source: trunk/gcc/libjava/java/security/Signature.java

Last change on this file was 1392, checked in by bird, 21 years ago

This commit was generated by cvs2svn to compensate for changes in r1391,
which included commits to RCS files with non-trunk default branches.
  • Property cvs2svn:cvs-rev set to 1.1.1.2
  • Property svn:eol-style set to native
  • Property svn:executable set to *
File size: 14.5 KB
Line 
1/* Signature.java --- Signature Class
2 Copyright (C) 1999, 2002 Free Software Foundation, Inc.
3
4This file is part of GNU Classpath.
5
6GNU Classpath is free software; you can redistribute it and/or modify
7it under the terms of the GNU General Public License as published by
8the Free Software Foundation; either version 2, or (at your option)
9any later version.
10
11GNU Classpath is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Classpath; see the file COPYING. If not, write to the
18Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
1902111-1307 USA.
20
21Linking this library statically or dynamically with other modules is
22making a combined work based on this library. Thus, the terms and
23conditions of the GNU General Public License cover the whole
24combination.
25
26As a special exception, the copyright holders of this library give you
27permission to link this library with independent modules to produce an
28executable, regardless of the license terms of these independent
29modules, and to copy and distribute the resulting executable under
30terms of your choice, provided that you also meet, for each linked
31independent module, the terms and conditions of the license of that
32module. An independent module is a module which is not derived from
33or based on this library. If you modify this library, you may extend
34this exception to your version of the library, but you are not
35obligated to do so. If you do not wish to do so, delete this
36exception statement from your version. */
37
38package java.security;
39import java.security.spec.AlgorithmParameterSpec;
40
41/**
42 Signature is used to provide an interface to digital signature
43 algorithms. Digital signatures provide authentication and data
44 integrity of digital data.
45
46 The GNU provider provides the NIST standard DSA which uses DSA
47 and SHA-1. It can be specified by SHA/DSA, SHA-1/DSA or its
48 OID. If the RSA signature algorithm is provided then
49 it could be MD2/RSA. MD5/RSA, or SHA-1/RSA. The algorithm must
50 be specified because there is no default.
51
52 Signature provides implementation-independent algorithms which
53 are requested by the user through getInstance. It can be
54 requested by specifying just the algorithm name or by
55 specifying both the algorithm name and provider name.
56
57 The three phases of using Signature are:
58
59 1. Initialing
60
61 * It must be initialized with a private key for signing.
62 * It must be initialized with a public key for verifying.
63
64 2. Updating
65
66 Update the bytes for signing or verifying with calls to update.
67
68 3. Signing or Verify the signature on the currently stored
69 bytes by calling sign or verify.
70
71 @author Mark Benvenuto <ivymccough@worldnet.att.net>
72 @since JDK 1.1
73 */
74public abstract class Signature extends SignatureSpi
75{
76 /**
77 Possible state variable which signifies if it has not been
78 initialized.
79 */
80 protected static final int UNINITIALIZED = 1;
81
82 /**
83 Possible state variable which signifies if it has been
84 initialized for signing.
85 */
86 protected static final int SIGN = 2;
87
88 /**
89 Possible state variable which signifies if it has been
90 initialized for verifying.
91 */
92 protected static final int VERIFY = 3;
93
94 /**
95 State of this Signature class.
96 */
97 protected int state = UNINITIALIZED;
98
99 private String algorithm;
100 Provider provider;
101
102 /**
103 Creates a new signature for this algorithm.
104
105 @param algorithm the algorithm to use
106 */
107 protected Signature(String algorithm)
108 {
109 this.algorithm = algorithm;
110 state = UNINITIALIZED;
111 }
112
113 /**
114 Gets an instance of the Signature class representing
115 the specified signature. If the algorithm is not found then,
116 it throws NoSuchAlgorithmException.
117
118 @param algorithm the name of signature algorithm to choose
119 @return a Signature repesenting the desired algorithm
120
121 @throws NoSuchAlgorithmException if the algorithm is not implemented by
122 providers
123 */
124 public static Signature getInstance(String algorithm)
125 throws NoSuchAlgorithmException
126 {
127 Provider[] p = Security.getProviders();
128
129 for (int i = 0; i < p.length; i++)
130 {
131 try
132 {
133 return getInstance(algorithm, p[i]);
134 }
135 catch (NoSuchAlgorithmException ignored) {}
136 }
137
138 throw new NoSuchAlgorithmException(algorithm);
139 }
140
141 /**
142 Gets an instance of the Signature class representing
143 the specified signature from the specified provider. If the
144 algorithm is not found then, it throws NoSuchAlgorithmException.
