📄 signature.html
字号:
<A NAME="MODE_VERIFY"><!-- --></A><H3>MODE_VERIFY</H3><PRE>public static final byte <B>MODE_VERIFY</B></PRE><DL><DD>Used in <code>init()</code> methods to indicate signature verify mode.<P><DL><DT><B>See Also:</B><DD><A HREF="../../constant-values.html#javacard.security.Signature.MODE_VERIFY">Constant Field Values</A></DL></DL><!-- ========= CONSTRUCTOR DETAIL ======== --><A NAME="constructor_detail"><!-- --></A><TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""><TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"><TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"><B>Constructor Detail</B></FONT></TH></TR></TABLE><A NAME="Signature()"><!-- --></A><H3>Signature</H3><PRE>protected <B>Signature</B>()</PRE><DL><DD>Protected Constructor<P></DL><!-- ============ METHOD DETAIL ========== --><A NAME="method_detail"><!-- --></A><TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""><TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"><TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"><B>Method Detail</B></FONT></TH></TR></TABLE><A NAME="getInstance(byte, boolean)"><!-- --></A><H3>getInstance</H3><PRE>public static final <A HREF="../../javacard/security/Signature.html" title="class in javacard.security">Signature</A> <B>getInstance</B>(byte algorithm, boolean externalAccess) throws <A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></PRE><DL><DD>Creates a <code>Signature</code> object instance of the selected algorithm.<P><DD><DL><DT><B>Parameters:</B><DD><CODE>algorithm</CODE> - the desired Signature algorithm. Valid codes listed in <code>ALG_*</code> constants above e.g. <A HREF="../../javacard/security/Signature.html#ALG_DES_MAC4_NOPAD"><CODE>ALG_DES_MAC4_NOPAD</CODE></A>.<DD><CODE>externalAccess</CODE> - <code>true</code> indicates that the instance will be shared among multiple applet instances and that the <code>Signature</code> instance will also be accessed (via a <code>Shareable</code> interface) when the owner of the <code>Signature</code> instance is not the currently selected applet. If <code>true</code> the implementation must not allocate CLEAR_ON_DESELECT transient space for internal data.<DT><B>Returns:</B><DD>the <code>Signature</code> object instance of the requested algorithm<DT><B>Throws:</B><DD><CODE><A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></CODE> - with the following reason codes:<ul> <li><code>CryptoException.NO_SUCH_ALGORITHM</code> if the requested algorithm or shared access mode is not supported.</ul></DL></DD></DL><HR><A NAME="init(javacard.security.Key, byte)"><!-- --></A><H3>init</H3><PRE>public abstract void <B>init</B>(<A HREF="../../javacard/security/Key.html" title="interface in javacard.security">Key</A> theKey, byte theMode) throws <A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></PRE><DL><DD>Initializes the <code>Signature</code> object with the appropriate <code>Key</code>. This method should be used for algorithms which do not need initialization parameters or use default parameter values. <p><code>init()</code> must be used to update the <code>Signature</code> object with a new key. If the <code>Key</code> object is modified after invoking the <code>init()</code> method, the behavior of the <code>update()</code>, <code>sign()</code>, and <code>verify()</code> methods is unspecified. <p>Note:<ul> <li><em>AES, DES, triple DES, and Korean SEED algorithms in CBC mode will use 0 for initial vector(IV) if this method is used.</em> <li><em>For optimal performance, when the <code>theKey</code> parameter is a transient key, the implementation should, whenever possible, use transient space for internal storage.</em> </ul><P><DD><DL><DT><B>Parameters:</B><DD><CODE>theKey</CODE> - the key object to use for signing or verifying<DD><CODE>theMode</CODE> - one of <code>MODE_SIGN</code> or <code>MODE_VERIFY</code><DT><B>Throws:</B><DD><CODE><A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></CODE> - with the following reason codes:<ul> <li><code>CryptoException.ILLEGAL_VALUE</code> if <code>theMode</code> option is an undefined value or if the <code>Key</code> is inconsistent with <code>theMode</code> or with the <code>Signature</code> implementation. <li><code>CryptoException.UNINITIALIZED_KEY</code> if <code>theKey</code> instance is uninitialized. </ul></DL></DD></DL><HR><A NAME="init(javacard.security.Key, byte, byte[], short, short)"><!