public interface SignatureEngine
This defines an interface to sign or verify signature values of XML-Signature.
The XML-Signature processor uses an instance as follows:
EngineFactory.getSignatureEngine()
,
which instanciates an instance of SignatureEngine
setParameter()
initSign()
(or initVerify()
)
update()
repeatedly
sign()
(or verify()
)
EngineFactory.releaseSignatureEngine()
An EngineFactory
implementation may recycle instances of
SignatureEngine
. In that case, the EngineFactory.getSignatureEngine()
does not instanciate a new SignatureEngine
, but returns existing instance
which was passed to releaseSignatureEngine()
.
EngineFactory.getSignatureEngine(String)
,
EngineFactory.releaseSignatureEngine(SignatureEngine)
,
Signature
,
javax.crypto.Mac
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getURI()
Return the algorithm identifier.
|
void |
initSign(java.security.Key key)
Initialize for signing.
|
void |
initVerify(java.security.Key key)
Initialize for verification.
|
void |
setParameter(java.security.spec.AlgorithmParameterSpec spec)
Set an instance of
AlgorithmParameterSpec extracted from
the content of<ds:SignatureMethod>. |
byte[] |
sign()
Sign the data supplied via the
update() method call(s), and return the
signature value. |
void |
update(byte[] data)
Add signed/verified data.
|
void |
update(byte[] data,
int off,
int len)
Add signed/verified data using the byte array
data , starting at offset
off in the array, for a length of len . |
boolean |
verify(byte[] signature)
Verify the data supplied via the
update() method call(s) using the specified
signature, and return the validity of the signature value. |
void setParameter(java.security.spec.AlgorithmParameterSpec spec) throws java.security.InvalidAlgorithmParameterException
AlgorithmParameterSpec
extracted from
the content of<ds:SignatureMethod>.spec
- Algorithm parameter. It may be null
java.security.InvalidAlgorithmParameterException
- Invalid AlgorithmParameterSpec
is specified.EngineFactory#unmarshalParameter(String, org.w3c.dom.Element)
java.lang.String getURI()
void initSign(java.security.Key key) throws java.security.InvalidKeyException
key
- Signing key. For asymmetric signature algorithms,
it would be an instance of PrivateKey
.java.security.InvalidKeyException
- Invalid Key
is specified.Signature.initSign(java.security.PrivateKey)
void initVerify(java.security.Key key) throws java.security.InvalidKeyException
key
- Verification key. For asymmetric signature algorithms,
it would be an instance of PublicKey
.java.security.InvalidKeyException
- Invalid Key
is specified.Signature.initVerify(java.security.PublicKey)
void update(byte[] data) throws java.security.SignatureException
update(data, 0, data.length)
.data
- data to be signed or verifiedjava.security.SignatureException
Signature.update(byte[])
void update(byte[] data, int off, int len) throws java.security.SignatureException
data
, starting at offset
off
in the array, for a length of len
.data
- data to be signed or verifiedoff
- starting offset in the datalen
- the length to be processedjava.security.SignatureException
Signature.update(byte[], int, int)
byte[] sign() throws java.security.SignatureException
update()
method call(s), and return the
signature value.java.security.SignatureException
- There was a problem generating the signature.Signature.sign()
boolean verify(byte[] signature) throws java.security.SignatureException
update()
method call(s) using the specified
signature, and return the validity of the signature value.signature
- binary representation of the content of <ds:SignatureValue>true
if the signature is matched.java.security.SignatureException
- There was a problem verifying the signature.Signature.verify(byte[])