net.i2p.crypto.eddsa

Class EdDSAEngine

java.lang.Object

java.security.SignatureSpi

java.security.Signature

net.i2p.crypto.eddsa.EdDSAEngine

public final class EdDSAEngine
extends java.security.Signature

Signing and verification for EdDSA.

The EdDSA sign and verify algorithms do not interact well with the Java Signature API, as one or more update() methods must be called before sign() or verify(). Using the standard API, this implementation must copy and buffer all data passed in via update().

This implementation offers two ways to avoid this copying, but only if all data to be signed or verified is available in a single byte array.

Option 1:

1. Call initSign() or initVerify() as usual.
2. Call setParameter(ONE_SHOT_MODE)
3. Call update(byte[]) or update(byte[], int, int) exactly once
4. Call sign() or verify() as usual.
5. If doing additional one-shot signs or verifies with this object, you must call setParameter(ONE_SHOT_MODE) each time

Option 2:

1. Call initSign() or initVerify() as usual.
2. Call one of the signOneShot() or verifyOneShot() methods.
3. If doing additional one-shot signs or verifies with this object, just call signOneShot() or verifyOneShot() again.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
private static class	EdDSAEngine.OneShotSpec

Field Summary

Fields

Modifier and Type	Field and Description
private java.io.ByteArrayOutputStream	baos
private java.security.MessageDigest	digest
private EdDSAKey	key
static java.security.spec.AlgorithmParameterSpec	ONE_SHOT_MODE To efficiently sign or verify data in one shot, pass this to setParameters() after initSign() or initVerify() but BEFORE THE FIRST AND ONLY update(data) or update(data, off, len).
private byte[]	oneShotBytes
private int	oneShotLength
private boolean	oneShotMode
private int	oneShotOffset
static java.lang.String	SIGNATURE_ALGORITHM

Fields inherited from class java.security.Signature

SIGN, state, UNINITIALIZED, VERIFY

Fields inherited from class java.security.SignatureSpi

appRandom

Constructor Summary

Constructors

Constructor and Description
EdDSAEngine() No specific EdDSA-internal hash requested, allows any EdDSA key.
EdDSAEngine(java.security.MessageDigest digest) Specific EdDSA-internal hash requested, only matching keys will be allowed.

Method Summary

Modifier and Type	Method and Description
private void	digestInitSign(EdDSAPrivateKey privKey)
protected java.lang.Object	engineGetParameter(java.lang.String param) Deprecated.
protected void	engineInitSign(java.security.PrivateKey privateKey)
protected void	engineInitVerify(java.security.PublicKey publicKey)
protected void	engineSetParameter(java.security.spec.AlgorithmParameterSpec spec)
protected void	engineSetParameter(java.lang.String param, java.lang.Object value) Deprecated.
protected byte[]	engineSign()
protected void	engineUpdate(byte b)
protected void	engineUpdate(byte[] b, int off, int len)
protected boolean	engineVerify(byte[] sigBytes)
private void	reset()
byte[]	signOneShot(byte[] data) To efficiently sign all the data in one shot, if it is available, use this method, which will avoid copying the data.
byte[]	signOneShot(byte[] data, int off, int len) To efficiently sign all the data in one shot, if it is available, use this method, which will avoid copying the data.
boolean	verifyOneShot(byte[] data, byte[] signature) To efficiently verify all the data in one shot, if it is available, use this method, which will avoid copying the data.
boolean	verifyOneShot(byte[] data, byte[] signature, int sigoff, int siglen) To efficiently verify all the data in one shot, if it is available, use this method, which will avoid copying the data.
boolean	verifyOneShot(byte[] data, int off, int len, byte[] signature) To efficiently verify all the data in one shot, if it is available, use this method, which will avoid copying the data.
boolean	verifyOneShot(byte[] data, int off, int len, byte[] signature, int sigoff, int siglen) To efficiently verify all the data in one shot, if it is available, use this method, which will avoid copying the data.
private byte[]	x_engineSign()
private boolean	x_engineVerify(byte[] sigBytes)

