|
Java Card v2.2.2 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object javacard.security.Signature
public abstract class Signature
The Signature
class is the base class for Signature algorithms. Implementations of Signature
algorithms must extend this class and implement all the abstract methods.
The term "pad" is used in the public key signature algorithms below to refer to all the operations specified in the referenced scheme to transform the message digest into the encryption block size.
A tear or card reset event resets an initialized
Signature
object to the state it was in when previously initialized
via a call to init()
. For algorithms which support keys with transient
key data sets, such as DES, triple DES, AES, and Korean SEED
the Signature
object key becomes
uninitialized on clear events associated with the Key
object used to initialize the Signature
object.
Even if a transaction is in progress, update of intermediate result state in the implementation
instance shall not participate in the transaction.
Note:
init(Key, byte, byte[], short, short)
method.
Field Summary | |
---|---|
static byte |
ALG_AES_MAC_128_NOPAD
Signature algorithm ALG_AES_MAC_128_NOPAD generates a 16-byte MAC
using AES with blocksize 128 in CBC mode and does not pad input data. |
static byte |
ALG_DES_MAC4_ISO9797_1_M2_ALG3
Signature algorithm ALG_DES_MAC4_ISO9797_1_M2_ALG3 generates a 4-byte MAC
using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also
EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed
as described in MAC Algorithm 3 of the ISO 9797-1 specification. |
static byte |
ALG_DES_MAC4_ISO9797_M1
Signature algorithm ALG_DES_MAC4_ISO9797_M1 generates a 4-byte MAC
(most significant 4 bytes of encrypted block) using DES in CBC mode
or triple DES in outer CBC mode. |
static byte |
ALG_DES_MAC4_ISO9797_M2
Signature algorithm ALG_DES_MAC4_ISO9797_M2 generates a 4-byte MAC
(most significant 4 bytes of encrypted block) using DES in CBC mode
or triple DES in outer CBC mode. |
static byte |
ALG_DES_MAC4_NOPAD
Signature algorithm ALG_DES_MAC4_NOPAD generates a 4-byte MAC
(most significant 4 bytes of encrypted block) using DES in CBC mode
or triple DES in outer CBC mode. |
static byte |
ALG_DES_MAC4_PKCS5
Signature algorithm ALG_DES_MAC4_PKCS5 generates a 4-byte MAC
(most significant 4 bytes of encrypted block) using DES in CBC mode
or triple DES in outer CBC mode. |
static byte |
ALG_DES_MAC8_ISO9797_1_M2_ALG3
Signature algorithm ALG_DES_MAC8_ISO9797_1_M2_ALG3 generates an 8-byte MAC
using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also
EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed
as described in MAC Algorithm 3 of the ISO 9797-1 specification. |
static byte |
ALG_DES_MAC8_ISO9797_M1
Signature algorithm ALG_DES_MAC8_ISO9797_M1 generates an 8-byte MAC
using DES in CBC mode or triple DES in outer CBC mode. |
static byte |
ALG_DES_MAC8_ISO9797_M2
Signature algorithm ALG_DES_MAC8_ISO9797_M2 generates an 8-byte MAC
using DES in CBC mode or triple DES in outer CBC mode. |
static byte |
ALG_DES_MAC8_NOPAD
Signature algorithm ALG_DES_MAC_8_NOPAD generates an 8-byte MAC
using DES in CBC mode or triple DES in outer CBC mode. |
static byte |
ALG_DES_MAC8_PKCS5
Signature algorithm ALG_DES_MAC8_PKCS5 generates an 8-byte MAC using DES in CBC mode or triple DES in outer CBC mode. |
static byte |
ALG_DSA_SHA
Signature algorithm ALG_DSA_SHA generates a
20-byte SHA digest and signs/verifies the digests using DSA. |
static byte |
ALG_ECDSA_SHA
Signature algorithm ALG_ECDSA_SHA generates a 20-byte
SHA digest and signs/verifies the digest using ECDSA. |
static byte |
ALG_HMAC_MD5
HMAC message authentication algorithm ALG_HMAC_MD5
