signature.html

JAVA CARD 开发包规格说明,版本为2.2.2

<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Verifies the signature of all/last input data against the passed in signature.</TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_java.lang.Object"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class java.lang.<A HREF="../../java/lang/Object.html" title="class in java.lang">Object</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../java/lang/Object.html#equals(java.lang.Object)">equals</A></CODE></TD>
</TR>
</TABLE>
&nbsp;
<P>

<!-- ============ FIELD DETAIL =========== -->

<A NAME="field_detail"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
<B>Field Detail</B></FONT></TH>
</TR>
</TABLE>

<A NAME="ALG_DES_MAC4_NOPAD"><!-- --></A><H3>
ALG_DES_MAC4_NOPAD</H3>
<PRE>
public static final byte <B>ALG_DES_MAC4_NOPAD</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DES_MAC4_NOPAD</code> generates a 4-byte MAC
 (most significant 4 bytes of encrypted block) using DES in CBC mode 
 or triple DES in outer CBC mode.  
 This algorithm does not pad input data.
 If the input data is not (8 byte) block aligned it throws <code>CryptoException</code>
 with the reason code <code>ILLEGAL_USE</code>.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC4_NOPAD">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DES_MAC8_NOPAD"><!-- --></A><H3>
ALG_DES_MAC8_NOPAD</H3>
<PRE>
public static final byte <B>ALG_DES_MAC8_NOPAD</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DES_MAC_8_NOPAD</code> generates an 8-byte MAC
 using DES in CBC mode or triple DES in outer CBC mode. 
 This algorithm does not pad input data.
 If the input data is not (8 byte) block aligned it throws <code>CryptoException</code>
 with the reason code <code>ILLEGAL_USE</code>.
 <p>Note:
 <ul><li><em>This algorithm must not be implemented if export restrictions apply.</em></ul>
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC8_NOPAD">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DES_MAC4_ISO9797_M1"><!-- --></A><H3>
ALG_DES_MAC4_ISO9797_M1</H3>
<PRE>
public static final byte <B>ALG_DES_MAC4_ISO9797_M1</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DES_MAC4_ISO9797_M1</code> generates a 4-byte MAC
 (most significant 4 bytes of encrypted block) using DES in CBC mode 
 or triple DES in outer CBC mode. 
 Input data is padded according to the ISO 9797 method 1 scheme.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC4_ISO9797_M1">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DES_MAC8_ISO9797_M1"><!-- --></A><H3>
ALG_DES_MAC8_ISO9797_M1</H3>
<PRE>
public static final byte <B>ALG_DES_MAC8_ISO9797_M1</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DES_MAC8_ISO9797_M1</code> generates an 8-byte MAC
 using DES in CBC mode or triple DES in outer CBC mode. 
 Input data is padded according to the ISO 9797 method 1 scheme.
 <p>Note:
 <ul><li><em>This algorithm must not be implemented if export restrictions apply.</em></ul>
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC8_ISO9797_M1">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DES_MAC4_ISO9797_M2"><!-- --></A><H3>
ALG_DES_MAC4_ISO9797_M2</H3>
<PRE>
public static final byte <B>ALG_DES_MAC4_ISO9797_M2</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DES_MAC4_ISO9797_M2</code> generates a 4-byte MAC
 (most significant 4 bytes of encrypted block) using DES in CBC mode 
 or triple DES in outer CBC mode. 
 Input data is padded according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC4_ISO9797_M2">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DES_MAC8_ISO9797_M2"><!-- --></A><H3>
ALG_DES_MAC8_ISO9797_M2</H3>
<PRE>
public static final byte <B>ALG_DES_MAC8_ISO9797_M2</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DES_MAC8_ISO9797_M2</code> generates an 8-byte MAC
 using DES in CBC mode or triple DES in outer CBC mode. 
 Input data is padded according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.
 <p>Note:
 <ul><li><em>This algorithm must not be implemented if export restrictions apply.</em></ul>
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC8_ISO9797_M2">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DES_MAC4_PKCS5"><!-- --></A><H3>
ALG_DES_MAC4_PKCS5</H3>
<PRE>
public static final byte <B>ALG_DES_MAC4_PKCS5</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DES_MAC4_PKCS5</code> generates a 4-byte MAC
 (most significant 4 bytes of encrypted block) using DES in CBC mode  
 or triple DES in outer CBC mode. 
 Input data is padded according to the PKCS#5 scheme.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC4_PKCS5">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DES_MAC8_PKCS5"><!-- --></A><H3>
ALG_DES_MAC8_PKCS5</H3>
<PRE>
public static final byte <B>ALG_DES_MAC8_PKCS5</B></PRE>
<DL>
<DD>Signature algorithm </code>ALG_DES_MAC8_PKCS5</code> generates an 8-byte MAC
 using DES in CBC mode or triple DES in outer CBC mode. 
 Input data is padded according to the PKCS#5 scheme.
 <p>Note:
 <ul><li><em>This algorithm must not be implemented if export restrictions apply.</em></ul>
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC8_PKCS5">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_SHA_ISO9796"><!-- --></A><H3>
