com.entrust.toolkit.security.crypto.ec

Class EcdsaWithSpecifiedSignature

java.lang.Object

java.security.SignatureSpi

java.security.Signature

com.entrust.toolkit.security.crypto.signature.DigitalSignature

com.entrust.toolkit.security.crypto.ec.EcdsaSignature

com.entrust.toolkit.security.crypto.ec.EcdsaWithSpecifiedSignature

All Implemented Interfaces:

ExtendedSignature

public final class EcdsaWithSpecifiedSignature
extends EcdsaSignature

The ECDSA signature algorithm with an underlying hash function that is specified through algorithm parameters.

The following hash functions are supported:

• SHA1
• SHA224
• SHA256
• SHA384
• SHA512

This digital signature algorithm implementation requires parameters when initialized for signature generation. If algorithm parameters are not provided, a default set will automatically be used. The following algorithm parameter representations are supported:

• EcdsaWithSpecifiedParameterSpec

This implementation calculates the hash internally, thus it is the message itself (being signed or verified) that is passed in through the update() API.

An instance of this algorithm can be obtained using the Java Cryptography Architecture (JCA), by requesting a 'SPECIFIEDwithECDSA' digital signature from the Entrust cryptographic service provider. This can be done using the following call:

Signature.getInstance("SPECIFIEDwithECDSA", "Entrust");

FIPS 140-2:

This class is part of the Toolkit's FIPS 140-2 cryptographic module and contains APIs that are considered part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; refer to the API documentation for further details

Since:

8.0

See Also:

EcdsaWithSpecifiedParameterSpec, EcdsaWithSpecifiedParameters, EcdsaSignature

Field Summary

Fields inherited from class java.security.Signature

SIGN, state, UNINITIALIZED, VERIFY

Fields inherited from class java.security.SignatureSpi

appRandom

Constructor Summary

Constructors

Constructor and Description
EcdsaWithSpecifiedSignature() The constructor; creates a new instance of the SPECIFIEDwithECDSA digital signature algorithm.

Method Summary

Methods

Modifier and Type	Method and Description
protected void	assertParametersValid(java.security.spec.AlgorithmParameterSpec params) Checks the parameters to ensure that they are valid and appropriate for this digital signature algorithm.
protected java.security.spec.AlgorithmParameterSpec	generateDefaultParameters() Returns a default set of parameters that are valid and appropriate for this digital signature algorithm.
protected java.security.AlgorithmParameters	toAlgorithmParameters(java.security.spec.AlgorithmParameterSpec paramSpec) Converts algorithm parameters in transparent representation into their opaque representation during a call to engineGetParameters() .

Methods inherited from class com.entrust.toolkit.security.crypto.ec.EcdsaSignature

getDigitalSignatureImpl

Methods inherited from class com.entrust.toolkit.security.crypto.signature.DigitalSignature

engineGetParameter, engineGetParameters, engineInitSign, engineInitSign, engineInitVerify, engineSetParameter, engineSetParameter, engineSign, engineSign, engineUpdate, engineUpdate, engineVerify, engineVerify, getDigest, getPrng

Methods inherited from class java.security.Signature

clone, getAlgorithm, getInstance, getInstance, getInstance, getParameter, getParameters, getProvider, initSign, initSign, initVerify, initVerify, setParameter, setParameter, sign, sign, toString, update, update, update, update, verify, verify

Methods inherited from class java.security.SignatureSpi

engineUpdate

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

EcdsaWithSpecifiedSignature

public EcdsaWithSpecifiedSignature()

The constructor; creates a new instance of the SPECIFIEDwithECDSA digital signature algorithm.

Applications should not use this constructor, instead the signature algorithm should be requested from the appropriate JCA/JCE cryptographic service provider as follows: Signature.getInstance("SPECIFIEDwithECDSA", "Entrust").

FIPS 140-2:

FIPS Service: Modify Object

This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:

• control input interface (API call)
• status output interface (exceptions)

Method Detail

generateDefaultParameters

protected java.security.spec.AlgorithmParameterSpec generateDefaultParameters()

Description copied from class: DigitalSignature

Returns a default set of parameters that are valid and appropriate for this digital signature algorithm.

This default implementation is only appropriate for algorithms that do not support algorithm parameters; it always returns null. For algorithms that do support algorithm parameters, this API must be overridden to generate a valid and appropriate set of default algorithm parameters. These parameters will automatically be used when parameters are not provided through the engineSetParameter() API and the algorithm is initialized for signature generation.

FIPS 140-2:

FIPS Service: Non-Cryptographic Operation

Although this API is externally accessible (protected), it is intended for internal use only and MUST NOT be called externally by the operator when operating in FIPS mode. Since its use is prohibited, this API is not part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module.

Overrides:

generateDefaultParameters in class DigitalSignature

Returns:

the default set of algorithm parameters or null if this algorithm does not support parameters

assertParametersValid

protected void assertParametersValid(java.security.spec.AlgorithmParameterSpec params)
                              throws java.security.InvalidAlgorithmParameterException

Description copied from class: DigitalSignature

Checks the parameters to ensure that they are valid and appropriate for this digital signature algorithm.

This default implementation is only appropriate for algorithms that do not support algorithm parameters; it throws an InvalidAlgorithmParameterException indicating that parameters are not supported when non-null parameters are provided. For algorithms that do support algorithm parameters, this API must be overridden to check that the parameters that were passed in are valid and appropriate for the algorithm.

FIPS 140-2:

Although this API is externally accessible (protected), it is intended for internal use only and MUST NOT be called externally by the operator when operating in FIPS mode. Since its use is prohibited, this API is not part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module.

Overrides:

assertParametersValid in class DigitalSignature

Parameters:

params - the parameters

Throws:

java.security.InvalidAlgorithmParameterException - if the given parameters are inappropriate for this signature algorithm

toAlgorithmParameters

protected java.security.AlgorithmParameters toAlgorithmParameters(java.security.spec.AlgorithmParameterSpec paramSpec)

Description copied from class: DigitalSignature

Converts algorithm parameters in transparent representation into their opaque representation during a call to engineGetParameters() .

This default implementation is only appropriate for algorithms that do not support algorithm parameters; it always returns null. For algorithms that do support algorithm parameters, this API must be overridden to convert supported parameters in transparent representation to opaque representation.

FIPS 140-2:

FIPS Service: Non-Cryptographic Operation

Although this API is externally accessible (protected), it is intended for internal use only and MUST NOT be called externally by the operator when operating in FIPS mode. Since its use is prohibited, this API is not part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module.

Overrides:

toAlgorithmParameters in class DigitalSignature

Parameters:

paramSpec - a transparent representation of the algorithm parameters

Returns:

an opaque representation of the algorithm parameters or null if this algorithm does not support parameters