This algorithm generates an HMAC following the steps found in RFC: 2104
using MD5 as the hashing algorithm. |
static byte |
ALG_HMAC_RIPEMD160
HMAC message authentication algorithm ALG_HMAC_RIPEMD160
This algorithm generates an HMAC following the steps found in RFC: 2104
using RIPEMD160 as the hashing algorithm. |
static byte |
ALG_HMAC_SHA_256
HMAC message authentication algorithm ALG_HMAC_SHA_256
This algorithm generates an HMAC following the steps found in RFC: 2104
using SHA-256 as the hashing algorithm. |
static byte |
ALG_HMAC_SHA_384
HMAC message authentication algorithm ALG_HMAC_SHA_384
This algorithm generates an HMAC following the steps found in RFC: 2104
using SHA-384 as the hashing algorithm. |
static byte |
ALG_HMAC_SHA_512
HMAC message authentication algorithm ALG_HMAC_SHA_512
This algorithm generates an HMAC following the steps found in RFC: 2104
using SHA-512 as the hashing algorithm. |
static byte |
ALG_HMAC_SHA1
HMAC message authentication algorithm ALG_HMAC_SHA1
This algorithm generates an HMAC following the steps found in RFC: 2104
using SHA1 as the hashing algorithm. |
static byte |
ALG_KOREAN_SEED_MAC_NOPAD
Signature algorithm ALG_KOREAN_SEED_MAC_NOPAD generates an 16-byte MAC
using Korean SEED in CBC mode. |
static byte |
ALG_RSA_MD5_PKCS1
Signature algorithm ALG_RSA_MD5_PKCS1 generates a 16-byte MD5 digest,
pads the digest according to the PKCS#1 (v1.5) scheme,
and encrypts it using RSA. |
static byte |
ALG_RSA_MD5_PKCS1_PSS
Signature algorithm ALG_RSA_MD5_PKCS1_PSS generates a 16-byte MD5 digest,
pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000),
and encrypts it using RSA. |
static byte |
ALG_RSA_MD5_RFC2409
Signature algorithm ALG_RSA_MD5_RFC2409 generates a 16-byte MD5 digest,
pads the digest according to the RFC2409 scheme,
and encrypts it using RSA. |
static byte |
ALG_RSA_RIPEMD160_ISO9796
Signature algorithm ALG_RSA_RIPEMD160_ISO9796 generates a 20-byte RIPE MD-160 digest,
pads the digest according to the ISO 9796 scheme,
and encrypts it using RSA. |
static byte |
ALG_RSA_RIPEMD160_ISO9796_MR
Signature algorithm ALG_RSA_RIPEMD160_ISO9796_MR generates 20-byte
RIPE MD-160 digest, pads it according to the ISO9796-2 specification and encrypts
using RSA. |
static byte |
ALG_RSA_RIPEMD160_PKCS1
Signature algorithm ALG_RSA_RIPEMD160_PKCS1 generates a 20-byte RIPE MD-160 digest,
pads the digest according to the PKCS#1 (v1.5) scheme,
and encrypts it using RSA. |
static byte |
ALG_RSA_RIPEMD160_PKCS1_PSS
Signature algorithm ALG_RSA_RIPEMD160_PKCS1_PSS generates a 20-byte RIPE MD-160 digest,
pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000),
and encrypts it using RSA. |
static byte |
ALG_RSA_SHA_ISO9796
Signature algorithm ALG_RSA_SHA_ISO9796 generates
a 20-byte SHA digest, pads the digest according to the ISO 9796-2 scheme
as specified in EMV '96 and EMV 2000, and encrypts it using RSA. |
static byte |
ALG_RSA_SHA_ISO9796_MR
Signature algorithm ALG_RSA_SHA_ISO9796_MR generates 20-byte
SHA-1 digest, pads it according to the ISO9796-2 specification and encrypts
using RSA. |
static byte |
ALG_RSA_SHA_PKCS1
Signature algorithm ALG_RSA_SHA_PKCS1 generates a 20-byte SHA digest,
pads the digest according to the PKCS#1 (v1.5) scheme,
and encrypts it using RSA. |
static byte |
ALG_RSA_SHA_PKCS1_PSS
Signature algorithm ALG_RSA_SHA_PKCS1_PSS generates a 20-byte SHA-1 digest,
pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000),
and encrypts it using RSA. |
static byte |
ALG_RSA_SHA_RFC2409
Signature algorithm ALG_RSA_SHA_RFC2409 generates a 20-byte SHA digest,
pads the digest according to the RFC2409 scheme,
and encrypts it using RSA. |
static byte |
MODE_SIGN
Used in init() methods to indicate signature sign mode. |
static byte |
MODE_VERIFY
Used in init() methods to indicate signature verify mode. |
Constructor Summary | |
---|---|
protected |
Signature()
Protected Constructor |
Method Summary | |
---|---|
abstract byte |
getAlgorithm()
Gets the Signature algorithm. |
static Signature |
getInstance(byte algorithm,
boolean externalAccess)
Creates a Signature object instance of the selected algorithm. |
abstract short |
getLength()
Returns the byte length of the signature data. |
abstract void |
init(Key theKey,
byte theMode)
Initializes the Signature object with the appropriate Key . |
abstract void |
init(Key theKey,
byte theMode,
byte[] bArray,
short bOff,
short bLen)
Initializes the Signature object with the appropriate Key and algorithm specific
parameters. |
abstract short |
sign(byte[] inBuff,
short inOffset,
short inLength,
byte[] sigBuff,
short sigOffset)
Generates the signature of all/last input data. |
abstract void |
update(byte[] inBuff,
short inOffset,
short inLength)
Accumulates a signature of the input data. |
abstract boolean |
verify(byte[] inBuff,
short inOffset,
short inLength,
byte[] sigBuff,
short sigOffset,
short sigLength)
Verifies the signature of all/last input data against the passed in signature. |
Methods inherited from class java.lang.Object |
---|
equals |
Field Detail |
---|
public static final byte ALG_DES_MAC4_NOPAD
ALG_DES_MAC4_NOPAD
generates a 4-byte MAC
(most significant 4 bytes of encrypted block) using DES in CBC mode
or triple DES in outer CBC mode.
This algorithm does not pad input data.
If the input data is not (8 byte) block aligned it throws CryptoException
with the reason code ILLEGAL_USE
.
public static final byte ALG_DES_MAC8_NOPAD
ALG_DES_MAC_8_NOPAD
generates an 8-byte MAC
using DES in CBC mode or triple DES in outer CBC mode.
This algorithm does not pad input data.
If the input data is not (8 byte) block aligned it throws CryptoException
with the reason code ILLEGAL_USE
.
Note:
public static final byte ALG_DES_MAC4_ISO9797_M1
ALG_DES_MAC4_ISO9797_M1
generates a 4-byte MAC
(most significant 4 bytes of encrypted block) using DES in CBC mode
or triple DES in outer CBC mode.
Input data is padded according to the ISO 9797 method 1 scheme.
public static final byte ALG_DES_MAC8_ISO9797_M1
ALG_DES_MAC8_ISO9797_M1
generates an 8-byte MAC
using DES in CBC mode or triple DES in outer CBC mode.
Input data is padded according to the ISO 9797 method 1 scheme.
Note:
public static final byte ALG_DES_MAC4_ISO9797_M2
ALG_DES_MAC4_ISO9797_M2
generates a 4-byte MAC
(most significant 4 bytes of encrypted block) using DES in CBC mode
or triple DES in outer CBC mode.
Input data is padded according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.
public static final byte ALG_DES_MAC8_ISO9797_M2
ALG_DES_MAC8_ISO9797_M2
generates an 8-byte MAC
using DES in CBC mode or triple DES in outer CBC mode.
Input data is padded according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.
Note:
public static final byte ALG_DES_MAC4_PKCS5
ALG_DES_MAC4_PKCS5
generates a 4-byte MAC
(most significant 4 bytes of encrypted block) using DES in CBC mode
or triple DES in outer CBC mode.
Input data is padded according to the PKCS#5 scheme.
public static final byte ALG_DES_MAC8_PKCS5
Note:
public static final byte ALG_RSA_SHA_ISO9796
ALG_RSA_SHA_ISO9796
generates
a 20-byte SHA digest, pads the digest according to the ISO 9796-2 scheme
as specified in EMV '96 and EMV 2000, and encrypts it using RSA.
Note:
verify
method does not support the message recovery
semantics of this algorithm.
public static final byte ALG_RSA_SHA_PKCS1
ALG_RSA_SHA_PKCS1
generates a 20-byte SHA digest,
pads the digest according to the PKCS#1 (v1.5) scheme,
and encrypts it using RSA.
