com.entrust.toolkit.security.crypto.ec

Class EcdsaWithRecommendedSignature

java.lang.Object

java.security.SignatureSpi

java.security.Signature

com.entrust.toolkit.security.crypto.signature.DigitalSignature

com.entrust.toolkit.security.crypto.ec.EcdsaSignature

com.entrust.toolkit.security.crypto.ec.EcdsaWithRecommendedSignature

All Implemented Interfaces:

ExtendedSignature

public final class EcdsaWithRecommendedSignature
extends EcdsaSignature

The ECDSA signature algorithm with the recommended underlying hash function.

The recommended hash function has the same security strength (security in bits) as the EC key being used. The following table indicates the recommended hash function for an EC key of a given size. This table was compiled from security strength information provided by NIST in SP 800-57 Part 1 Table 2 & 3.

Key size (bits)	Digest Algorithm
[1..223]	SHA-1
[224..255]	SHA-224
[226..383]	SHA-256
[384..511]	SHA-384
512+	SHA-512

This implementation calculates the hash internally, thus it is the message itself (being signed or verified) that is passed in through the update() API.

An instance of this algorithm can be obtained using the Java Cryptography Architecture (JCA), by requesting a 'RECOMMENDEDwithECDSA' digital signature from the Entrust cryptographic service provider. This can be done using the following call:

Signature.getInstance("RECOMMENDEDwithECDSA", "Entrust");

FIPS 140-2:

This class is part of the Toolkit's FIPS 140-2 cryptographic module and contains APIs that are considered part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; refer to the API documentation for further details

Since:

8.0

See Also:

EcdsaSignature

Field Summary

Fields inherited from class java.security.Signature

SIGN, state, UNINITIALIZED, VERIFY

Fields inherited from class java.security.SignatureSpi

appRandom

Constructor Summary

Constructors

Constructor and Description
EcdsaWithRecommendedSignature() The constructor; creates a new instance of the RECOMMENDEDwithECDSA digital signature algorithm.

Method Summary

Methods inherited from class com.entrust.toolkit.security.crypto.ec.EcdsaSignature

getDigitalSignatureImpl

Methods inherited from class com.entrust.toolkit.security.crypto.signature.DigitalSignature

assertParametersValid, engineGetParameter, engineGetParameters, engineInitSign, engineInitSign, engineInitVerify, engineSetParameter, engineSetParameter, engineSign, engineSign, engineUpdate, engineUpdate, engineVerify, engineVerify, generateDefaultParameters, getDigest, getPrng, toAlgorithmParameters

Methods inherited from class java.security.Signature

clone, getAlgorithm, getInstance, getInstance, getInstance, getParameter, getParameters, getProvider, initSign, initSign, initVerify, initVerify, setParameter, setParameter, sign, sign, toString, update, update, update, update, verify, verify

Methods inherited from class java.security.SignatureSpi

engineUpdate

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

EcdsaWithRecommendedSignature

public EcdsaWithRecommendedSignature()

The constructor; creates a new instance of the RECOMMENDEDwithECDSA digital signature algorithm.

Applications should not use this constructor, instead the signature algorithm should be requested from the appropriate JCA/JCE cryptographic service provider as follows: Signature.getInstance("RECOMMENDEDwithECDSA", "Entrust").

FIPS 140-2:

FIPS Service: Modify Object

This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:

• control input interface (API call)
• status output interface (exceptions)