signature.java
来自「《移动Agent技术》一书的所有章节源代码。」· Java 代码 · 共 597 行 · 第 1/2 页
JAVA
597 行
/*
* @(#)Signature.java 1.44 97/01/31
*
* Copyright (c) 1995, 1996 Sun Microsystems, Inc. All Rights Reserved.
*
* This software is the confidential and proprietary information of Sun
* Microsystems, Inc. ("Confidential Information"). You shall not
* disclose such Confidential Information and shall use it only in
* accordance with the terms of the license agreement you entered into
* with Sun.
*
* SUN MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF THE
* SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
* IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
* PURPOSE, OR NON-INFRINGEMENT. SUN SHALL NOT BE LIABLE FOR ANY DAMAGES
* SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING
* THIS SOFTWARE OR ITS DERIVATIVES.
*
* CopyrightVersion 1.1_beta
*
*/
package java.security;
import java.util.*;
import java.io.*;
/**
* This Signature class is used to provide the functionality of a
* digital signature algorithm, such as <tt>RSA with MD5</tt> or
* <tt>DSA</tt>. Digital signatures are used for authentication and
* integrity assurance of digital data.
*
* </dl>
*
* <p>Like other algorithm-based classes in Java Security, the
* Signature class has two major components:
*
* <dl>
*
* <dt><b>Digital Signature API</b> (Application Program Interface)
*
* <dd>This is the interface of methods called by applications needing
* digital signature services. The API consists of all public methods.
*
* <dt><b>Digital Signature SPI</b> (Service Provider Interface)
*
* <dd>This is the interface implemented by providers that supply
* specific algorithms. It consists of all methods whose names are
* prefixed by <code>engine</code>. Each such method is called by a
* correspondingly-named public API method. For example, the
* <code>engineSign</code> method is called by the
* <code>sign</code> method. The SPI methods are abstract;
* providers must supply a concrete implementation.
*
* </dl>
*
* <p>Also like other algorithm-based classes in Java Security, Signature
* provides implementation-independent algorithms, whereby a caller
* (application code) requests a particular signature algorithm
* and is handed back a properly initialized Signature object. It is
* also possible, if desired, to request a particular algorithm from a
* particular provider. See the <code>getInstance </code> methods.
*
* <p>Thus, there are two ways to request a Signature algorithm object: by
* specifying either just an algorithm name, or both an algorithm name
* and a package provider. <ul>
*
* <li>If just an algorithm name is specified, the system will
* determine if there is an implementation of the algorithm requested
* available in the environment, and if there is more than one, if
* there is a preferred one.
*
* <li>If both an algorithm name and a package provider are specified,
* the system will determine if there is an implementation of the
* algorithm in the package requested, and throw an exception if there
* is not.
*
* </ul>
* <p>A Signature object can be used to generate and verify digital
* signatures.
*
* <p>There are three phases to the use of a Signature object for
* either signing data or verifying a signature:<ol>
*
* <li>Initialization, with either
*
* <ul>
*
* <li>a public key, which initializes the signature for
* verification (see <a href = "#initVerify">initVerify</a>), or
*
* <li>a private key, which initializes the signature for
* signing (see <a href = "#initSign">initSign</a>).
*
* </ul><p>
*
* <li>Updating<p>
*
* <p>Depending on the type of initialization, this will update the
* bytes to be signed or verified. See the <a href =
* "#update(byte)">update</a> methods.<p>
*
* <li>Signing or Verifying
*
* <p>a signature on all updated bytes. See <a
* href = "#sign">sign</a> and <a href = "#verify">verify</a>.
*
* </ol>
*
* @version 1.44 97/02/03
* @author Benjamin Renaud
*/
public abstract class Signature {
/* Are we in debugging mode? */
private static boolean debug = false;
/* The algorithm for this signature object. */
private String algorithm;
/**
* Possible <a href = "#state ">state </a> value, signifying that
* this signature object has not yet been initialized.
*/
protected final static int UNINITIALIZED = 0;
/**
* Possible <a href = "#state ">state </a> value, signifying that
* this signature object has been initialized for signing.
*/
protected final static int SIGN = 2;
/**
* Possible <a href = "#state ">state </a> value, signifying that
* this signature object has been initialized for verification.
*/
protected final static int VERIFY = 3;
/**
* Current state of this signature object.
