Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.opensaml.xml.security
Class SigningUtil

java.lang.Object
  extended by org.opensaml.xml.security.SigningUtil

public final class SigningUtil
extends java.lang.Object

A utility class for computing and verifying raw signatures and MAC values.

Method Summary
static byte[] sign(Credential signingCredential, java.lang.String jcaAlgorithmID, boolean isMAC, byte[] input)
          Compute the signature or MAC value over the supplied input.
static byte[] sign(java.security.PrivateKey signingKey, java.lang.String jcaAlgorithmID, byte[] input)
          Compute the raw signature value over the supplied input.
static byte[] signMAC(java.security.Key signingKey, java.lang.String jcaAlgorithmID, byte[] input)
          Compute the Message Authentication Code (MAC) value over the supplied input.
static byte[] signWithURI(Credential signingCredential, java.lang.String algorithmURI, byte[] input)
          Compute the signature or MAC value over the supplied input.
static boolean verify(Credential verificationCredential, java.lang.String jcaAlgorithmID, boolean isMAC, byte[] signature, byte[] input)
          Verify the signature value computed over the supplied input against the supplied signature value.
static boolean verify(java.security.PublicKey verificationKey, java.lang.String jcaAlgorithmID, byte[] signature, byte[] input)
          Verify the signature value computed over the supplied input against the supplied signature value.
static boolean verifyMAC(java.security.Key verificationKey, java.lang.String jcaAlgorithmID, byte[] signature, byte[] input)
          Verify the Message Authentication Code (MAC) value computed over the supplied input against the supplied MAC value.
static boolean verifyWithURI(Credential verificationCredential, java.lang.String algorithmURI, byte[] signature, byte[] input)
          Verify the signature value computed over the supplied input against the supplied signature value.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

signWithURI

public static byte[] signWithURI(Credential signingCredential,
                                 java.lang.String algorithmURI,
                                 byte[] input)
                          throws SecurityException
Compute the signature or MAC value over the supplied input. It is up to the caller to ensure that the specified algorithm URI is consistent with the type of signing key supplied in the signing credential.

Parameters:
signingCredential - the credential containing the signing key
algorithmURI - the algorithm URI to use
input - the input over which to compute the signature
Returns:
the computed signature or MAC value
Throws:
SecurityException - throw if the computation process results in an error

sign

public static byte[] sign(Credential signingCredential,
                          java.lang.String jcaAlgorithmID,
                          boolean isMAC,
                          byte[] input)
                   throws SecurityException
Compute the signature or MAC value over the supplied input. It is up to the caller to ensure that the specified algorithm ID and isMAC flag are consistent with the type of signing key supplied in the signing credential.

Parameters:
signingCredential - the credential containing the signing key
jcaAlgorithmID - the Java JCA algorithm ID to use
isMAC - flag indicating whether the operation to be performed is a signature or MAC computation
input - the input over which to compute the signature
Returns:
the computed signature or MAC value
Throws:
SecurityException - throw if the computation process results in an error

sign

public static byte[] sign(java.security.PrivateKey signingKey,
                          java.lang.String jcaAlgorithmID,
                          byte[] input)
                   throws SecurityException
Compute the raw signature value over the supplied input. It is up to the caller to ensure that the specified algorithm ID is consistent with the type of signing key supplied.

Parameters:
signingKey - the private key with which to compute the signature
jcaAlgorithmID - the Java JCA algorithm ID to use
input - the input over which to compute the signature
Returns:
the computed signature value
Throws:
SecurityException - thrown if the signature computation results in an error

signMAC

public static byte[] signMAC(java.security.Key signingKey,
                             java.lang.String jcaAlgorithmID,
                             byte[] input)
                      throws SecurityException
Compute the Message Authentication Code (MAC) value over the supplied input. It is up to the caller to ensure that the specified algorithm ID is consistent with the type of signing key supplied.

Parameters:
signingKey - the key with which to compute the MAC
jcaAlgorithmID - the Java JCA algorithm ID to use
input - the input over which to compute the MAC
Returns:
the computed MAC value
Throws:
SecurityException - thrown if the MAC computation results in an error

verifyWithURI

public static boolean verifyWithURI(Credential verificationCredential,
                                    java.lang.String algorithmURI,
                                    byte[] signature,
                                    byte[] input)
                             throws SecurityException
Verify the signature value computed over the supplied input against the supplied signature value. It is up to the caller to ensure that the specified algorithm URI are consistent with the type of verification credential supplied.

Parameters:
verificationCredential - the credential containing the verification key
algorithmURI - the algorithm URI to use
signature - the computed signature value received from the signer
input - the input over which the signature is computed and verified
Returns:
true if the signature value computed over the input using the supplied key and algorithm ID is identical to the supplied signature value
Throws:
SecurityException - thrown if the signature computation or verification process results in an error

verify

public static boolean verify(Credential verificationCredential,
                             java.lang.String jcaAlgorithmID,
                             boolean isMAC,
                             byte[] signature,
                             byte[] input)
                      throws SecurityException
Verify the signature value computed over the supplied input against the supplied signature value. It is up to the caller to ensure that the specified algorithm ID and isMAC flag are consistent with the type of verification credential supplied.

Parameters:
verificationCredential - the credential containing the verification key
jcaAlgorithmID - the Java JCA algorithm ID to use
isMAC - flag indicating whether the operation to be performed is a signature or MAC computation
signature - the computed signature value received from the signer
input - the input over which the signature is computed and verified
Returns:
true if the signature value computed over the input using the supplied key and algorithm ID is identical to the supplied signature value
Throws:
SecurityException - thrown if the signature computation or verification process results in an error

verify

public static boolean verify(java.security.PublicKey verificationKey,
                             java.lang.String jcaAlgorithmID,
                             byte[] signature,
                             byte[] input)
                      throws SecurityException
Verify the signature value computed over the supplied input against the supplied signature value. It is up to the caller to ensure that the specified algorithm ID is consistent with the type of verification key supplied.

Parameters:
verificationKey - the key with which to compute and verify the signature
jcaAlgorithmID - the Java JCA algorithm ID to use
signature - the computed signature value received from the signer
input - the input over which the signature is computed and verified
Returns:
true if the signature value computed over the input using the supplied key and algorithm ID is identical to the supplied signature value
Throws:
SecurityException - thrown if the signature computation or verification process results in an error

verifyMAC

public static boolean verifyMAC(java.security.Key verificationKey,
                                java.lang.String jcaAlgorithmID,
                                byte[] signature,
                                byte[] input)
                         throws SecurityException
Verify the Message Authentication Code (MAC) value computed over the supplied input against the supplied MAC value. It is up to the caller to ensure that the specified algorithm ID is consistent with the type of verification key supplied.

Parameters:
verificationKey - the key with which to compute and verify the MAC
jcaAlgorithmID - the Java JCA algorithm ID to use
signature - the computed MAC value received from the signer
input - the input over which the MAC is computed and verified
Returns:
true if the MAC value computed over the input using the supplied key and algorithm ID is identical to the supplied MAC signature value
Throws:
SecurityException - thrown if the MAC computation or verification process results in an error
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2006-2011 Internet2. All Rights Reserved.