

inOffset - the offset into the input buffer where input data begins

inLength - the byte length to sign/verify

Throws: CryptoException - with the following reason codes:

  • CryptoException.UNINITIALIZED_KEY if key not initialized.


  • CryptoException.INVALID_INIT if this Signature object is not initialized.


See Also:sign(byte[], short, short, byte[], short) , verify(byte[], short, short, byte[], short, short)


sign

public abstract short sign(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff, short sigOffset) throws CryptoException

Generates the signature of all/last input data. A call to this method also resets this Signature object to the state it was in when previously initialized via a call to init(). That is, the object is reset and available to sign another message. In addition, note that the initial vector(IV) used in AES, DES and Korean SEED algorithms in CBC mode will be reset to 0. Note:

  • AES, DES, triple DES, and Korean SEED algorithms in CBC mode reset the initial vector(IV) to 0. The initial vector(IV) can be re-initialized using the init(Key, byte, byte[], short, short) method.


The input and output buffer data may overlap.

Parameters:inBuff - the input buffer of data to be signed

inOffset - the offset into the input buffer at which to begin signature generation

inLength - the byte length to sign

sigBuff - the output buffer to store signature data

sigOffset - the offset into sigBuff at which to begin signature data

Returns:number of bytes of signature output in sigBuff

Throws: CryptoException - with the following reason codes:

  • CryptoException.UNINITIALIZED_KEY if key not initialized.


  • CryptoException.INVALID_INIT if this Signature object is not initialized or initialized for signature verify mode.


  • CryptoException.ILLEGAL_USE if one of the following conditions is met:


  • if this Signature algorithm does not pad the message and the message is not block aligned.


  • if this Signature algorithm does not pad the message and no input data has been provided in inBuff or via the update() method.


  • if this Signature algorithm includes message recovery functionality.




verify

public abstract boolean verify(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff, short sigOffset, short sigLength) throws CryptoException

Verifies the signature of all/last input data against the passed in signature. A call to this method also resets this Signature object to the state it was in when previously initialized via a call to init(). That is, the object is reset and available to verify another message. In addition, note that the initial vector(IV) used in AES, DES and Korean SEED algorithms in CBC mode will be reset to 0. Note:

  • AES, DES, triple DES, and Korean SEED algorithms in CBC mode reset the initial vector(IV) to 0. The initial vector(IV) can be re-initialized using the init(Key, byte, byte[], short, short) method.


Parameters:inBuff - the input buffer of data to be verified

inOffset - the offset into the input buffer at which to begin signature generation

inLength - the byte length to sign

sigBuff - the input buffer containing signature data

sigOffset - the offset into sigBuff where signature data begins

sigLength - the byte length of the signature data

Returns:true if the signature verifies, false otherwise Note, if sigLength is inconsistent with this Signature algorithm, false is returned.

Throws: CryptoException - with the following reason codes:

  • CryptoException.UNINITIALIZED_KEY if key not initialized.


  • CryptoException.INVALID_INIT if this Signature object is not initialized or initialized for signature sign mode.


  • CryptoException.ILLEGAL_USE if one of the following conditions is met:


  • if this Signature algorithm does not pad the message and the message is not block aligned.


  • if this Signature algorithm does not pad the message and no input data has been provided in inBuff or via the update() method.


  • if this Signature algorithm includes message recovery functionality.



javacard/java-card-api/signature.txt · Last modified: 2017/05/13 04:05 (external edit)