EntrustRawECDSA ("Entrust Authority Security Toolkit for the Java Platform")

java.lang.Object
- java.security.SignatureSpi
- - java.security.Signature
  - - com.entrust.toolkit.security.provider.EntrustRawECDSA

All Implemented Interfaces:

ExtendedSignature

Deprecated.
since 7.2 SP2; use EcdsaWithNoneSignature instead
```
public final class EntrustRawECDSA
extends java.security.Signature
implements ExtendedSignature
```
Implements the Raw ECDSA signature algorithm.
This class expects its input to be already hashed with SHA-1. It is not expected that the Raw DSA algorithm will be heavily used by application developers; it is mainly for internal purposes.

This class supports the usual private keys of class ECDSAPrivateKey, as well as Entrust confined EC private keys of class ConfinedPrivateKey, which might be retrieved by invoking User.getSigningKey(), for example.

Use the "Raw" ECDSA signature like any other signature algorithm, but supply the hashed data to the update() methods instead of the original data to be signed. You can call all of the update methods in any combination, but when you call sign() or verify() exactly 20 bytes must have been passed during the updates. This is necessary because ECDSA was specifically designed for the 160 bit hashes of SHA-1.

Note

Applications should not instantiate this class directly. Instead, they should use Signature.getInstance("RawECDSA") to create a Raw ECDSA Signature object.

Since:

7.0

See Also:
Signature

Field Summary
- Fields inherited from class java.security.Signature
  SIGN, state, UNINITIALIZED, VERIFY
- Fields inherited from class java.security.SignatureSpi
  appRandom

Constructor Summary

Constructors
Constructor and Description

EntrustRawECDSA()
Deprecated.

Default constructor.

Constructors
Constructor and Description
`EntrustRawECDSA()` Deprecated. Default constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`protected java.lang.Object`	`engineGetParameter(java.lang.String param)` Deprecated. Always throws an exception for security reasons.
`protected void`	`engineInitSign(java.security.PrivateKey privateKey)` Deprecated. Initializes this signature object with the specified private key for signing operations.
`protected void`	`engineInitVerify(java.security.PublicKey publicKey)` Deprecated. Initializes this signature object with the specified public key for verification operations.
`protected void`	`engineSetParameter(java.security.spec.AlgorithmParameterSpec params)` Deprecated. Sets the specified algorithm parameter to the specified value.
`protected void`	`engineSetParameter(java.lang.String param, java.lang.Object value)` Deprecated. Sets the specified algorithm parameter to the specified value.
`protected byte[]`	`engineSign()` Deprecated. Returns the signature byte array containing all of the updated data.
`protected void`	`engineUpdate(byte b)` Deprecated. SPI: Updates the data to be signed or verified with the specified byte.
`protected void`	`engineUpdate(byte[] b, int off, int len)` Deprecated. SPI: Updates the data to be signed or verified with the specified number of hashed bytes, beginning at the specified offset within the given byte array.
`protected boolean`	`engineVerify(byte[] sigBytes)` Deprecated. Verifies the signature.
`byte[]`	`getDigest()` Deprecated. Returns the digest that was calculated during signature generation or verification.

Methods inherited from class java.security.Signature
clone, getAlgorithm, getInstance, getInstance, getInstance, getParameter, getParameters, getProvider, initSign, initSign, initVerify, initVerify, setParameter, setParameter, sign, sign, toString, update, update, update, update, verify, verify

Methods inherited from class java.security.SignatureSpi
engineGetParameters, engineInitSign, engineSign, engineUpdate, engineVerify

Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - EntrustRawECDSA
```
public EntrustRawECDSA()
```
    Deprecated.
    
    Default constructor.
    Creates a new EntrustRawECDSA signature object.
    
    Applications use Signature.getInstance("RawECDSA"); for creating a raw ECDSA Signature object.
    
    See Also:
    Signature.getInstance(java.lang.String)
- Method Detail
  - engineInitVerify
```
protected void engineInitVerify(java.security.PublicKey publicKey)
                         throws java.security.InvalidKeyException
```
    Deprecated.
    
    Initializes this signature object with the specified public key for verification operations.
    
    Specified by:
    
    engineInitVerify in class java.security.SignatureSpi
    
    Parameters:
    publicKey - the public key of the identity whose signature is to be verified
    
    Throws:
    
    java.security.InvalidKeyException - if the key type is wrong (if it is not an ECDSAPublicKey object, for example)
  - engineInitSign
```
protected void engineInitSign(java.security.PrivateKey privateKey)
                       throws java.security.InvalidKeyException
```
    Deprecated.
    
    Initializes this signature object with the specified private key for signing operations.
    
    Specified by:
    
    engineInitSign in class java.security.SignatureSpi
    
    Parameters:
    privateKey - the private key of the identity whose signature is to be generated
    
    Throws:
    
    java.security.InvalidKeyException - if the key is not a supported EC private key instance
  - engineUpdate
```
protected void engineUpdate(byte b)
                     throws java.security.SignatureException
```
    Deprecated.
    
    SPI: Updates the data to be signed or verified with the specified byte.
    
    Specified by:
    
    engineUpdate in class java.security.SignatureSpi
    
    Parameters:
    b - the hash byte to be used for updating data
    
    Throws:
    
    java.security.SignatureException - if the engine has not been properly initialized
  - engineUpdate
```
protected void engineUpdate(byte[] b,
                int off,
                int len)
                     throws java.security.SignatureException
```
    Deprecated.
    
    SPI: Updates the data to be signed or verified with the specified number of hashed bytes, beginning at the specified offset within the given byte array.
    
    Specified by:
    
    engineUpdate in class java.security.SignatureSpi
    
    Parameters:
    b - the byte array holding the hashed data to be used for this update operation
    off - the offset, indicating the start position within the given byte array
    len - the number of bytes to be obtained from the given byte array, starting at the given position
    
    Throws:
    
    java.security.SignatureException - if the engine has not been properly initialized
  - engineSign
```
protected byte[] engineSign()
                     throws java.security.SignatureException
```
    Deprecated.
    
    Returns the signature byte array containing all of the updated data.
    The format of the signature is a DER encoded ASN1 structure as defined in X9.62 (a SEQUENCE consisting of two INTEGER components).
    
    Specified by:
    
    engineSign in class java.security.SignatureSpi
    
    Returns:
    the signature byte array (the result of the signing operation)
    
    Throws:
    
    java.security.SignatureException - if the engine is not properly initialized
  - engineVerify
```
protected boolean engineVerify(byte[] sigBytes)
                        throws java.security.SignatureException
```
    Deprecated.
    
    Verifies the signature.
    
    Specified by:
    
    engineVerify in class java.security.SignatureSpi
    
    Parameters:
    sigBytes - the signature byte array to be verified
    
    Returns:
    true if the signature is valid — false otherwise
    
    Throws:
    
    java.security.SignatureException - if the engine is not properly initialized, or if the signature is improperly encoded or of the wrong type
  - engineSetParameter
```
protected void engineSetParameter(java.lang.String param,
                      java.lang.Object value)
                           throws java.security.InvalidParameterException
```
    Deprecated.
    
    Sets the specified algorithm parameter to the specified value.
    
    Note
    
    This method is not supported because the parameter is part of the public/private key. The method always throws an exception.
    
    Specified by:
    
    engineSetParameter in class java.security.SignatureSpi
    
    Throws:
    
    java.security.InvalidParameterException - always thrown
  - engineSetParameter
```
protected void engineSetParameter(java.security.spec.AlgorithmParameterSpec params)
                           throws java.security.InvalidAlgorithmParameterException
```
    Deprecated.
    
    Sets the specified algorithm parameter to the specified value.
    
    Note
    
    This method is not supported because the parameter is part of the public/private key. The method always throws an exception.
    
    Overrides:
    
    engineSetParameter in class java.security.SignatureSpi
    
    Throws:
    
    java.security.InvalidParameterException - always thrown
    
    java.security.InvalidAlgorithmParameterException
  - engineGetParameter
```
protected java.lang.Object engineGetParameter(java.lang.String param)
                                       throws java.security.InvalidParameterException
```
    Deprecated.
    
    Always throws an exception for security reasons.
    
    Specified by:
    
    engineGetParameter in class java.security.SignatureSpi
    
    Parameters:
    param - the name of the parameter whose value is to be obtained
    
    Returns:
    An object.
    
    Throws:
    
    java.security.InvalidParameterException
    See Also:
    Signature.getParameter(java.lang.String), Signature.setParameter(java.lang.String, java.lang.Object)
  - getDigest
```
public byte[] getDigest()
```
    Deprecated.
    
    Description copied from interface: ExtendedSignature
    Returns the digest that was calculated during signature generation or verification.
    During both a signature generation and verification operation a digest is calculated over the message; this digest is then used as an input to the signature generation or verification process. This API simply provides access to the digest once it has been calculated; it always returns the digest from the last operation. If a signature generation or verification operation has not yet been executed or is in the process of being executed, null is returned.
    
    To ensure a non-null result, this method should only be called after Signature.sign() or Signature.verify() has called.
    FIPS 140-2:
    
    FIPS Service: Query Object
    
    This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:
    
    control input interface (API call)
    
    data output interface (return value)
    
    status output interface (exceptions)
    Specified by:
    
    getDigest in interface ExtendedSignature
    
    Returns:
    [FIPS 140-2 data output] the digest that was calculated during signature generation or verification

Class EntrustRawECDSA

Field Summary

Fields inherited from class java.security.Signature

Fields inherited from class java.security.SignatureSpi

Constructor Summary

Method Summary

Methods inherited from class java.security.Signature

Methods inherited from class java.security.SignatureSpi

Methods inherited from class java.lang.Object

Constructor Detail

EntrustRawECDSA

Method Detail

engineInitVerify

engineInitSign

engineUpdate

engineUpdate

engineSign

engineVerify

engineSetParameter

engineSetParameter

engineGetParameter

getDigest