145 If the provider is not found, then it throws
146 NoSuchProviderException.
147
148 @param algorithm the name of signature algorithm to choose
149 @param provider the name of the provider to find the algorithm in
150 @return a Signature repesenting the desired algorithm
151
152 @throws NoSuchAlgorithmException if the algorithm is not implemented by
153 the provider
154 @throws NoSuchProviderException if the provider is not found
155 */
156 public static Signature getInstance(String algorithm, String provider)
157 throws NoSuchAlgorithmException, NoSuchProviderException
158 {
159 Provider p = Security.getProvider(provider);
160 if (p == null)
161 throw new NoSuchProviderException(provider);
162
163 return getInstance(algorithm, p);
164 }
165
166 private static Signature getInstance(String algorithm, Provider p)
167 throws NoSuchAlgorithmException
168 {
169 // try the name as is
170 String className = p.getProperty("Signature." + algorithm);
171 if (className == null) { // try all uppercase
172 String upper = algorithm.toUpperCase();
173 className = p.getProperty("Signature." + upper);
174 if (className == null) { // try if it's an alias
175 String alias = p.getProperty("Alg.Alias.Signature." + algorithm);
176 if (alias == null) {
177 alias = p.getProperty("Alg.Alias.Signature." + upper);
178 if (alias == null) { // spit the dummy
179 throw new NoSuchAlgorithmException(algorithm);
180 }
181 }
182 className = p.getProperty("Signature." + alias);
183 if (className == null) {
184 throw new NoSuchAlgorithmException(algorithm);
185 }
186 }
187 }
188 return getInstance(className, algorithm, p);
189 }
190
191 private static Signature getInstance(String classname,
192 String algorithm,
193 Provider provider)
194 throws NoSuchAlgorithmException
195 {
196 try
197 {
198 Object o = Class.forName(classname).newInstance();
199 Signature sig;
200 if (o instanceof SignatureSpi)
201 sig = new DummySignature((SignatureSpi) o, algorithm);
202 else
203 {
204 sig = (Signature) o;
205 sig.algorithm = algorithm;
206 }
207
208 sig.provider = provider;
209 return sig;
210 }
211 catch (ClassNotFoundException cnfe)
212 {
213 throw new NoSuchAlgorithmException("Class not found");
214 }
215 catch (InstantiationException ie)
216 {
217 throw new NoSuchAlgorithmException("Class instantiation failed");
218 }
219 catch (IllegalAccessException iae)
220 {
221 throw new NoSuchAlgorithmException("Illegal Access");
222 }
223 }
224
225 /**
226 Gets the provider that the Signature is from.
227
228 @return the provider of this Signature
229 */
230 public final Provider getProvider()
231 {
232 return provider;
233 }
234
235 /**
236 Initializes this class with the public key for
237 verification purposes.
238
239 @param publicKey the public key to verify with
240
241 @throws InvalidKeyException invalid key
242 */
243 public final void initVerify(PublicKey publicKey) throws InvalidKeyException
244 {
245 state = VERIFY;
246 engineInitVerify(publicKey);
247 }
248
249 /**
250 Verify Signature with a certificate. This is a FIPS 140-1 compatible method
251 since it verifies a signature with a certificate.
252
253 If the certificate is an X.509 certificate, has a KeyUsage parameter and
254 the parameter indicates this key is not to be used for signing then an
255 error is returned.
256
257 @param certificate a certificate containing a public key to verify with
258 */
259 public final void initVerify(java.security.cert.Certificate certificate)
260 throws InvalidKeyException
261 {
262 state = VERIFY;
263 if (certificate.getType().equals("X509"))
264 {
265 java.security.cert.X509Certificate cert =
266 (java.security.cert.X509Certificate) certificate;
267
268 boolean[]array = cert.getKeyUsage();
269 if (array != null && array[0] == false)
270 throw new InvalidKeyException
271 ("KeyUsage of this Certificate indicates it cannot be used for digital signing");
272 }
273 this.initVerify(certificate.getPublicKey());
274 }
275
276 /**
277 Initializes this class with the private key for
278 signing purposes.
279
280 @param privateKey the private key to sign with
281
282 @throws InvalidKeyException invalid key
283 */
284 public final void initSign(PrivateKey privateKey) throws InvalidKeyException
285 {
286 state = SIGN;
287 engineInitSign(privateKey);
288 }
289
290 /**
291 Initializes this class with the private key and source
292 of randomness for signing purposes.
293
294 @param privateKey the private key to sign with
295 @param random Source of randomness
296
297 @throws InvalidKeyException invalid key
298
299 @since JDK 1.2
300 */
301 public final void initSign(PrivateKey privateKey, SecureRandom random)
302 throws InvalidKeyException
303 {
304 state = SIGN;
305 engineInitSign(privateKey, random);
306 }
307
308
309 /**
310 Returns the signature bytes of all the data fed to this class.
311 The format of the output depends on the underlying signature
312 algorithm.