-- --></A><H3>init</H3><PRE>public abstract void <B>init</B>(<A HREF="../../javacard/security/Key.html" title="interface in javacard.security">Key</A> theKey, byte theMode, byte[] bArray, short bOff, short bLen) throws <A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></PRE><DL><DD>Initializes the <code>Signature</code> object with the appropriate <code>Key</code> and algorithm specific parameters. <p><code>init()</code> must be used to update the <code>Signature</code> object with a new key. If the <code>Key</code> object is modified after invoking the <code>init()</code> method, the behavior of the <code>update()</code>, <code>sign()</code>, and <code>verify()</code> methods is unspecified. <p>Note:<ul> <li><em>DES and triple DES algorithms in CBC mode expect an 8-byte parameter value for the initial vector(IV) in </em><code>bArray</code><em>.</em> <li><em>AES algorithms in CBC mode expect a 16-byte parameter value for the initial vector(IV) in </em><code>bArray</code><em>.</em> <li><em>Korean SEED algorithms in CBC mode expect a 16-byte parameter value for the initial vector(IV) in </em><code>bArray</code><em>.</em> <li><em>ECDSA, RSA, and DSA algorithms throw </em><code>CryptoException.ILLEGAL_VALUE</code><em>.</em> <li><em>For optimal performance, when the <code>theKey</code> parameter is a transient key, the implementation should, whenever possible, use transient space for internal storage.</em> </ul><P><DD><DL><DT><B>Parameters:</B><DD><CODE>theKey</CODE> - the key object to use for signing<DD><CODE>theMode</CODE> - one of <code>MODE_SIGN</code> or <code>MODE_VERIFY</code><DD><CODE>bArray</CODE> - byte array containing algorithm specific initialization information<DD><CODE>bOff</CODE> - offset within <code>bArray</code> where the algorithm specific data begins<DD><CODE>bLen</CODE> - byte length of algorithm specific parameter data<DT><B>Throws:</B><DD><CODE><A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></CODE> - with the following reason codes:<ul> <li><code>CryptoException.ILLEGAL_VALUE</code> if <code>theMode</code> option is an undefined value or if a byte array parameter option is not supported by the algorithm or if the <code>bLen</code> is an incorrect byte length for the algorithm specific data or if the <code>Key</code> is inconsistent with <code>theMode</code> or with the <code>Signature</code> implementation. <li><code>CryptoException.UNINITIALIZED_KEY</code> if <code>theKey</code> instance is uninitialized. </ul></DL></DD></DL><HR><A NAME="getAlgorithm()"><!-- --></A><H3>getAlgorithm</H3><PRE>public abstract byte <B>getAlgorithm</B>()</PRE><DL><DD>Gets the Signature algorithm.<P><DD><DL><DT><B>Returns:</B><DD>the algorithm code defined above</DL></DD></DL><HR><A NAME="getLength()"><!-- --></A><H3>getLength</H3><PRE>public abstract short <B>getLength</B>() throws <A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></PRE><DL><DD>Returns the byte length of the signature data.<P><DD><DL><DT><B>Returns:</B><DD>the byte length of the signature data<DT><B>Throws:</B><DD><CODE><A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></CODE> - with the following reason codes:<ul> <li><code>CryptoException.INVALID_INIT</code> if this <code>Signature</code> object is not initialized. <li><code>CryptoException.UNINITIALIZED_KEY</code> if key not initialized. </ul></DL></DD></DL><HR><A NAME="update(byte[], short, short)"><!-- --></A><H3>update</H3><PRE>public abstract void <B>update</B>(byte[] inBuff, short inOffset, short inLength) throws <A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></PRE><DL><DD>Accumulates a signature of the input data. This method requires temporary storage of intermediate results. In addition, if the input data length is not block aligned (multiple of block size) then additional internal storage may be allocated at this time to store a partial input data block. This may result in additional resource consumption and/or slow performance. This method should only be used if all the input data required for signing/verifying is not available in one byte array. If all of the input data required for signing/verifying is located in a single byte array, use of the <code>sign()</code> or <code>verify()</code> method is recommended. The <code>sign()</code> or <code>verify()</code> method must be called to complete processing of input data accumulated by one or more calls to the <code>update()</code> method. <p>Note:<ul> <li><em>If <code>inLength</code> is 0 this method does nothing.</em> </ul><P><DD><DL><DT><B>Parameters:</B><DD><CODE>inBuff</CODE> - the input buffer of data to be signed/verified<DD><CODE>inOffset</CODE> - the offset into the input buffer where input data begins<DD><CODE>inLength</CODE> - the byte length to sign/verify<DT><B>Throws:</B><DD><CODE><A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></CODE> - with the following reason codes:<ul> <li><code>CryptoException.UNINITIALIZED_KEY</code> if key not initialized. <li><code>CryptoException.INVALID_INIT</code> if this <code>Signature</code> object is not initialized.</ul><DT><B>See Also:</B><DD><A HREF="../../javacard/security/Signature.html#sign(byte[], short, short, byte[], short)"><CODE>sign(byte[], short, short, byte[], short)</CODE></A>, <A HREF="../../javacard/security/Signature.html#verify(byte[], short, short, byte[], short, short)"><CODE>verify(byte[], short, short, byte[], short, short)</CODE></A></DL></DD></DL><HR><A NAME="sign(byte[], short, short, byte[], short)"><!-- --></A><H3>sign</H3><PRE>public abstract short <B>sign</B>(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff, short sigOffset) throws <A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></PRE><DL><DD>Generates the signature of all/last input data. <p>A call to this method also resets this <code>Signature</code> object to the state it was in when previously initialized via a call to <code>init()</code>. That is, the object is reset and available to sign another message. In addition, note that the initial vector(IV) used in AES, DES and Korean SEED algorithms in CBC mode will be reset to 0. <p>Note:<ul> <li><em>AES, DES, triple DES, and Korean SEED algorithms in CBC mode reset the initial vector(IV) to 0. The initial vector(IV) can be re-initialized using the </em><code>init(Key, byte, byte[], short, short)</code><em> method.</em> </ul> <p>The input and output buffer data may overlap.<P><DD><DL><DT><B>Parameters:</B><DD><CODE>inBuff</CODE> - the input buffer of data to be signed<DD><CODE>inOffset</CODE> - the offset into the input buffer at which to begin signature generation<DD><CODE>inLength</CODE> - the byte length to sign<DD><CODE>sigBuff</CODE> - the output buffer to store signature data<DD><CODE>sigOffset</CODE> - the offset into sigBuff at which to begin signature data<DT><B>Returns:</B><DD>number of bytes of signature output in sigBuff<DT><B>Throws:</B><DD><CODE><A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></CODE> - with the following reason codes:<ul> <li><code>CryptoException.UNINITIALIZED_KEY</code> if key not initialized. <li><code>CryptoException.INVALID_INIT</code> if this <code>Signature</code> object is not initialized or initialized for signature verify mode. <li><code>CryptoException.ILLEGAL_USE</code> if one of the following conditions is met:<ul> <li>if this <code>Signature</code> algorithm does not pad the message and the message is not block aligned. <li>if this <code>Signature</code> algorithm does not pad the message and no input data has been provided in <code>inBuff</code> or via the <code>update()</code> method. <li>if this <code>Signature</code> algorithm includes message recovery functionality. </ul></DL></DD></DL><HR><A NAME="verify(byte[], short, short, byte[], short, short)"><!-- --></A><H3>verify</H3><PRE>public abstract boolean <B>verify</B>(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff, short sigOffset, short sigLength) throws <A HREF="../../javacard/security/CryptoException.html" title="class in javacard.security">CryptoException</A></PRE><DL><DD>Verifies the signature of all/last input data against the passed in signature. <p>A call to this method also resets this <code>Signature</code> object to the state it was in when previously initialized via a call to <code>init()</code>. That is, the object is reset and available to verify another message. In addition, note that the initial vector(IV) used in AES, DES and Korean SEED algorithms in CBC mode will be reset to 0. <p>Note:<ul> <li><em>AES, DES, triple DES, and Korean SEED algorithms in CBC mode reset the initial vector(IV) to 0. The initial vector(IV) can be re-initialized using the </em><code>init(Key, byte, byte[], short, short)</code><em> method.</em> </ul><P><DD><DL><DT><B>Parameters:</B><DD><CODE>inBuff</CODE> - the input buffer of data to be verified<DD><CODE>inOffset</CODE> - the offset into the input buffer at which to begin signature generation<DD><CODE>inLength</CODE> - the byte length to sign<DD><CODE>sigBuff</CODE> -⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -