Oracle Security Developer Tools Crypto Java API Reference
10g (10.1.4.0.1)

B28171-01


oracle.security.crypto.core
Class DSA

java.lang.Object
  extended byoracle.security.crypto.core.Signature
      extended byoracle.security.crypto.core.DSA


public final class DSA
extends Signature

The DSA signature algorithm, a.k.a. DSS, as described in X9.30 Part 1.

The encoding of signatures conforms to the following ASN.1 structure, defined in the PKIX draft:

                Dss-Sig-Value  ::=  SEQUENCE  {
                        r       INTEGER,
                        s       INTEGER  }
        

This class defines some constant OIDs for use in ASN1 keys and signatures (e.g., for certificates or CRLs). This is done using methods DSAPublicKey.setKeyAlgOID(), DSAPrivateKey.setKeyAlgOID(), and DSAPrivateKey.setSigAlgOID(). Note that no matter what OID you specify, the underlying signature algorithm is still the same (i.e., DSA with SHA-1).

dsaKeyOldOID and dsaSigOldOID are the OIDs used by Sun's DSA implementation in JDK 1.1 (in particular, for applet signing certificates). dsaSigOldOID2 is the OID used by SSLeay before version 0.9.0. dsaKeyOID and dsaSigOID are the OIDs specified in the IETF PKIX draft for the certificate profile, and they are the ones most likely to be used in future applications. dsaSigOID is supported by SSLeay since version 0.9.0.

The defaults are dsaKeyOID and dsaSigOID.


Field Summary
static ASN1ObjectID dsaKeyOID
          An ASN.1 OID which identifies DSA keys.
static ASN1ObjectID dsaKeyOldOID
          An ASN.1 OID which identifies the DSA signature keys.
static ASN1ObjectID dsaSigOID
          An ASN.1 OID with identifies the DSA signature algorithm.
static ASN1ObjectID dsaSigOldOID
          An ASN.1 OID with identifies the DSA signature algorithm.
static ASN1ObjectID dsaSigOldOID2
          An ASN.1 OID with identifies the DSA signature algorithm.

 

Fields inherited from class oracle.security.crypto.core.Signature
document, signatureBytes

 

Constructor Summary
DSA()
          Creates a new, uninitialized DSA signature object, with no keys defined.
DSA(DSAPrivateKey priv, byte[] doc)
          Creates a new instance, and generates the signature for the given document.
DSA(DSAPrivateKey priv, RandomBitsSource rbs, byte[] doc)
          Creates a new instance, and generates the signature for the given document with the given random bits source.
DSA(DSAPublicKey pk)
          Creates a new instance, which will use the specified public key.
DSA(DSAPublicKey pubKey, byte[] sigBytes, byte[] doc)
          Creates a new instance, and initializes for verification.
DSA(DSAPublicKey pub, DSAPrivateKey priv)
          Creates a new instance, which will use the specified public key and private key.
DSA(DSAPublicKey pub, DSAPrivateKey priv, byte[] doc)
          Produces a signature on a document.
DSA(DSAPublicKey pub, DSAPrivateKey priv, RandomBitsSource rbs)
          Creates a new instance with the given parameters.
DSA(DSAPublicKey pub, DSAPrivateKey priv, RandomBitsSource rbs, byte[] doc)
          Creates a new instance, and generates the signature for the given document with the given random bits source.

 

Method Summary
 java.lang.String algName()
          Gets the name of the algorithm.
 AlgorithmIdentifier getAlgID()
           
 AlgorithmIdentifier getDigestEncryptionAlgID()
          Returns the algorithm identifier of the message digest encryption for this signature.
 void setAlgID(AlgorithmIdentifier algID)
           
 void setHash(byte[] hash)
          Sets the document digest to be used in the signature calculation, bypassing the digesting step.
 void setPrivateKey(PrivateKey privateKey)
          Sets the private key to be used for signing.
 void setPublicKey(PublicKey publicKey)
          Sets the public key to be used for verification.
 void setRandomBitsSource(RandomBitsSource rbs)
          Sets the random bits source used to generate signatures.
 byte[] sign()
          Signs the document.
 boolean verify()
          Verify that the signature matches the document.

 

Methods inherited from class oracle.security.crypto.core.Signature
getBytes, getDocument, getInstance, getInstance, getInstance, getSigBytes, setBytes, setDocument, setSigBytes

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Field Detail

dsaKeyOID

public static final ASN1ObjectID dsaKeyOID
An ASN.1 OID which identifies DSA keys. It's value is defined in the PKIX draft:
                id-dsa ID ::= { iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 1 }
                

dsaKeyOldOID

public static final ASN1ObjectID dsaKeyOldOID
An ASN.1 OID which identifies the DSA signature keys.

dsaSigOID

public static final ASN1ObjectID dsaSigOID
An ASN.1 OID with identifies the DSA signature algorithm. It's value is defined in the PKIX draft:
                id-dsa-with-sha1 ID  ::=  {
                iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3
                }
                

dsaSigOldOID

public static final ASN1ObjectID dsaSigOldOID
An ASN.1 OID with identifies the DSA signature algorithm.

dsaSigOldOID2

public static final ASN1ObjectID dsaSigOldOID2
An ASN.1 OID with identifies the DSA signature algorithm.

Constructor Detail

DSA

public DSA()
Creates a new, uninitialized DSA signature object, with no keys defined.