313
314 @return the signature
315
316 @throws SignatureException engine not properly initialized
317 */
318 public final byte[] sign() throws SignatureException
319 {
320 if (state == SIGN)
321 {
322 state = UNINITIALIZED;
323 return engineSign();
324 }
325 else
326 throw new SignatureException();
327 }
328
329 /**
330 Generates signature bytes of all the data fed to this class
331 and outputs it to the passed array. The format of the
332 output depends on the underlying signature algorithm.
333
334 After calling this method, the signature is reset to its
335 initial state and can be used to generate additional
336 signatures.
337
338 @param outbuf array of bytes
339 @param offset the offset to start at in the array
340 @param len the length of the bytes to put into the array.
341 Neither this method or the GNU provider will
342 return partial digests. If len is less than the
343 signature length, this method will throw
344 SignatureException. If it is greater than or equal
345 then it is ignored.
346
347 @return number of bytes in outbuf
348
349 @throws SignatureException engine not properly initialized
350
351 @since JDK 1.2
352 */
353 public final int sign(byte[] outbuf, int offset, int len)
354 throws SignatureException
355 {
356 if (state == SIGN)
357 {
358 state = UNINITIALIZED;
359 return engineSign(outbuf, offset, len);
360 }
361 else
362 throw new SignatureException();
363 }
364
365 /**
366 Verifies the passed signature.
367
368 @param signature the signature bytes to verify
369
370 @return true if verified, false otherwise
371
372 @throws SignatureException engine not properly initialized
373 or wrong signature
374 */
375 public final boolean verify(byte[]signature) throws SignatureException
376 {
377 if (state == VERIFY)
378 {
379 state = UNINITIALIZED;
380 return engineVerify(signature);
381 }
382 else
383 throw new SignatureException();
384 }
385
386 /**
387 Updates the data to be signed or verified with the specified
388 byte.
389
390 @param b byte to update with
391
392 @throws SignatureException Engine not properly initialized
393 */
394 public final void update(byte b) throws SignatureException
395 {
396 if (state != UNINITIALIZED)
397 engineUpdate(b);
398 else
399 throw new SignatureException();
400 }
401
402 /**
403 Updates the data to be signed or verified with the specified
404 bytes.
405
406 @param data array of bytes
407
408 @throws SignatureException engine not properly initialized
409 */
410 public final void update(byte[]data) throws SignatureException
411 {
412 if (state != UNINITIALIZED)
413 engineUpdate(data, 0, data.length);
414 else
415 throw new SignatureException();
416 }
417
418 /**
419 Updates the data to be signed or verified with the specified
420 bytes.
421
422 @param data array of bytes
423 @param off the offset to start at in the array
424 @param len the length of the bytes to use in the array
425
426 @throws SignatureException engine not properly initialized
427 */
428 public final void update(byte[]data, int off, int len)
429 throws SignatureException
430 {
431 if (state != UNINITIALIZED)
432 engineUpdate(data, off, len);
433 else
434 throw new SignatureException();
435 }
436
437 /**
438 Gets the name of the algorithm currently used.
439 The names of algorithms are usually SHA/DSA or SHA/RSA.
440
441 @return name of algorithm.
442 */
443 public final String getAlgorithm()
444 {
445 return algorithm;
446 }
447
448 /**
449 Returns a representation of the Signature as a String
450
451 @return a string representing the signature
452 */
453 public String toString()
454 {
455 return (algorithm + " Signature");
456 }
457
458 /**
459 Sets the specified algorithm parameter to the specified value.
460
461 @param param parameter name
462 @param value parameter value
463
464 @throws InvalidParameterException invalid parameter, parameter
465 already set and cannot set again, a security exception,
466 etc.
467
468 @deprecated use the other setParameter
469 */
470 public final void setParameter(String param, Object value)
471 throws InvalidParameterException
472 {
473 engineSetParameter(param, value);
474 }
475
476 /**
477 Sets the signature engine with the specified
478 AlgorithmParameterSpec;
479
480 By default this always throws UnsupportedOperationException
481 if not overridden;
482
483 @param params the parameters
484
485 @throws InvalidParameterException invalid parameter, parameter
486 already set and cannot set again, a security exception,
487 etc.
488 */
489 public final void setParameter(AlgorithmParameterSpec params)
490 throws InvalidAlgorithmParameterException
491 {
492 engineSetParameter(params);
493 }
494
495 /**
496 Gets the value for the specified algorithm parameter.
497
498 @param param parameter name
499
500 @return parameter value
501
502 @throws InvalidParameterException invalid parameter
503
504 @deprecated use the other getParameter
505 */
506 public final Object getParameter(String param)
507 throws InvalidParameterException
508 {
509 return engineGetParameter(param);
510 }
511
512 /**
513 Returns a clone if cloneable.
514
515 @return a clone if cloneable.
516
517 @throws CloneNotSupportedException if the implementation does
518 not support cloning
519 */
520 public Object clone() throws CloneNotSupportedException
521 {
522 throw new CloneNotSupportedException();
523 }
524}
Note: See TracBrowser for help on using the repository browser.