*/
protected int state = UNINITIALIZED;
/**
* Creates a Signature object for the specified algorithm.
*
* @param algorithm the standard string name of the algorithm.
* See Appendix A in the <a href=
* "../guide/security/CryptoSpec.html#AppA">
* Java Cryptography Architecture API Specification & Reference </a>
* for information about standard algorithm names.
*/
protected Signature(String algorithm) {
this.algorithm = algorithm;
}
/**
* Generates a Signature object that implements the specified
* algorithm. If the default provider package contains a Signature
* subclass implementing the algorithm, an instance of that subclass
* is returned. If the algorithm is not available in the default
* package, other packages are searched.
*
* @param algorithm the standard name of the algorithm requested.
* See Appendix A in the <a href=
* "../guide/security/CryptoSpec.html#AppA">
* Java Cryptography Architecture API Specification & Reference </a>
* for information about standard algorithm names.
*
* @return the new Signature object.
*
* @exception NoSuchAlgorithmException if the algorithm is
* not available in the environment.
*/
public static Signature getInstance(String algorithm)
throws NoSuchAlgorithmException {
try {
return (Signature)Security.getImpl(algorithm, "Signature", null);
} catch(NoSuchProviderException e) {
throw new InternalError("please send a bug report via " +
System.getProperty("java.vendor.url.bug"));
}
}
/**
* Generates a Signature object implementing the specified
* algorithm, as supplied from the specified provider, if such an
* algorithm is available from the provider.
*
* @param algorithm the name of the algorithm requested.
* See Appendix A in the <a href=
* "../guide/security/CryptoSpec.html#AppA">
* Java Cryptography Architecture API Specification & Reference </a>
* for information about standard algorithm names.
*
* @param provider the name of the provider.
*
* @return the new Signature object.
*
* @exception NoSuchAlgorithmException if the algorithm is
* not available in the package supplied by the requested
* provider.
*
* @exception NoSuchProviderException if the provider is not
* available in the environment.
*
* @see Provider
*/
public static Signature getInstance(String algorithm, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException {
return (Signature)Security.getImpl(algorithm, "Signature", provider);
}
/**
* Initializes this object for verification. If this method is called
* again with a different argument, it negates the effect
* of this call.
*
* @param publicKey the public key of the identity whose signature is
* going to be verified.
*
* @exception InvalidKeyException if the key is invalid.
*/
public final void initVerify(PublicKey publicKey)
throws InvalidKeyException {
engineInitVerify(publicKey);
state = VERIFY;
}
/**
* Initialize this object for signing. If this method is called
* again with a different argument, it negates the effect
* of this call.
*
* @param privateKey the private key of the identity whose signature
* is going to be generated.
*
* @exception InvalidKeyException if the key is invalid.
*/
public final void initSign(PrivateKey privateKey)
throws InvalidKeyException {
engineInitSign(privateKey);
state = SIGN;
}
/**
* Returns the signature bytes of all the data updated. The
* signature returned is X.509-encoded.
*
* <p>A call to this method resets this signature object to the state
* it was in when previously initialized for signing via a
* call to <code>initSign(PrivateKey)</code>. That is, the object is
* reset and available to generate another signature from the same
* signer, if desired, via new calls to <code>update</code> and
* <code>sign</code>.
*
* @return the signature bytes of the signing operation's result.
*
* @exception SignatureException if this signature object is not
* initialized properly.
*/
public final byte[] sign() throws SignatureException {
if (state == SIGN) {
return engineSign();
}
throw new SignatureException("object not initialized for " +
"signing.");
}
/**
* Verifies the passed-in signature. The signature bytes are expected
* to be X.509-encoded.
*
* <p>A call to this method resets this signature object to the state
* it was in when previously initialized for verification via a
* call to <code>initVerify(PublicKey)</code>. That is, the object is
* reset and available to verify another signature from the identity
* whose public key was specified in the call to <code>initVerify</code>.
*
* @param signature the signature bytes to be verified.
*
* @return true if the signature was verified, false if not.
*
* @exception SignatureException if this signature object is not
* initialized properly, or the passed-in signature is improperly
* encoded or of the wrong type, etc.
*/
public final boolean verify(byte[] signature)
throws SignatureException {
if (state == VERIFY) {
return engineVerify(signature);
}
throw new SignatureException("object not initialized for " +
"verification.");
}
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?