signature.java

gcc的组建

        boolean[]array = cert.getKeyUsage();
        if (array != null && array[0] == false)
          throw new InvalidKeyException(
              "KeyUsage of this Certificate indicates it cannot be used for digital signing");
      }
    this.initVerify(certificate.getPublicKey());
  }

  /**
   * Initialize this object for signing. If this method is called again with a
   * different argument, it negates the effect of this call.
   *
   * @param privateKey the private key of the identity whose signature is going
   * to be generated.
   * @throws InvalidKeyException if the key is invalid.
   */
  public final void initSign(PrivateKey privateKey) throws InvalidKeyException
  {
    state = SIGN;
    engineInitSign(privateKey);
  }

  /**
   * Initialize this object for signing. If this method is called again with a
   * different argument, it negates the effect of this call.
   *
   * @param privateKey the private key of the identity whose signature is going
   * to be generated.
   * @param random the source of randomness for this signature.
   * @throws InvalidKeyException if the key is invalid.
   */
  public final void initSign(PrivateKey privateKey, SecureRandom random)
    throws InvalidKeyException
  {
    state = SIGN;
    engineInitSign(privateKey, random);
  }

  /**
   * <p>Returns the signature bytes of all the data updated. The format of the
   * signature depends on the underlying signature scheme.</p>
   *
   * <p>A call to this method resets this signature object to the state it was
   * in when previously initialized for signing via a call to
   * <code>initSign(PrivateKey)</code>. That is, the object is reset and
   * available to generate another signature from the same signer, if desired,
   * via new calls to <code>update()</code> and <code>sign()</code>.</p>
   *
   * @return the signature bytes of the signing operation's result.
   * @throws SignatureException if this signature object is not initialized
   * properly.
   */
  public final byte[] sign() throws SignatureException
  {
    if (state == SIGN)
      return engineSign();
    else
      throw new SignatureException();
  }

  /**
   * <p>Finishes the signature operation and stores the resulting signature
   * bytes in the provided buffer <code>outbuf</code>, starting at <code>offset
   * </code>. The format of the signature depends on the underlying signature
   * scheme.</p>
   *
   * <p>This signature object is reset to its initial state (the state it was
   * in after a call to one of the <code>initSign()</code> methods) and can be
   * reused to generate further signatures with the same private key.</p>
   *
   * @param outbuf buffer for the signature result.
   * @param offset offset into outbuf where the signature is stored.
   * @param len number of bytes within outbuf allotted for the signature.
   * @return the number of bytes placed into outbuf.
   * @throws SignatureException if an error occurs or len is less than the
   * actual signature length.
   * @since 1.2
   */
  public final int sign(byte[] outbuf, int offset, int len)
    throws SignatureException
  {
    if (state == SIGN)
      return engineSign(outbuf, offset, len);
    else
      throw new SignatureException();
  }

  /**
   * <p>Verifies the passed-in signature.</p>
   *
   * <p>A call to this method resets this signature object to the state it was
   * in when previously initialized for verification via a call to
   * <code>initVerify(PublicKey)</code>. That is, the object is reset and
   * available to verify another signature from the identity whose public key
   * was specified in the call to <code>initVerify()</code>.</p>
   *
   * @param signature the signature bytes to be verified.
   * @return <code>true</code> if the signature was verified, <code>false</code>
   * if not.
   * @throws SignatureException if this signature object is not initialized
   * properly, or the passed-in signature is improperly encoded or of the wrong
   * type, etc.
   */
  public final boolean verify(byte[]signature) throws SignatureException
  {
    if (state == VERIFY)
      return engineVerify(signature);
    else
      throw new SignatureException();
  }

  /**
   * <p>Verifies the passed-in <code>signature</code> in the specified array of
   * bytes, starting at the specified <code>offset</code>.</p>
   *
   * <p>A call to this method resets this signature object to the state it was
   * in when previously initialized for verification via a call to
   * <code>initVerify(PublicKey)</code>. That is, the object is reset and
   * available to verify another signature from the identity whose public key
   * was specified in the call to <code>initVerify()</code>.</p>
   *
   * @param signature the signature bytes to be verified.
   * @param offset the offset to start from in the array of bytes.
   * @param length the number of bytes to use, starting at offset.
   * @return <code>true</code> if the signature was verified, <code>false</code>
   * if not.
   * @throws SignatureException if this signature object is not initialized
   * properly, or the passed-in <code>signature</code> is improperly encoded or
   * of the wrong type, etc.
   * @throws IllegalArgumentException if the <code>signature</code> byte array
   * is <code>null</code>, or the <code>offset</code> or <code>length</code> is
   * less than <code>0</code>, or the sum of the <code>offset</code> and
   * <code>length</code> is greater than the length of the <code>signature</code>
   * byte array.
   */
  public final boolean verify(byte[] signature, int offset, int length)
    throws SignatureException
  {
    if (state != VERIFY)
      throw new SignatureException("illegal state");

    if (signature == null)
      throw new IllegalArgumentException("signature is null");
    if (offset < 0)
      throw new IllegalArgumentException("offset is less than 0");
    if (length < 0)
      throw new IllegalArgumentException("length is less than 0");
    if (offset + length < signature.length)
      throw new IllegalArgumentException("range is out of bounds");

    return engineVerify(signature, offset, length);
  }

  /**
   * Updates the data to be signed or verified by a byte.
   *
   * @param b the byte to use for the update.
   * @throws SignatureException if this signature object is not initialized
   * properly.
   */
  public final void update(byte b) throws SignatureException
  {
    if (state != UNINITIALIZED)
      engineUpdate(b);
    else
      throw new SignatureException();
  }

