Package org.bouncycastle.crypto.signers

Class ISO9796d2PSSSigner

java.lang.Object
org.bouncycastle.crypto.signers.ISO9796d2PSSSigner
All Implemented Interfaces:
Signer, SignerWithRecovery
public class ISO9796d2PSSSigner extends Object implements SignerWithRecovery
ISO9796-2 - mechanism using a hash function with recovery (scheme 2 and 3).

Note: the usual length for the salt is the length of the hash function used in bytes.

  • Field Details

    • TRAILER_IMPLICIT

      public static final int TRAILER_IMPLICIT
      Deprecated.
      use ISOTrailers
      See Also:

    • TRAILER_RIPEMD160

      public static final int TRAILER_RIPEMD160
      Deprecated.
      use ISOTrailers
      See Also:

    • TRAILER_RIPEMD128

      public static final int TRAILER_RIPEMD128
      Deprecated.
      use ISOTrailers
      See Also:

    • TRAILER_SHA1

      public static final int TRAILER_SHA1
      Deprecated.
      use ISOTrailers
      See Also:

    • TRAILER_SHA256

      public static final int TRAILER_SHA256
      Deprecated.
      use ISOTrailers
      See Also:

    • TRAILER_SHA512

      public static final int TRAILER_SHA512
      Deprecated.
      use ISOTrailers
      See Also:

    • TRAILER_SHA384

      public static final int TRAILER_SHA384
      Deprecated.
      use ISOTrailers
      See Also:

    • TRAILER_WHIRLPOOL

      public static final int TRAILER_WHIRLPOOL
      Deprecated.
      use ISOTrailers
      See Also:

  • Constructor Details

    • ISO9796d2PSSSigner

      public ISO9796d2PSSSigner(AsymmetricBlockCipher cipher, Digest digest, int saltLength, boolean implicit)
      Generate a signer with either implicit or explicit trailers for ISO9796-2, scheme 2 or 3.
      Parameters:
      cipher - base cipher to use for signature creation/verification
      digest - digest to use.
      saltLength - length of salt in bytes.
      implicit - whether or not the trailer is implicit or gives the hash.

    • ISO9796d2PSSSigner

      public ISO9796d2PSSSigner(AsymmetricBlockCipher cipher, Digest digest, int saltLength)
      Constructor for a signer with an explicit digest trailer.
      Parameters:
      cipher - cipher to use.
      digest - digest to sign with.
      saltLength - length of salt in bytes.

  • Method Details

    • init

      public void init(boolean forSigning, CipherParameters param)
      Initialise the signer.
      Specified by:
      init in interface Signer
      Parameters:
      forSigning - true if for signing, false if for verification.
      param - parameters for signature generation/verification. If the parameters are for generation they should be a ParametersWithRandom, a ParametersWithSalt, or just an RSAKeyParameters object. If RSAKeyParameters are passed in a SecureRandom will be created.
      Throws:
      IllegalArgumentException - if wrong parameter type or a fixed salt is passed in which is the wrong length.

    • updateWithRecoveredMessage

      public void updateWithRecoveredMessage(byte[] signature) throws InvalidCipherTextException
      Description copied from interface: SignerWithRecovery
      Perform an update with the recovered message before adding any other data. This must be the first update method called, and calling it will result in the signer assuming that further calls to update will include message content past what is recoverable.
      Specified by:
      updateWithRecoveredMessage in interface SignerWithRecovery
      Parameters:
      signature - the signature that we are in the process of verifying.
      Throws:
      InvalidCipherTextException

    • update

      public void update(byte b)
      update the internal digest with the byte b
      Specified by:
      update in interface Signer

    • update

      public void update(byte[] in, int off, int len)
      update the internal digest with the byte array in
      Specified by:
      update in interface Signer

    • reset

      public void reset()
      reset the internal state
      Specified by:
      reset in interface Signer

    • generateSignature

      public byte[] generateSignature() throws CryptoException
      generate a signature for the loaded message using the key we were initialised with.
      Specified by:
      generateSignature in interface Signer
      Throws:
      CryptoException

    • verifySignature

      public boolean verifySignature(byte[] signature)
      return true if the signature represents a ISO9796-2 signature for the passed in message.
      Specified by:
      verifySignature in interface Signer

    • hasFullMessage

      public boolean hasFullMessage()
      Return true if the full message was recoveredMessage.
      Specified by:
      hasFullMessage in interface SignerWithRecovery
      Returns:
      true on full message recovery, false otherwise, or if not sure.
      See Also:

    • getRecoveredMessage

      public byte[] getRecoveredMessage()
      Return a reference to the recoveredMessage message, either as it was added to a just generated signature, or extracted from a verified one.
      Specified by:
      getRecoveredMessage in interface SignerWithRecovery
      Returns:
      the full/partial recoveredMessage message.
      See Also: