signature.html

JAVA CARD 开发包规格说明,版本为2.2.2

<DD>Signature algorithm <code>ALG_RSA_SHA_RFC2409</code> generates a 20-byte SHA digest,
 pads the digest according to the RFC2409 scheme,
 and encrypts it using RSA.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_SHA_RFC2409">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_MD5_RFC2409"><!-- --></A><H3>
ALG_RSA_MD5_RFC2409</H3>
<PRE>
public static final byte <B>ALG_RSA_MD5_RFC2409</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_RSA_MD5_RFC2409</code> generates a 16-byte MD5 digest,
 pads the digest according to the RFC2409 scheme,
 and encrypts it using RSA.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_MD5_RFC2409">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_ECDSA_SHA"><!-- --></A><H3>
ALG_ECDSA_SHA</H3>
<PRE>
public static final byte <B>ALG_ECDSA_SHA</B></PRE>
<DL>
<DD>Signature algorithm <CODE>ALG_ECDSA_SHA</CODE> generates a 20-byte
 SHA digest and signs/verifies the digest using ECDSA.  The signature is encoded as an ASN.1
 sequence of two INTEGER values, r and s, in that order:
 SEQUENCE ::= { r INTEGER, s INTEGER }
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_ECDSA_SHA">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_AES_MAC_128_NOPAD"><!-- --></A><H3>
ALG_AES_MAC_128_NOPAD</H3>
<PRE>
public static final byte <B>ALG_AES_MAC_128_NOPAD</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_AES_MAC_128_NOPAD</code> generates a 16-byte MAC
 using AES with blocksize 128 in CBC mode and does not pad input data.
 If the input data is not (16-byte) block aligned it throws <code>CryptoException</code>
 with the reason code <code>ILLEGAL_USE</code>.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_AES_MAC_128_NOPAD">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DES_MAC4_ISO9797_1_M2_ALG3"><!-- --></A><H3>
ALG_DES_MAC4_ISO9797_1_M2_ALG3</H3>
<PRE>
public static final byte <B>ALG_DES_MAC4_ISO9797_1_M2_ALG3</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DES_MAC4_ISO9797_1_M2_ALG3</code> generates a 4-byte MAC
 using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also
 EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed
 as described in MAC Algorithm 3 of the ISO 9797-1 specification.
 The left key block of the triple DES key is used as a single DES key(K) and the right
 key block of the triple DES key is used as a single DES Key (K') during MAC processing.
 The final result is truncated to 4 bytes as described in ISO9797-1.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC4_ISO9797_1_M2_ALG3">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_DES_MAC8_ISO9797_1_M2_ALG3"><!-- --></A><H3>
ALG_DES_MAC8_ISO9797_1_M2_ALG3</H3>
<PRE>
public static final byte <B>ALG_DES_MAC8_ISO9797_1_M2_ALG3</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_DES_MAC8_ISO9797_1_M2_ALG3</code> generates an 8-byte MAC
 using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also
 EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed
 as described in MAC Algorithm 3 of the ISO 9797-1 specification.
 The left key block of the triple DES key is used as a single DES key(K) and the right
 key block of the triple DES key is used as a single DES Key (K') during MAC processing.
 The final result is truncated to 8 bytes as described in ISO9797-1.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_DES_MAC8_ISO9797_1_M2_ALG3">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_SHA_PKCS1_PSS"><!-- --></A><H3>
ALG_RSA_SHA_PKCS1_PSS</H3>
<PRE>
public static final byte <B>ALG_RSA_SHA_PKCS1_PSS</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_RSA_SHA_PKCS1_PSS</code> generates a 20-byte SHA-1 digest,
 pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000),
 and encrypts it using RSA.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_SHA_PKCS1_PSS">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_MD5_PKCS1_PSS"><!-- --></A><H3>
ALG_RSA_MD5_PKCS1_PSS</H3>
<PRE>
public static final byte <B>ALG_RSA_MD5_PKCS1_PSS</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_RSA_MD5_PKCS1_PSS</code> generates a 16-byte MD5 digest,
 pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000),
 and encrypts it using RSA.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_MD5_PKCS1_PSS">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_RIPEMD160_PKCS1_PSS"><!-- --></A><H3>
ALG_RSA_RIPEMD160_PKCS1_PSS</H3>
<PRE>
public static final byte <B>ALG_RSA_RIPEMD160_PKCS1_PSS</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_RSA_RIPEMD160_PKCS1_PSS</code> generates a 20-byte RIPE MD-160 digest,
 pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000),
 and encrypts it using RSA.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_RIPEMD160_PKCS1_PSS">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_HMAC_SHA1"><!-- --></A><H3>
ALG_HMAC_SHA1</H3>
<PRE>
public static final byte <B>ALG_HMAC_SHA1</B></PRE>
<DL>
<DD>HMAC message authentication algorithm <code>ALG_HMAC_SHA1</code>
 This algorithm generates an HMAC following the steps found in RFC: 2104