Note:
public static final byte ALG_RSA_MD5_PKCS1
ALG_RSA_MD5_PKCS1
generates a 16-byte MD5 digest,
pads the digest according to the PKCS#1 (v1.5) scheme,
and encrypts it using RSA.
Note:
public static final byte ALG_RSA_RIPEMD160_ISO9796
ALG_RSA_RIPEMD160_ISO9796
generates a 20-byte RIPE MD-160 digest,
pads the digest according to the ISO 9796 scheme,
and encrypts it using RSA.
public static final byte ALG_RSA_RIPEMD160_PKCS1
ALG_RSA_RIPEMD160_PKCS1
generates a 20-byte RIPE MD-160 digest,
pads the digest according to the PKCS#1 (v1.5) scheme,
and encrypts it using RSA.
Note:
public static final byte ALG_DSA_SHA
ALG_DSA_SHA
generates a
20-byte SHA digest and signs/verifies the digests using DSA. The signature is encoded as an ASN.1
sequence of two INTEGER values, r and s, in that order:
SEQUENCE ::= { r INTEGER, s INTEGER }
public static final byte ALG_RSA_SHA_RFC2409
ALG_RSA_SHA_RFC2409
generates a 20-byte SHA digest,
pads the digest according to the RFC2409 scheme,
and encrypts it using RSA.
public static final byte ALG_RSA_MD5_RFC2409
ALG_RSA_MD5_RFC2409
generates a 16-byte MD5 digest,
pads the digest according to the RFC2409 scheme,
and encrypts it using RSA.
public static final byte ALG_ECDSA_SHA
ALG_ECDSA_SHA
generates a 20-byte
SHA digest and signs/verifies the digest using ECDSA. The signature is encoded as an ASN.1
sequence of two INTEGER values, r and s, in that order:
SEQUENCE ::= { r INTEGER, s INTEGER }
public static final byte ALG_AES_MAC_128_NOPAD
ALG_AES_MAC_128_NOPAD
generates a 16-byte MAC
using AES with blocksize 128 in CBC mode and does not pad input data.
If the input data is not (16-byte) block aligned it throws CryptoException
with the reason code ILLEGAL_USE
.
public static final byte ALG_DES_MAC4_ISO9797_1_M2_ALG3
ALG_DES_MAC4_ISO9797_1_M2_ALG3
generates a 4-byte MAC
using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also
EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed
as described in MAC Algorithm 3 of the ISO 9797-1 specification.
The left key block of the triple DES key is used as a single DES key(K) and the right
key block of the triple DES key is used as a single DES Key (K') during MAC processing.
The final result is truncated to 4 bytes as described in ISO9797-1.
public static final byte ALG_DES_MAC8_ISO9797_1_M2_ALG3
ALG_DES_MAC8_ISO9797_1_M2_ALG3
generates an 8-byte MAC
using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also
EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed
as described in MAC Algorithm 3 of the ISO 9797-1 specification.
The left key block of the triple DES key is used as a single DES key(K) and the right
key block of the triple DES key is used as a single DES Key (K') during MAC processing.
The final result is truncated to 8 bytes as described in ISO9797-1.
public static final byte ALG_RSA_SHA_PKCS1_PSS
ALG_RSA_SHA_PKCS1_PSS
generates a 20-byte SHA-1 digest,
pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000),
and encrypts it using RSA.
public static final byte ALG_RSA_MD5_PKCS1_PSS
ALG_RSA_MD5_PKCS1_PSS
generates a 16-byte MD5 digest,
pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000),
and encrypts it using RSA.
public static final byte ALG_RSA_RIPEMD160_PKCS1_PSS
ALG_RSA_RIPEMD160_PKCS1_PSS
generates a 20-byte RIPE MD-160 digest,
pads it according to the PKCS#1-PSS scheme (IEEE 1363-2000),
and encrypts it using RSA.
public static final byte ALG_HMAC_SHA1
ALG_HMAC_SHA1
This algorithm generates an HMAC following the steps found in RFC: 2104
using SHA1 as the hashing algorithm.
public static final byte ALG_HMAC_SHA_256
ALG_HMAC_SHA_256
This algorithm generates an HMAC following the steps found in RFC: 2104
using SHA-256 as the hashing algorithm.
public static final byte ALG_HMAC_SHA_384
ALG_HMAC_SHA_384
This algorithm generates an HMAC following the steps found in RFC: 2104
using SHA-384 as the hashing algorithm.
public static final byte ALG_HMAC_SHA_512
ALG_HMAC_SHA_512
This algorithm generates an HMAC following the steps found in RFC: 2104
using SHA-512 as the hashing algorithm.
public static final byte ALG_HMAC_MD5
ALG_HMAC_MD5
This algorithm generates an HMAC following the steps found in RFC: 2104
using MD5 as the hashing algorithm.
public static final byte ALG_HMAC_RIPEMD160
ALG_HMAC_RIPEMD160
This algorithm generates an HMAC following the steps found in RFC: 2104
using RIPEMD160 as the hashing algorithm.
public static final byte ALG_RSA_SHA_ISO9796_MR
ALG_RSA_SHA_ISO9796_MR
generates 20-byte
SHA-1 digest, pads it according to the ISO9796-2 specification and encrypts
using RSA. This algorithm is conformant with EMV2000.
This algorithm uses the first part of the input message as padding bytes during signing. During verification, these message bytes (recoverable message) can be recovered to reconstruct the message.
To use this algorithm the Signature
object instance returned by the
getInstance
method must be cast to the
SignatureMessageRecovery
interface to invoke the applicable methods.
public static final byte ALG_RSA_RIPEMD160_ISO9796_MR
ALG_RSA_RIPEMD160_ISO9796_MR
generates 20-byte
RIPE MD-160 digest, pads it according to the ISO9796-2 specification and encrypts
using RSA.
This algorithm uses the first part of the input message as padding bytes during signing. During verification, these message bytes (recoverable message) can be recovered to reconstruct the message.
To use this algorithm the Signature
object instance returned by the
getInstance
method must be cast to the
SignatureMessageRecovery
interface to invoke the applicable methods.
public static final byte ALG_KOREAN_SEED_MAC_NOPAD
ALG_KOREAN_SEED_MAC_NOPAD
generates an 16-byte MAC
using Korean SEED in CBC mode.
This algorithm does not pad input data.
If the input data is not (16 byte) block aligned it throws CryptoException
with the reason code ILLEGAL_USE
.
Note:
public static final byte MODE_SIGN
init()
methods to indicate signature sign mode.
public static final byte MODE_VERIFY
init()
methods to indicate signature verify mode.
Constructor Detail |
---|
protected Signature()
Method Detail |
---|
public static final Signature getInstance(byte algorithm, boolean externalAccess) throws CryptoException
Signature
object instance of the selected algorithm.
algorithm
- the desired Signature algorithm. Valid codes listed in
ALG_*
constants above e.g. ALG_DES_MAC4_NOPAD
.externalAccess
- true
indicates that the instance will be shared among
multiple applet instances and that the Signature
instance will also be accessed (via a Shareable
interface) when the owner of the Signature
instance is not the currently selected applet.
If true
the implementation must not allocate CLEAR_ON_DESELECT transient space for internal data.
Signature
object instance of the requested algorithm
CryptoException
- with the following reason codes:CryptoException.NO_SUCH_ALGORITHM
if the requested algorithm
or shared access mode is not supported.public abstract void init(Key theKey, byte theMode) throws CryptoException
Signature
object with the appropriate Key
.
This method should be used
for algorithms which do not need initialization parameters or use default parameter
values.
init()
must be used to update the Signature
object with a new key.
If the Key
object is modified after invoking the init()
method,
the behavior of the update()
, sign()
, and verify()
methods is unspecified.
Note:
theKey
parameter is a transient key,
the implementation should, whenever possible, use transient space for internal storage.
theKey
- the key object to use for signing or verifyingtheMode
- one of MODE_SIGN
or MODE_VERIFY
CryptoException
- with the following reason codes:CryptoException.ILLEGAL_VALUE
if theMode
option is an undefined value or
if the Key
is inconsistent with theMode
or with the Signature
implementation.
CryptoException.UNINITIALIZED_KEY
if theKey
instance is uninitialized.
public abstract void init(Key theKey, byte theMode, byte[] bArray, short bOff, short bLen) throws CryptoException
Signature
object with the appropriate Key
and algorithm specific
parameters.
init()
must be used to update the Signature
object with a new key.
If the Key
object is modified after invoking the init()
method,
the behavior of the update()
, sign()
, and verify()
methods is unspecified.
