iaik.security.rsa

Class Md5RSASignature

java.lang.Object

java.security.SignatureSpi

java.security.Signature

iaik.security.rsa.RSASignature

iaik.security.rsa.Md5RSASignature

Deprecated.

since 8.0; use Md5RsaSignature instead

public class Md5RSASignature
extends RSASignature

This class extends the RSASignature class for providing the functionality of the RSA digital signature algorithm using MD5 as message digest algorithm.

This class only creates a new RSASignature object and sets the hash function to be used to MD5.

The "MD5 with RSA" signature algorithm is described in PKCS #1: RSA Encryption Version 1.5 (RFC 2313) and is recommended to be used in signing X.509/PEM certificates, certificate-revocation lists, PKCS#6 extended certificates, and other objects employing digital signatures such as X.401 message tokens. The algorithms presented in PKCS#1 are not intended to be used in PKCS#7, where signatures (encrypted message digests) are treated as octet strings, in contrast to the bit string interpretation of PKCS#1.

An application wishing to sign some message (e.g. the TBSCertificate contents of a X.509 certificate) or to verify some signature using the "MD5 with RSA" algorithm, generally has to perform three steps:

• First an instance of the desired signature algorithm has to be created using a proper getInstance method, e.g.

   Signature md5_rsa = Signature.getInstance("MD5/RSA");
   

• Second, the Signature object just created has to be properly initialized for signing a message respectively verifying a signature using a RSA private respectively RSA public key, e.g.:
  • Initialize for Signing: md5_rsa.initSign(rsaPrivateKey);
  • Initialize for Verifying: md5_rsa.initVerify(rsaPublicKey);

• Finally, if the Signature object has been initialized for signing, the data to be signed is supplied to it and subsequently the signature is created by calling the sign method returning the signature as DER encoded byte array. Otherwise, if the Signature object has been initialized for verifying, first the data to be verified is supplied to the Signature object, and subsequently the signature is verified by calling the verify method, supplied with the DER encoded byte array holding the corresponding signature:
  • Supply the data to be signed, and subsequently sign it:

     md5_rsa.update(data);
     byte[] signature = md5_rsa.sign();
     

  • Supply the data to be verified, and verify the signature:

     md5_rsa.update(data);
     System.out.println("Signature " + (md5_rsa.verify(signature) ? "correct!" : "not correct!"));
     

See Also:

RSASignature, Md2RSASignature, ShaRSASignature, SslRsaSignature, Signature, MD5

Field Summary

Fields inherited from class iaik.security.rsa.RSASignature

hash

Fields inherited from class java.security.Signature

SIGN, state, UNINITIALIZED, VERIFY

Fields inherited from class java.security.SignatureSpi

appRandom

Constructor Summary

Constructors

Constructor and Description
Md5RSASignature() Deprecated. Default Constructor.

Method Summary

Methods inherited from class iaik.security.rsa.RSASignature

engineGetParameter, engineInitSign, engineInitVerify, engineSetParameter, engineSign, engineUpdate, engineUpdate, engineVerify

Methods inherited from class java.security.Signature

clone, getAlgorithm, getInstance, getInstance, getInstance, getParameter, getParameters, getProvider, initSign, initSign, initVerify, initVerify, setParameter, setParameter, sign, sign, toString, update, update, update, update, verify, verify

Methods inherited from class java.security.SignatureSpi

engineGetParameters, engineInitSign, engineSetParameter, engineSign, engineUpdate, engineVerify

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

Md5RSASignature

public Md5RSASignature()

Deprecated.

Default Constructor. This constructor only tells the superclass to use the MD5 hash algorithm for creating the message digest.

Applications do not call this constructor. They shall use one of the getInstance methods of the java.security.Signature class for obtaining a Md5RSASignature object.

Throws:

java.security.NoSuchAlgorithmException - shows that there is no implementation of the MD5 hash algorithm.