Methods inherited from class java.security.Signature

clone, getAlgorithm, getInstance, getInstance, getInstance, getParameter, getParameters, getProvider, initSign, initSign, initVerify, initVerify, setParameter, setParameter, sign, sign, toString, update, update, update, update, verify, verify

Methods inherited from class java.security.SignatureSpi

engineGetParameters, engineInitSign, engineSign, engineUpdate, engineVerify

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

SIGNATURE_ALGORITHM

public static final java.lang.String SIGNATURE_ALGORITHM

See Also:

Constant Field Values

digest

private java.security.MessageDigest digest

baos

private java.io.ByteArrayOutputStream baos

key

private EdDSAKey key

oneShotMode

private boolean oneShotMode

oneShotBytes

private byte[] oneShotBytes

oneShotOffset

private int oneShotOffset

oneShotLength

private int oneShotLength

ONE_SHOT_MODE

public static final java.security.spec.AlgorithmParameterSpec ONE_SHOT_MODE

To efficiently sign or verify data in one shot, pass this to setParameters() after initSign() or initVerify() but BEFORE THE FIRST AND ONLY update(data) or update(data, off, len). The data reference will be saved and then used in sign() or verify() without copying the data. Violate these rules and you will get a SignatureException.

Constructor Detail

EdDSAEngine

public EdDSAEngine()

No specific EdDSA-internal hash requested, allows any EdDSA key.

EdDSAEngine

public EdDSAEngine(java.security.MessageDigest digest)

Specific EdDSA-internal hash requested, only matching keys will be allowed.

Parameters:

digest - the hash algorithm that keys must have to sign or verify.

Method Detail

reset

private void reset()

engineInitSign

protected void engineInitSign(java.security.PrivateKey privateKey)
                       throws java.security.InvalidKeyException

Specified by:

engineInitSign in class java.security.SignatureSpi

Throws:

java.security.InvalidKeyException

digestInitSign

private void digestInitSign(EdDSAPrivateKey privKey)

engineInitVerify

protected void engineInitVerify(java.security.PublicKey publicKey)
                         throws java.security.InvalidKeyException

Specified by:

engineInitVerify in class java.security.SignatureSpi

Throws:

java.security.InvalidKeyException

engineUpdate

protected void engineUpdate(byte b)
                     throws java.security.SignatureException

Specified by:

engineUpdate in class java.security.SignatureSpi

Throws:

java.security.SignatureException - if in one-shot mode

engineUpdate

protected void engineUpdate(byte[] b,
                            int off,
                            int len)
                     throws java.security.SignatureException

Specified by:

engineUpdate in class java.security.SignatureSpi

Throws:

java.security.SignatureException - if one-shot rules are violated

engineSign

protected byte[] engineSign()
                     throws java.security.SignatureException

Specified by:

engineSign in class java.security.SignatureSpi

Throws:

java.security.SignatureException

x_engineSign

private byte[] x_engineSign()
                     throws java.security.SignatureException

Throws:

java.security.SignatureException

engineVerify

protected boolean engineVerify(byte[] sigBytes)
                        throws java.security.SignatureException

Specified by:

engineVerify in class java.security.SignatureSpi

Throws:

java.security.SignatureException

x_engineVerify

private boolean x_engineVerify(byte[] sigBytes)
                        throws java.security.SignatureException

Throws:

java.security.SignatureException

signOneShot

public byte[] signOneShot(byte[] data)
                   throws java.security.SignatureException

To efficiently sign all the data in one shot, if it is available, use this method, which will avoid copying the data. Same as:

  setParameter(ONE_SHOT_MODE)
  update(data)
  sig = sign()

Parameters:

data - the message to be signed

Returns:

the signature

Throws:

java.security.SignatureException - if update() already called

See Also:

ONE_SHOT_MODE

signOneShot

public byte[] signOneShot(byte[] data,
                          int off,
                          int len)
                   throws java.security.SignatureException

To efficiently sign all the data in one shot, if it is available, use this method, which will avoid copying the data. Same as:

  setParameter(ONE_SHOT_MODE)
  update(data, off, len)
  sig = sign()

Parameters:

data - byte array containing the message to be signed

off - the start of the message inside data

len - the length of the message

Returns:

the signature

Throws:

java.security.SignatureException - if update() already called

See Also:

ONE_SHOT_MODE

verifyOneShot

public boolean verifyOneShot(byte[] data,
                             byte[] signature)
                      throws java.security.SignatureException

To efficiently verify all the data in one shot, if it is available, use this method, which will avoid copying the data. Same as:

  setParameter(ONE_SHOT_MODE)
  update(data)
  ok = verify(signature)

Parameters:

data - the message that was signed

signature - of the message

Returns:

true if the signature is valid, false otherwise

Throws:

java.security.SignatureException - if update() already called

See Also:

ONE_SHOT_MODE

verifyOneShot

public boolean verifyOneShot(byte[] data,
                             int off,
                             int len,
                             byte[] signature)
                      throws java.security.SignatureException

To efficiently verify all the data in one shot, if it is available, use this method, which will avoid copying the data. Same as:

  setParameter(ONE_SHOT_MODE)
  update(data, off, len)
  ok = verify(signature)

Parameters:

data - byte array containing the message that was signed

off - the start of the message inside data

len - the length of the message

signature - of the message

Returns:

true if the signature is valid, false otherwise

Throws:

java.security.SignatureException - if update() already called

See Also:

ONE_SHOT_MODE

verifyOneShot

public boolean verifyOneShot(byte[] data,
                             byte[] signature,
                             int sigoff,
                             int siglen)
                      throws java.security.SignatureException

To efficiently verify all the data in one shot, if it is available, use this method, which will avoid copying the data. Same as:

  setParameter(ONE_SHOT_MODE)
  update(data)
  ok = verify(signature, sigoff, siglen)

Parameters:

data - the message that was signed

signature - byte array containing the signature

sigoff - the start of the signature

siglen - the length of the signature

Returns:

true if the signature is valid, false otherwise

Throws:

java.security.SignatureException - if update() already called

See Also:

ONE_SHOT_MODE

verifyOneShot

public boolean verifyOneShot(byte[] data,
                             int off,
                             int len,
                             byte[] signature,
                             int sigoff,
                             int siglen)
                      throws java.security.SignatureException

To efficiently verify all the data in one shot, if it is available, use this method, which will avoid copying the data. Same as:

  setParameter(ONE_SHOT_MODE)
  update(data, off, len)
  ok = verify(signature, sigoff, siglen)

Parameters:

data - byte array containing the message that was signed

off - the start of the message inside data

len - the length of the message

signature - byte array containing the signature

sigoff - the start of the signature

siglen - the length of the signature

Returns:

true if the signature is valid, false otherwise

Throws:

java.security.SignatureException - if update() already called

See Also:

ONE_SHOT_MODE

engineSetParameter

protected void engineSetParameter(java.security.spec.AlgorithmParameterSpec spec)
                           throws java.security.InvalidAlgorithmParameterException

Overrides:

engineSetParameter in class java.security.SignatureSpi

Throws:

java.security.InvalidAlgorithmParameterException - if spec is ONE_SHOT_MODE and update() already called

See Also:

ONE_SHOT_MODE

engineSetParameter

protected void engineSetParameter(java.lang.String param,
                                  java.lang.Object value)

Deprecated.

Specified by:

engineSetParameter in class java.security.SignatureSpi

engineGetParameter

protected java.lang.Object engineGetParameter(java.lang.String param)

Deprecated.

Specified by:

engineGetParameter in class java.security.SignatureSpi