  /**
   * Updates the data to be signed or verified, using the specified array of
   * bytes.
   *
   * @param data the byte array to use for the update.
   * @throws SignatureException if this signature object is not initialized
   * properly.
   */
  public final void update(byte[]data) throws SignatureException
  {
    if (state != UNINITIALIZED)
      engineUpdate(data, 0, data.length);
    else
      throw new SignatureException();
  }

  /**
   * Updates the data to be signed or verified, using the specified array of
   * bytes, starting at the specified offset.
   *
   * @param data the array of bytes.
   * @param off the offset to start from in the array of bytes.
   * @param len the number of bytes to use, starting at offset.
   * @throws SignatureException if this signature object is not initialized
   * properly.
   */
  public final void update(byte[]data, int off, int len)
    throws SignatureException
  {
    if (state != UNINITIALIZED)
      engineUpdate(data, off, len);
    else
      throw new SignatureException();
  }

  /**
   * Returns the name of the algorithm for this signature object.
   *
   * @return the name of the algorithm for this signature object.
   */
  public final String getAlgorithm()
  {
    return algorithm;
  }

  /**
   * Returns a string representation of this signature object, providing
   * information that includes the state of the object and the name of the
   * algorithm used.
   *
   * @return a string representation of this signature object.
   */
  public String toString()
  {
    return (algorithm + " Signature");
  }

  /**
   * Sets the specified algorithm parameter to the specified value. This method
   * supplies a general-purpose mechanism through which it is possible to set
   * the various parameters of this object. A parameter may be any settable
   * parameter for the algorithm, such as a parameter size, or a source of
   * random bits for signature generation (if appropriate), or an indication of
   * whether or not to perform a specific but optional computation. A uniform
   * algorithm-specific naming scheme for each parameter is desirable but left
   * unspecified at this time.
   *
   * @param param the string identifier of the parameter.
   * @param value the parameter value.
   * @throws InvalidParameterException if param is an invalid parameter for this
   * signature algorithm engine, the parameter is already set and cannot be set
   * again, a security exception occurs, and so on.
   * @see #getParameter(String)
   * @deprecated Use setParameter(AlgorithmParameterSpec).
   */
  public final void setParameter(String param, Object value)
    throws InvalidParameterException
  {
    engineSetParameter(param, value);
  }

  /**
   * Initializes this signature engine with the specified parameter set.
   *
   * @param params the parameters.
   * @throws InvalidAlgorithmParameterException if the given parameters are
   * inappropriate for this signature engine.
   * @see #getParameters()
   */
  public final void setParameter(AlgorithmParameterSpec params)
    throws InvalidAlgorithmParameterException
  {
    engineSetParameter(params);
  }

  /**
   * <p>Returns the parameters used with this signature object.</p>
   *
   * <p>The returned parameters may be the same that were used to initialize
   * this signature, or may contain a combination of default and randomly
   * generated parameter values used by the underlying signature implementation
   * if this signature requires algorithm parameters but was not initialized
   * with any.
   *
   * @return the parameters used with this signature, or <code>null</code> if
   * this signature does not use any parameters.
   * @see #setParameter(AlgorithmParameterSpec)
   */
  public final AlgorithmParameters getParameters()
  {
    return engineGetParameters();
  }

  /**
   * Gets the value of the specified algorithm parameter. This method supplies
   * a general-purpose mechanism through which it is possible to get the various
   * parameters of this object. A parameter may be any settable parameter for
   * the algorithm, such as a parameter size, or a source of random bits for
   * signature generation (if appropriate), or an indication of whether or not
   * to perform a specific but optional computation. A uniform
   * algorithm-specific naming scheme for each parameter is desirable but left
   * unspecified at this time.
   *
   * @param param the string name of the parameter.
   * @return the object that represents the parameter value, or null if there
   * is none.
   * @throws InvalidParameterException if param is an invalid parameter for this
   * engine, or another exception occurs while trying to get this parameter.
   * @see #setParameter(String, Object)
   * @deprecated
   */
  public final Object getParameter(String param)
    throws InvalidParameterException
  {
    return engineGetParameter(param);
  }

  /**
   * Returns a clone if the implementation is cloneable.
   *
   * @return a clone if the implementation is cloneable.
   * @throws CloneNotSupportedException if this is called on an implementation
   * that does not support {@link Cloneable}.
   */
  public Object clone() throws CloneNotSupportedException
  {
    return super.clone();
  }
}