com.ibm.ws.wssecurity.core
Interface SignatureEngine
- public interface SignatureEngine
This defines an interface to sign or verify signature values of XML-Signature.
The XML-Signature processor uses an instance as follows:
- The XML-Signature processor calls
EngineFactory.getSignatureEngine()
, which instanciates an instance ofSignatureEngine
- Calls
setParameter()
- Calls
initSign()
(orinitVerify()
) - Calls
update()
repeatedly - Calls
sign()
(orverify()
) - The instance is passed to
EngineFactory.releaseSignatureEngine()
An EngineFactory
implementation may recycle instances of
SignatureEngine
. In that case, the EngineFactory.getSignatureEngine()
does not instanciate a new SignatureEngine
, but returns existing instance
which was passed to releaseSignatureEngine()
.
See Also:
EngineFactory.getSignatureEngine(String)
,
EngineFactory.releaseSignatureEngine(SignatureEngine)
,
Signature
,
javax.crypto.Mac
Method Summary
Modifier and Type | Method and Description |
---|---|
|
getURI()
Return the algorithm identifier.
|
|
initSign(java.security.Key key)
Initialize for signing.
|
|
initVerify(java.security.Key key)
Initialize for verification.
|
|
setParameter(java.security.spec.AlgorithmParameterSpec spec)
Set an instance of
AlgorithmParameterSpec extracted from
the content of<ds:SignatureMethod>.
|
|
sign()
Sign the data supplied via the
update() method call(s), and return the
signature value.
|
|
update(byte[] data)
Add signed/verified data.
|
|
update(byte[] data,int off,int len)
Add signed/verified data using the byte array
data , starting at offset
off in the array, for a length of len .
|
|
verify(byte[] signature)
Verify the data supplied via the
update() method call(s) using the specified
signature, and return the validity of the signature value.
|
Method Detail
setParameter
- void setParameter(java.security.spec.AlgorithmParameterSpec spec)
- throws java.security.InvalidAlgorithmParameterException
Parameters:
spec
- Algorithm parameter. It may be null
Throws:
java.security.InvalidAlgorithmParameterException
- Invalid AlgorithmParameterSpec
is specified. See Also:
EngineFactory#unmarshalParameter(String, org.w3c.dom.Element)
getURI
- java.lang.String getURI()
Return the algorithm identifier.
Returns:
Algorithm identifier URI.
initSign
- void initSign(java.security.Key key)
- throws java.security.InvalidKeyException
Initialize for signing.
Parameters:
key
- Signing key. For asymmetric signature algorithms,
it would be an instance of PrivateKey
. Throws:
java.security.InvalidKeyException
- Invalid Key
is specified. See Also:
Signature.initSign(java.security.PrivateKey)
initVerify
- void initVerify(java.security.Key key)
- throws java.security.InvalidKeyException
Initialize for verification.
Parameters:
key
- Verification key. For asymmetric signature algorithms,
it would be an instance of PublicKey
. Throws:
java.security.InvalidKeyException
- Invalid Key
is specified. See Also:
Signature.initVerify(java.security.PublicKey)
update
- void update(byte[] data)
- throws java.security.SignatureException
Add signed/verified data.
This method must be equivalent to
update(data, 0, data.length)
.
Parameters:
data
- data to be signed or verified Throws:
java.security.SignatureException
See Also:
Signature.update(byte[])
update
- void update(byte[] data,
- int off,
- int len)
- throws java.security.SignatureException
Add signed/verified data using the byte array
data
, starting at offset
off
in the array, for a length of len
.
Parameters:
data
- data to be signed or verified off
- starting offset in the data len
- the length to be processed Throws:
java.security.SignatureException
See Also:
Signature.update(byte[], int, int)
sign
- byte[] sign()
- throws java.security.SignatureException
Sign the data supplied via the
update()
method call(s), and return the
signature value.
Returns:
signature value to be inserted to <ds:SignatureValue>
Throws:
java.security.SignatureException
- There was a problem generating the signature. See Also:
Signature.sign()
verify
- boolean verify(byte[] signature)
- throws java.security.SignatureException
Verify the data supplied via the
update()
method call(s) using the specified
signature, and return the validity of the signature value.
Parameters:
signature
- binary representation of the content of <ds:SignatureValue> Returns:
true
if the signature is matched. Throws:
java.security.SignatureException
- There was a problem verifying the signature. See Also:
Signature.verify(byte[])
AlgorithmParameterSpec
extracted from the content of<ds:SignatureMethod>.