ALG_RSA_SHA_ISO9796</H3>
<PRE>
public static final byte <B>ALG_RSA_SHA_ISO9796</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_RSA_SHA_ISO9796</code> generates
 a 20-byte SHA digest, pads the digest according to the ISO 9796-2 scheme
 as specified in EMV '96 and EMV 2000, and encrypts it using RSA.
 <p>Note:
 <ul><li><em>The <code>verify</code> method does not support the message recovery
 semantics of this algorithm.</em></ul>
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_SHA_ISO9796">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_SHA_PKCS1"><!-- --></A><H3>
ALG_RSA_SHA_PKCS1</H3>
<PRE>
public static final byte <B>ALG_RSA_SHA_PKCS1</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_RSA_SHA_PKCS1</code> generates a 20-byte SHA digest,
 pads the digest according to the PKCS#1 (v1.5) scheme,
 and encrypts it using RSA.
 <p>Note:<ul>
 <li><em> The encryption block(EB) during signing is built as follows:<br>
 &nbsp; EB = 00 || 01 || PS || 00 || T<br>
 &nbsp; &nbsp; &nbsp; :: where T is the DER encoding of :<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; digestInfo ::= SEQUENCE {<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; digestAlgorithm AlgorithmIdentifier of SHA-1,<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; digest OCTET STRING<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }<br>
 &nbsp; &nbsp; &nbsp; :: PS is an octet string of length k-3-||T|| with value FF.
 The length of PS must be at least 8 octets.<br>
 &nbsp; &nbsp; &nbsp; :: k is the RSA modulus size.<br>
 DER encoded SHA-1 AlgorithmIdentifier = 30 21 30 09 06 05 2B 0E 03 02 1A 05 00 04 14.</em><br>
 </ul>
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_SHA_PKCS1">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_MD5_PKCS1"><!-- --></A><H3>
ALG_RSA_MD5_PKCS1</H3>
<PRE>
public static final byte <B>ALG_RSA_MD5_PKCS1</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_RSA_MD5_PKCS1</code> generates a 16-byte MD5 digest,
 pads the digest according to the PKCS#1 (v1.5) scheme,
 and encrypts it using RSA.
 <p>Note:<ul>
 <li><em> The encryption block(EB) during signing is built as follows:<br>
 <&nbsp; EB = 00 || 01 || PS || 00 || T<br>
 &nbsp; &nbsp; &nbsp; :: where T is the DER encoding of :<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; digestInfo ::= SEQUENCE {<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; digestAlgorithm AlgorithmIdentifier of MD5,<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; digest OCTET STRING<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }<br>
 &nbsp; &nbsp; &nbsp; :: PS is an octet string of length k-3-||T|| with value FF.
 The length of PS must be at least 8 octets.<br>
 &nbsp; &nbsp; &nbsp; :: k is the RSA modulus size.<br>
 DER encoded MD5 AlgorithmIdentifier = 30 20 30 0C 06 08 2A 86 48 86 F7 0D 02 05 05 00 04 10.</em><br>
 </ul>
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_MD5_PKCS1">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_RIPEMD160_ISO9796"><!-- --></A><H3>
ALG_RSA_RIPEMD160_ISO9796</H3>
<PRE>
public static final byte <B>ALG_RSA_RIPEMD160_ISO9796</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_RSA_RIPEMD160_ISO9796</code> generates a 20-byte RIPE MD-160 digest,
 pads the digest according to the ISO 9796 scheme,
 and encrypts it using RSA.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_RIPEMD160_ISO9796">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_RIPEMD160_PKCS1"><!-- --></A><H3>
ALG_RSA_RIPEMD160_PKCS1</H3>
<PRE>
public static final byte <B>ALG_RSA_RIPEMD160_PKCS1</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_RSA_RIPEMD160_PKCS1</code> generates a 20-byte RIPE MD-160 digest,
 pads the digest according to the PKCS#1 (v1.5) scheme,
 and encrypts it using RSA.
 <p>Note:<ul>
 <li><em> The encryption block(EB) during signing is built as follows:<br>
 <&nbsp; EB = 00 || 01 || PS || 00 || T<br>
 &nbsp; &nbsp; &nbsp; :: where T is the DER encoding of :<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; digestInfo ::= SEQUENCE {<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; digestAlgorithm AlgorithmIdentifier of RIPEMD160,<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; digest OCTET STRING<br>
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }<br>
 &nbsp; &nbsp; &nbsp; :: PS is an octet string of length k-3-||T|| with value FF.
 The length of PS must be at least 8 octets.<br>
 &nbsp; &nbsp; &nbsp; :: k is the RSA modulus size. </em><br>
 </ul>
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_RIPEMD160_PKCS1">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DSA_SHA"><!-- --></A><H3>
ALG_DSA_SHA</H3>
<PRE>
public static final byte <B>ALG_DSA_SHA</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DSA_SHA</code> generates a
 20-byte SHA digest and signs/verifies the digests using DSA.  The signature is encoded as an ASN.1
 sequence of two INTEGER values, r and s, in that order:
 SEQUENCE ::= { r INTEGER, s INTEGER }
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DSA_SHA">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_SHA_RFC2409"><!-- --></A><H3>
ALG_RSA_SHA_RFC2409</H3>
<PRE>
public static final byte <B>ALG_RSA_SHA_RFC2409</B></PRE>
<DL>