 using SHA1 as the hashing algorithm.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_HMAC_SHA1">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_HMAC_SHA_256"><!-- --></A><H3>
ALG_HMAC_SHA_256</H3>
<PRE>
public static final byte <B>ALG_HMAC_SHA_256</B></PRE>
<DL>
<DD>HMAC message authentication algorithm <code>ALG_HMAC_SHA_256</code>
 This algorithm generates an HMAC following the steps found in RFC: 2104
 using SHA-256 as the hashing algorithm.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_HMAC_SHA_256">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_HMAC_SHA_384"><!-- --></A><H3>
ALG_HMAC_SHA_384</H3>
<PRE>
public static final byte <B>ALG_HMAC_SHA_384</B></PRE>
<DL>
<DD>HMAC message authentication algorithm <code>ALG_HMAC_SHA_384</code>
 This algorithm generates an HMAC following the steps found in RFC: 2104
 using SHA-384 as the hashing algorithm.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_HMAC_SHA_384">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_HMAC_SHA_512"><!-- --></A><H3>
ALG_HMAC_SHA_512</H3>
<PRE>
public static final byte <B>ALG_HMAC_SHA_512</B></PRE>
<DL>
<DD>HMAC message authentication algorithm <code>ALG_HMAC_SHA_512</code>
 This algorithm generates an HMAC following the steps found in RFC: 2104
 using SHA-512 as the hashing algorithm.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_HMAC_SHA_512">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_HMAC_MD5"><!-- --></A><H3>
ALG_HMAC_MD5</H3>
<PRE>
public static final byte <B>ALG_HMAC_MD5</B></PRE>
<DL>
<DD>HMAC message authentication algorithm <code>ALG_HMAC_MD5</code>
 This algorithm generates an HMAC following the steps found in RFC: 2104
 using MD5 as the hashing algorithm.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_HMAC_MD5">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_HMAC_RIPEMD160"><!-- --></A><H3>
ALG_HMAC_RIPEMD160</H3>
<PRE>
public static final byte <B>ALG_HMAC_RIPEMD160</B></PRE>
<DL>
<DD>HMAC message authentication algorithm <code>ALG_HMAC_RIPEMD160</code>
 This algorithm generates an HMAC following the steps found in RFC: 2104
 using RIPEMD160 as the hashing algorithm.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_HMAC_RIPEMD160">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_SHA_ISO9796_MR"><!-- --></A><H3>
ALG_RSA_SHA_ISO9796_MR</H3>
<PRE>
public static final byte <B>ALG_RSA_SHA_ISO9796_MR</B></PRE>
<DL>
<DD>Signature algorithm<code>ALG_RSA_SHA_ISO9796_MR</code> generates 20-byte 
 SHA-1 digest, pads it according to the ISO9796-2 specification and encrypts
 using RSA. This algorithm is conformant with EMV2000.
 <p>This algorithm uses the first part of the input message as padding
 bytes during signing. During verification, these message bytes (recoverable message)
 can be recovered to reconstruct the message.
 <p>To use this algorithm the <code>Signature</code> object instance returned by the
 <code>getInstance</code> method must be cast to the
 <code>SignatureMessageRecovery</code> interface to invoke the applicable methods.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_SHA_ISO9796_MR">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_RSA_RIPEMD160_ISO9796_MR"><!-- --></A><H3>
ALG_RSA_RIPEMD160_ISO9796_MR</H3>
<PRE>
public static final byte <B>ALG_RSA_RIPEMD160_ISO9796_MR</B></PRE>
<DL>
<DD>Signature algorithm<code>ALG_RSA_RIPEMD160_ISO9796_MR</code> generates 20-byte 
 RIPE MD-160 digest, pads it according to the ISO9796-2 specification and encrypts
 using RSA.
 <p>This algorithm uses the first part of the input message as padding
 bytes during signing. During verification, these message bytes (recoverable message)
 can be recovered to reconstruct the message.
 <p>To use this algorithm the <code>Signature</code> object instance returned by the
 <code>getInstance</code> method must be cast to the
 <code>SignatureMessageRecovery</code> interface to invoke the applicable methods.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_RSA_RIPEMD160_ISO9796_MR">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="ALG_KOREAN_SEED_MAC_NOPAD"><!-- --></A><H3>
ALG_KOREAN_SEED_MAC_NOPAD</H3>
<PRE>
public static final byte <B>ALG_KOREAN_SEED_MAC_NOPAD</B></PRE>
<DL>
<DD>Signature algorithm <code>ALG_KOREAN_SEED_MAC_NOPAD</code> generates an 16-byte MAC
 using Korean SEED in CBC mode. 
 This algorithm does not pad input data.
 If the input data is not (16 byte) block aligned it throws <code>CryptoException</code>
 with the reason code <code>ILLEGAL_USE</code>.
 <p>Note:
 <ul><li><em>This algorithm must not be implemented if export restrictions apply.</em></ul>
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.ALG_KOREAN_SEED_MAC_NOPAD">Constant Field Values</A></DL>
</DL>
<HR>

<A NAME="MODE_SIGN"><!-- --></A><H3>
MODE_SIGN</H3>
<PRE>
public static final byte <B>MODE_SIGN</B></PRE>
<DL>
<DD>Used in <code>init()</code> methods to indicate signature sign mode.
<P>
<DL>
<DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.MODE_SIGN">Constant Field Values</A></DL>
</DL>
<HR>