Note:
bArray
.
bArray
.
bArray
.
CryptoException.ILLEGAL_VALUE
.
theKey
parameter is a transient key,
the implementation should, whenever possible, use transient space for internal storage.
theKey
- the key object to use for signingtheMode
- one of MODE_SIGN
or MODE_VERIFY
bArray
- byte array containing algorithm specific initialization informationbOff
- offset within bArray
where the algorithm specific data beginsbLen
- byte length of algorithm specific parameter data
CryptoException
- with the following reason codes:CryptoException.ILLEGAL_VALUE
if theMode
option is an undefined value
or if a byte array parameter option is not supported by the algorithm or if
the bLen
is an incorrect byte length for the algorithm specific data or
if the Key
is inconsistent with theMode
or with the Signature
implementation.
CryptoException.UNINITIALIZED_KEY
if theKey
instance is uninitialized.
public abstract byte getAlgorithm()
public abstract short getLength() throws CryptoException
CryptoException
- with the following reason codes:CryptoException.INVALID_INIT
if this Signature
object is
not initialized.
CryptoException.UNINITIALIZED_KEY
if key not initialized.
public abstract void update(byte[] inBuff, short inOffset, short inLength) throws CryptoException
sign()
or verify()
method is recommended. The sign()
or verify()
method must be called to complete processing of input data accumulated by one or more
calls to the update()
method.
Note:
inLength
is 0 this method does nothing.
inBuff
- the input buffer of data to be signed/verifiedinOffset
- the offset into the input buffer where input data beginsinLength
- the byte length to sign/verify
CryptoException
- with the following reason codes:CryptoException.UNINITIALIZED_KEY
if key not initialized.
CryptoException.INVALID_INIT
if this Signature
object is
not initialized.
sign(byte[], short, short, byte[], short)
,
verify(byte[], short, short, byte[], short, short)
public abstract short sign(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff, short sigOffset) throws CryptoException
A call to this method also resets this Signature
object to the state it was in
when previously initialized via a call to init()
.
That is, the object is reset and available to sign another message.
In addition, note that the initial vector(IV) used in AES, DES and Korean SEED algorithms
in CBC mode will be reset to 0.
Note:
init(Key, byte, byte[], short, short)
method.
The input and output buffer data may overlap.
inBuff
- the input buffer of data to be signedinOffset
- the offset into the input buffer at which to begin signature generationinLength
- the byte length to signsigBuff
- the output buffer to store signature datasigOffset
- the offset into sigBuff at which to begin signature data
CryptoException
- with the following reason codes:CryptoException.UNINITIALIZED_KEY
if key not initialized.
CryptoException.INVALID_INIT
if this Signature
object is
not initialized or initialized for signature verify mode.
CryptoException.ILLEGAL_USE
if one of the following conditions is met:Signature
algorithm
does not pad the message and the message is not block aligned.
Signature
algorithm
does not pad the message and no input
data has been provided in inBuff
or via the update()
method.
Signature
algorithm includes message recovery functionality.
public abstract boolean verify(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff, short sigOffset, short sigLength) throws CryptoException
A call to this method also resets this Signature
object to the state it was in
when previously initialized via a call to init()
.
That is, the object is reset and available to verify another message.
In addition, note that the initial vector(IV) used in AES, DES and Korean SEED algorithms
in CBC mode will be reset to 0.
Note:
init(Key, byte, byte[], short, short)
method.
inBuff
- the input buffer of data to be verifiedinOffset
- the offset into the input buffer at which to begin signature generationinLength
- the byte length to signsigBuff
- the input buffer containing signature datasigOffset
- the offset into sigBuff
where signature data beginssigLength
- the byte length of the signature data
true
if the signature verifies, false
otherwise
Note, if sigLength
is inconsistent with this Signature
algorithm, false
is returned.
CryptoException
- with the following reason codes:CryptoException.UNINITIALIZED_KEY
if key not initialized.
CryptoException.INVALID_INIT
if this Signature
object is
not initialized or initialized for signature sign mode.
CryptoException.ILLEGAL_USE
if one of the following conditions is met:Signature
algorithm
does not pad the message and the message is not block aligned.
Signature
algorithm
does not pad the message and no input
data has been provided in inBuff
or via the update()
method.
Signature
algorithm includes message recovery functionality.
|
Java Card v2.2.2 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |