Package javacard.security
Class MessageDigest.OneShot
- java.lang.Object
-
- javacard.security.MessageDigest
-
- javacard.security.MessageDigest.OneShot
-
- Enclosing class:
- MessageDigest
public static final class MessageDigest.OneShot extends MessageDigest
TheOneShot
class is a specialization of theMessageDigest
class intended to support efficient one-shot hash operations that may avoid persistent memory writes entirely. TheOneShot
class uses a delegation model where calls are delegated to an instance of aMessageDigest
-implementing class configured for one-shot use.Note:
- Instances of
OneShot
are JCRE owned temporary Entry Point Object instances and references to these temporary objects cannot be stored in class variables or instance variables or array components. See Runtime Environment Specification, Java Card Platform, Classic Edition, section 6.2.1 for details. - The platform must support at least one instance of
OneShot
. Support for severalOneShot
instances is platform dependent. To guarantee application code portability, acquiring/opening and then releasing/closingOneShot
instances should be performed within tighttry-catch-finally
blocks (as illustrated in the code sample below) in order to avoid unnecessarily keeping hold of instances and to prevent interleaving invocations - hence enforcing the One-Shot usage pattern. Additionally, any local variable holding a reference to aOneShot
instance should be set tonull
once the instance is closed in order to prevent further use attempts. - Upon return from any
Applet
entry point method, back to the JCRE, and on tear or card reset events anyOneShot
instances in use are released back to the JCRE. - The internal state associated with an instance of
OneShot
must be bound to the initial calling context (owner context) as to preclude use/calls on that instance from other contexts. - Unless otherwise specified, after an instance of
OneShot
is released back to the JCRE, calls to any of the instance methods of theOneShot
class results in anCryptoException
being thrown with reason codeCryptoException.ILLEGAL_USE
.
The following code shows a typical usage pattern for the
OneShot
class.... MessageDigest.OneShot dig = null; try { dig = MessageDigest.OneShot.open(MessageDigest.ALG_SHA); dig.doFinal(someInData, (short) 0, (short) someInData.length, digData, (short) 0); } catch (CryptoException ce) { // Handle exception } finally { if (dig != null) { dig.close(); dig = null; } } ...
- Since:
- 3.0.5
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class javacard.security.MessageDigest
MessageDigest.OneShot
-
-
Field Summary
-
Fields inherited from class javacard.security.MessageDigest
ALG_MD5, ALG_NULL, ALG_RIPEMD160, ALG_SHA, ALG_SHA_224, ALG_SHA_256, ALG_SHA_384, ALG_SHA_512, ALG_SHA3_224, ALG_SHA3_256, ALG_SHA3_384, ALG_SHA3_512, ALG_SM3, LENGTH_MD5, LENGTH_RIPEMD160, LENGTH_SHA, LENGTH_SHA_224, LENGTH_SHA_256, LENGTH_SHA_384, LENGTH_SHA_512, LENGTH_SHA3_224, LENGTH_SHA3_256, LENGTH_SHA3_384, LENGTH_SHA3_512, LENGTH_SM3
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
close()
Closes and releases this JCRE owned temporary instance of theOneShot
object for reuse.short
doFinal(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset)
Generates a hash of all/last input data.byte
getAlgorithm()
Gets the Message digest algorithm.byte
getLength()
Returns the byte length of the hash.static MessageDigest.OneShot
open(byte algorithm)
Opens/acquires a JCRE owned temporary Entry Point Object instance ofOneShot
with the selected algorithm.void
reset()
Resets theMessageDigest
object to the initial state for further use.void
update(byte[] inBuff, short inOffset, short inLength)
Always throws aCryptoException
.This method is not supported byOneShot
.-
Methods inherited from class javacard.security.MessageDigest
getInitializedMessageDigestInstance, getInstance
-
-
-
-
Method Detail
-
open
public static final MessageDigest.OneShot open(byte algorithm) throws CryptoException
Opens/acquires a JCRE owned temporary Entry Point Object instance ofOneShot
with the selected algorithm.- Parameters:
algorithm
- the desired message digest algorithm. Valid codes listed inALG_*
constants above, for example,ALG_SHA
.- Returns:
- the
MessageDigest
object instance of the requested algorithm. - Throws:
CryptoException
- with the following reason codes:CryptoException.NO_SUCH_ALGORITHM
if the requested algorithm or shared access mode is not supported.
SystemException
- with the following reason codes:SystemException.NO_RESOURCE
if sufficient resources are not available.
-
close
public void close()
Closes and releases this JCRE owned temporary instance of theOneShot
object for reuse. If this method is called again this method does nothing.- Throws:
SecurityException
- if this JCRE owned temporary instance of theOneShot
object was opened in a context different from that of the caller.
-
getAlgorithm
public byte getAlgorithm()
Gets the Message digest algorithm.- Specified by:
getAlgorithm
in classMessageDigest
- Returns:
- the algorithm code defined above
- Throws:
SecurityException
- if this JCRE owned temporary instance of theOneShot
object was opened in a context different from that of the caller.
-
getLength
public byte getLength()
Returns the byte length of the hash.- Specified by:
getLength
in classMessageDigest
- Returns:
- hash length
- Throws:
SecurityException
- if this JCRE owned temporary instance of theOneShot
object was opened in a context different from that of the caller.
-
doFinal
public short doFinal(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset) throws CryptoException
Generates a hash of all/last input data. Completes and returns the hash computation after performing final operations such as padding. TheMessageDigest
object is reset to the initial state after this call is made. The data format is big-endian.The input and output buffer data may overlap.
In addition to returning a
short
result, this method sets the result in an internal state which can be rechecked using assertion methods of theSensitiveResult
class, if supported by the platform.- Specified by:
doFinal
in classMessageDigest
- Parameters:
inBuff
- the input buffer of data to be hashedinOffset
- the offset into the input buffer at which to begin hash generationinLength
- the byte length to hashoutBuff
- the output buffer, may be the same as the input bufferoutOffset
- the offset into the output buffer where the resulting hash value begins- Returns:
- number of bytes of hash output in
outBuff
- Throws:
SecurityException
- if this JCRE owned temporary instance of theOneShot
object was opened in a context different from that of the caller.CryptoException
- with the following reason codes:CryptoException.ILLEGAL_USE
if the accumulated message length is greater than the maximum length supported by the algorithm.
-
update
public void update(byte[] inBuff, short inOffset, short inLength) throws CryptoException
Always throws aCryptoException
.This method is not supported byOneShot
.- Specified by:
update
in classMessageDigest
- Parameters:
inBuff
- the input buffer of data to be hashedinOffset
- the offset into the input buffer at which to begin hash generationinLength
- the byte length to hash- Throws:
CryptoException
- with the following reason codes:CryptoException.ILLEGAL_USE
always.
- See Also:
doFinal
-
reset
public void reset()
Resets theMessageDigest
object to the initial state for further use.- Specified by:
reset
in classMessageDigest
- Throws:
SecurityException
- if this JCRE owned temporary instance of theOneShot
object was opened in a context different from that of the caller.
-
-