md5withrsa.java

面向应用的智能安全代理平台和工具包是一个综合网络应用的安全共性需求而设计和实现的一个通用性的网络信息安全应用支撑平台

package au.net.aba.crypto.provider;

/*
 * $Id: MD5withRSA.java,v 1.1 1999/01/21 04:03:44 leachbj Exp $
 * $Author: leachbj $
 *
 * Copyright (C) 1996-1998 Australian Business Access Pty Ltd.
 * All rights reserved.
 * 
 * Use, modification, copying and distribution of this software is subject the
 * terms and conditions of the ABA Public Licence. See the file
 * "PUBLIC_LICENCE" for additional information.
 *
 * If you have not received a copy of the Public Licence, you must destroy all
 * copies of this file immediately. 
 *
 * $Source: /aba/CVSROOT/jdk1.1/src/au.net.aba/crypto/provider/MD5withRSA.java,v $
 * $Revision: 1.1 $
 * $Date: 1999/01/21 04:03:44 $
 * $State: Exp $
 */

import java.security.*;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.io.IOException;


/**
 * This algorithm implements the Signature algorithm of "MD5 with RSA"
 * as defined in PKCS#1.  The algorithm returns an ecnrypted block
 * containing an ASN.1 DigestInfo structure.
 *
 * <pre>
 * AlgorithmIdentifier ::= SEQUENCE {
 *    algorithm   OBJECT IDENTIFIER,
 *    parameters  ANY DEFINED BY algorithm OPTIONAL
 * }
 * 
 * DigestInfo ::= SEQUENCE {
 *   digestAlgorithm DigestAlgorithmIdentifier,
 *   digest Digest }
 * 
 * digestAlgorithmIdentifier ::= AlgorithmIdentifier
 * 
 * Digest ::= OCTET STRING
 * 
 * id-md5 OBJECT IDENTIFIER ::= { 1 2 840 113549 2 5 }
 * md5Identifier :== AlgorithmIdentifier { id-md5, NULL }
 * </pre>
 */
public class MD5withRSA extends Signature
{
	private MessageDigest md5Digest;
	private Cipher rsaCipher;

	/*
	 * These values are the DER encoding of various parts
	 * of the ASN.1 DigestInfo structure
	 */
	private static final byte[] md5DigestInfo = {
		(byte)0x30, (byte)0x20	// + md5Identifier + digest_data
	};

	private static final byte[] md5Identifier = {
		(byte)0x30, (byte)0x0C	// + id_md5 + NULL
	};

	private static final byte[] id_md5 = {
		(byte)0x06, (byte)0x08, (byte)0x2A, (byte)0x86,
		(byte)0x48, (byte)0x86, (byte)0xF7, (byte)0x0D,
		(byte)0x02, (byte)0x05
	};

	private static final byte[] NULL = {
		(byte)0x05, (byte)0x00
	};

	private static final byte[] digestHdr = {
		(byte)0x04, (byte)0x10
	};

	public MD5withRSA()
	{
		super("MD5withRSA");
		try
		{
			md5Digest = MessageDigest.getInstance("MD5", "ABA");
			rsaCipher = Cipher.getInstance("RSA", "ABA");
		}
		catch (Exception e)
		{
			throw new ExceptionInInitializerError(e);
		}
	}
	/**
	 * Create a DER encoded ASN.1 DigestInfo block for
	 * the digest algorithm MD and the given digest.
	 */
	private byte[] encodeDigest(byte[] digest)
	throws IOException
	{
		/*
		 * Construct the DER encoded DigestInfo
		 */
		ByteArrayOutputStream bout = new ByteArrayOutputStream();
		bout.write(md5DigestInfo);
		bout.write(md5Identifier);
		bout.write(id_md5);
		bout.write(NULL);
		bout.write(digestHdr);
		bout.write(digest);

		return bout.toByteArray();
	}
	/**
	 * This algorithm does not support parameters.  This method
	 * will throw an exception to indicate so.
	 */
	protected Object engineGetParameter(String param)
	throws InvalidParameterException
	{
		throw new InvalidParameterException("The parameter "
			+ param + " is invalid for this algorithm.");
	}
	/**
	 * Initializes this signature object with the specified
	 * private key for signing operations.
	 *
	 * @param privateKey the private key of the identity whose signature
	 * 	will be generated.
	 * @exception InvalidKeyException if the key is improperly
	 * 	encoded, parameters are missing, and so on. 
	 */
	protected void engineInitSign(PrivateKey privateKey)
	throws InvalidKeyException
	{
		/*
		 * reset the message digest
		 */
		md5Digest.reset();

		/*
		 * reset the cipher
		 */
		rsaCipher.init(Cipher.ENCRYPT_MODE, privateKey);
	}
	/**
	 * Initializes this signature object with the specified
	 * public key for verification operations.
	 *
	 * @param publicKey the public key of the identity whose signature is
	 * 	going to be verified.
	 * @exception InvalidKeyException if the key is improperly
	 * 	encoded, parameters are missing, and so on.  
	 */
	protected void engineInitVerify(PublicKey publicKey)
	throws InvalidKeyException
	{
		/*
		 * reset the message digest
		 */
		md5Digest.reset();

		/*
		 * reset the cipher
		 */
		rsaCipher.init(Cipher.DECRYPT_MODE, publicKey);
	}
	/**
	 * This algorithm does not support parameters.  This method
	 * will throw an exception to indicate so.
	 */
	protected void engineSetParameter(String param, Object value) 
	throws InvalidParameterException
	{
		throw new InvalidParameterException("The parameter "
			+ param + " is invalid for this algorithm.");
	}
	/** 
	 * Returns the signature block for all the data update so far.
	 * This block is a PKCS#1 encrypted block of a BER encoded
	 * ASN.1 DigestInfo block.
	 *
	 * @return the signature bytes of the signing operation's result.
	 * @exception SignatureException if the engine is not
	 * 	initialized properly.
	 */
	protected byte[] engineSign()
	throws SignatureException
	{
		byte[] digest = md5Digest.digest();

		try
		{
			/*
			 * create the DER encoded DigestInfo
			 */
			byte[] derBlock = encodeDigest(digest);

			/*
			 * sign it
			 */
			byte[] signature = rsaCipher.doFinal(derBlock);

			return signature;
		}
		catch (Exception e)
		{
			throw new SignatureException(e.getMessage());
		}
	}
	/**
	 * Updates the data to be signed or verified, using the specified
	 * array of bytes, starting at the specified offset.
	 *
	 * @param data the array of bytes.  
	 * @param off the offset to start from in the array of bytes.  
	 * @param len the number of bytes to use, starting at offset.
	 * @exception SignatureException if the engine is not initialized 
	 * 	properly.
	 */
	protected void engineUpdate(byte[] b, int off, int len) 
	throws SignatureException
	{
		md5Digest.update(b, off, len);
	}
	/**
	 * Updates the data to be signed or verified using the specified byte.
	 *
	 * @param b the byte to use for the update.
	 * @exception SignatureException if the engine is not initialized
	 * 	properly.
	 */
	protected void engineUpdate(byte b)
	throws SignatureException
	{
		md5Digest.update(b);
	}
	/** 
	 * Verifies the passed-in signature.  The signature block is
	 * an RSA encrypted block containing a DER encoded ASN.1
	 * DigestInfo structure.
	 *
	 * @return true if the signature was verfied, false if not.
	 * @excpetion SignatureException if the engine was not initialised
	 * 	properly, the passed signature could not be decrypted,
	 * 	or the signature was improperly encoded.
	 */
	protected boolean engineVerify(byte[] sigBytes) 
	throws SignatureException
	{
		byte[] digest = md5Digest.digest();

		try
		{
			/*
			 * decrypt the signature block
			 */
			byte[] signature = rsaCipher.doFinal(sigBytes);

			/*
			 * re-create the signature block using the calculated
			 * digest.
			 */
			byte[] derBlock = encodeDigest(digest);

			/*
			 * compare the decrypted signature block with the
			 * newly calculated signature block
			 */
			if (signature.length != derBlock.length)
			{
				return false;
			}
			for (int i = 0; i < signature.length; i++)
			{
				if (signature[i] != derBlock[i])
				{
					return false;
				}
			}
			return true;
		}
		catch (Exception e)
		{
			throw new SignatureException(e.getMessage());
		}
	}
}