DSA

public DSA(DSAPublicKey pk)
Creates a new instance, which will use the specified public key. To verify a signature, the document must be set via setDocument.
Parameters:
pk - DSA public key used to verify signatures
See Also:
Signature.setDocument(byte[])

DSA

public DSA(DSAPublicKey pub,
           DSAPrivateKey priv)
Creates a new instance, which will use the specified public key and private key. To generate or verify a signature, the document must be set via setDocument. The default random bit source will be used to generate a signature.
Parameters:
pub - a DSA public key used to verify signatures
priv - a DSA private key used to generate signatures
See Also:
Signature.setDocument(byte[])

DSA

public DSA(DSAPublicKey pub,
           DSAPrivateKey priv,
           RandomBitsSource rbs)
Creates a new instance with the given parameters. In order to generate or verify a signature, the document must be set via setDocument.
Parameters:
pub - DSA public key used to verify signatures
priv - DSA private key used to generate signatures
rbs - random bits source used to generate signatures
See Also:
Signature.getDocument()

DSA

public DSA(DSAPublicKey pub,
           DSAPrivateKey priv,
           byte[] doc)
    throws SignatureException
Produces a signature on a document.
Parameters:
pub - DSA public key used to verify signatures
priv - DSA private key used to generate signatures
doc - the document to be signed

DSA

public DSA(DSAPublicKey pub,
           DSAPrivateKey priv,
           RandomBitsSource rbs,
           byte[] doc)
    throws SignatureException
Creates a new instance, and generates the signature for the given document with the given random bits source.
Parameters:
pub - DSA public key used to verify signatures
priv - DSA private key used to generate signatures
rbs - random bits source used to generate signatures
doc - the document to be signed

DSA

public DSA(DSAPrivateKey priv,
           byte[] doc)
    throws SignatureException
Creates a new instance, and generates the signature for the given document. The default random bit source will be used.
Parameters:
priv - DSA private key used to generate signatures
doc - the document to be signed

DSA

public DSA(DSAPrivateKey priv,
           RandomBitsSource rbs,
           byte[] doc)
    throws SignatureException
Creates a new instance, and generates the signature for the given document with the given random bits source.
Parameters:
priv - DSA private key used to generate signatures
rbs - random bits source used to generate signatures
doc - the document to be signed

DSA

public DSA(DSAPublicKey pubKey,
           byte[] sigBytes,
           byte[] doc)
Creates a new instance, and initializes for verification.
Parameters:
sigBytes - the signature bytes of the document to be verified
doc - the document to be verified

Method Detail

setAlgID

public void setAlgID(AlgorithmIdentifier algID)
              throws AlgorithmIdentifierException
Specified by:
setAlgID in class Signature
Throws:
AlgorithmIdentifierException

getAlgID

public AlgorithmIdentifier getAlgID()
Specified by:
getAlgID in class Signature

getDigestEncryptionAlgID

public AlgorithmIdentifier getDigestEncryptionAlgID()
Description copied from class: Signature
Returns the algorithm identifier of the message digest encryption for this signature. All concrete subclasses should override this method.
Overrides:
getDigestEncryptionAlgID in class Signature

algName

public java.lang.String algName()
Gets the name of the algorithm.
Specified by:
algName in class Signature
Returns:
"DSA"

setHash

public void setHash(byte[] hash)
Sets the document digest to be used in the signature calculation, bypassing the digesting step. Calling this method sets the document to null.
Specified by:
setHash in class Signature
Parameters:
hash - the message digest.
See Also:
Signature.setDocument(byte[])

setPublicKey

public void setPublicKey(PublicKey publicKey)
                  throws InvalidKeyException
Sets the public key to be used for verification. The specified key must be an instance of DSAPublicKey.
Specified by:
setPublicKey in class Signature
Parameters:
publicKey - the public key
Throws:
InvalidKeyException

setPrivateKey

public void setPrivateKey(PrivateKey privateKey)
                   throws InvalidKeyException
Sets the private key to be used for signing. The specified key must be an instance of DSAPrivateKey.
Specified by:
setPrivateKey in class Signature
Parameters:
privateKey - the private key
Throws:
InvalidKeyException

setRandomBitsSource

public void setRandomBitsSource(RandomBitsSource rbs)
Sets the random bits source used to generate signatures.
Overrides:
setRandomBitsSource in class Signature
Parameters:
rbs - the random bits source to be used to generate signatures

verify

public boolean verify()
               throws AuthenticationException
Verify that the signature matches the document. The signature, public key and document must first have been specified via setSigBytes, setPublicKey and setDocument, or an appropriate constructor.
Specified by:
verify in class Signature
Returns:
true if the signature is valid, and false if it is invalid
Throws:
AuthenticationException - if the verification could not be performed for some reason
See Also:
Signature.setSigBytes(byte[]), setPublicKey(oracle.security.crypto.core.PublicKey), Signature.setDocument(byte[])

sign

public byte[] sign()
            throws SignatureException
Signs the document. The bytes of the signature are returned, and may also be retrieved via getSigBytes.

The document and private key must first have been specified via setDocument and setPrivateKey, or an appropriate constructor.

Specified by:
sign in class Signature
Returns:
the signature
Throws:
SignatureException - if the signature could not be generated for some reason
See Also:
Signature.setDocument(byte[]), setPrivateKey(oracle.security.crypto.core.PrivateKey), Signature.getSigBytes()

Oracle Security Developer Tools Crypto Java API Reference
10g (10.1.4.0.1)

B28171-01


Copyright © 2005 ,2006 , Oracle. All rights reserved.