OpenJDK 1.23 · java.security.Signature · APIdia, the JavaDoc alternative

The Signature class is used to provide applications the functionality of a digital signature algorithm. Digital signatures are used for authentication and integrity assurance of digital data.

The signature algorithm can be, among others, the NIST standard DSA, using DSA and SHA-256. The DSA algorithm using the SHA-256 message digest algorithm can be specified as SHA256withDSA. In the case of RSA the signing algorithm could be specified as, for example, SHA256withRSA. The algorithm name must be specified, as there is no default.

A Signature object can be used to generate and verify digital signatures.

There are three phases to the use of a Signature object for either signing data or verifying a signature:

Initialization, with either
- a public key, which initializes the signature for verification (see initVerify), or
- a private key (and optionally a Secure Random Number Generator), which initializes the signature for signing (see initSign(PrivateKey) and initSign(PrivateKey, SecureRandom)).
Updating
Depending on the type of initialization, this will update the bytes to be signed or verified. See the update methods.
Signing or Verifying a signature on all updated bytes. See the sign methods and the verify method.

Note that this class is abstract and extends from SignatureSpi for historical reasons. Application developers should only take notice of the methods defined in this Signature class; all the methods in the superclass are intended for cryptographic service providers who wish to supply their own implementations of digital signature algorithms.

Every implementation of the Java platform is required to support the following standard Signature algorithms:

SHA1withDSA
SHA256withDSA
SHA1withRSA
SHA256withRSA

These algorithms are described in the Signature section of the Java Security Standard Algorithm Names Specification. Consult the release documentation for your implementation to see if any other algorithms are supported.

Modifier and Type	Class and Description
private static class	Signature.CipherAdapter
private static class	Signature.Delegate

Modifier and Type	Field and Description
private String	algorithm
private static final Debug	debug
private static final Debug	pdebug
pack-priv Provider	provider
private static final String	RSA_CIPHER
private static final String	RSA_SIGNATURE
private static final List<ServiceId>	rsaIds
protected static final int	SIGN Possible `state` value, signifying that this `Signature` object has been initialized for signing.
private static final Map<String, Boolean>	signatureInfo
private static final boolean	skipDebug
protected int	state Current state of this `Signature` object.
protected static final int	UNINITIALIZED Possible `state` value, signifying that this `Signature` object has not yet been initialized.
protected static final int	VERIFY Possible `state` value, signifying that this `Signature` object has been initialized for verification.

Access	Constructor and Description
protected	Signature(String the standard string name of the algorithm. See the Signature section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names. algorithm) Creates a `Signature` object for the specified algorithm.

Method Summary

Modifier and Type	Method and Description
pack-priv void	chooseFirstProvider()
public Object	Returns: a clone if the implementation is cloneable. clone() Overrides java.security.SignatureSpi.clone. Returns a clone if the implementation is cloneable.
public final String	Returns: the name of the algorithm for this `Signature` object. getAlgorithm() Returns the name of the algorithm for this `Signature` object.
public static Signature	Returns: the new `Signature` object getInstance(String the standard name of the algorithm requested. See the Signature section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names. algorithm) Returns a `Signature` object that implements the specified signature algorithm.
private static Signature	getInstance(GetInstance.Instance instance, String algorithm)
public static Signature	Returns: the new `Signature` object getInstance(String the name of the algorithm requested. See the Signature section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names. algorithm, String the name of the provider. provider) Returns a `Signature` object that implements the specified signature algorithm.
public static Signature	Returns: the new `Signature` object getInstance(String the name of the algorithm requested. See the Signature section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names. algorithm, Provider the provider. provider) Returns a `Signature` object that implements the specified signature algorithm.
private static Signature	getInstanceRSA(Provider p)
public final Object	Returns: the object that represents the parameter value, or `null` if there is none. getParameter(String the string name of the parameter. param) Deprecated Gets the value of the specified algorithm parameter.
public final AlgorithmParameters	Returns: the parameters used with this `Signature` object, or `null` getParameters() Returns the parameters used with this `Signature` object.
public final Provider	Returns: the provider of this `Signature` object getProvider() Returns the provider of this `Signature` object.
private String	getProviderName()
private static PublicKey	getPublicKeyFromCert(Certificate cert)
public final void	initSign(PrivateKey the private key of the identity whose signature is going to be generated. privateKey) Initialize this object for signing.
public final void	initSign(PrivateKey the private key of the identity whose signature is going to be generated privateKey, SecureRandom the source of randomness for this `Signature` object random) Initialize this object for signing.
pack-priv final void	initSign(PrivateKey the private key of the identity whose signature is going to be generated privateKey, AlgorithmParameterSpec the parameters used for generating signature params, SecureRandom the source of randomness for this `Signature` object random) Initialize this object for signing.
public final void	initVerify(PublicKey the public key of the identity whose signature is going to be verified. publicKey) Initializes this object for verification.
pack-priv final void	initVerify(PublicKey the public key of the identity whose signature is going to be verified publicKey, AlgorithmParameterSpec the parameters used for verifying this `Signature` object params) Initialize this object for verification.
public final void	initVerify(Certificate the certificate of the identity whose signature is going to be verified. certificate) Initializes this object for verification, using the public key from the given certificate.
pack-priv final void	initVerify(Certificate the certificate of the identity whose signature is going to be verified certificate, AlgorithmParameterSpec the parameters used for verifying this `Signature` object params) Initializes this object for verification, using the public key from the given certificate.
private static boolean	isSpi(Provider.Service s)
public final void	setParameter(String the string identifier of the parameter param, Object the parameter value value) Deprecated Use `setParameter`. Sets the specified algorithm parameter to the specified value.
public final void	setParameter(AlgorithmParameterSpec the parameter values params) Initializes this `Signature` object with the specified parameter values.
public final byte[]	Returns: the signature bytes of the signing operation's result. sign() Returns the signature bytes of all the data updated.
public final int	Returns: the number of bytes placed into `outbuf`. sign(byte[] buffer for the signature result. outbuf, int offset into `outbuf` where the signature is stored. offset, int number of bytes within `outbuf` allotted for the signature. len) Finishes the signature operation and stores the resulting signature bytes in the provided buffer `outbuf`, starting at `offset`.
public String	Returns: a string representation of this `Signature` object. toString() Overrides java.lang.Object.toString. Returns a string representation of this `Signature` object, providing information that includes the state of the object and the name of the algorithm used.
public final void	update(byte the byte to use for the update. b) Updates the data to be signed or verified by a byte.
public final void	update(byte[] the byte array to use for the update. data) Updates the data to be signed or verified, using the specified array of bytes.
public final void	update(byte[] the array of bytes. data, int the offset to start from in the array of bytes. off, int the number of bytes to use, starting at offset. len) Updates the data to be signed or verified, using the specified array of bytes, starting at the specified offset.
public final void	update(ByteBuffer the ByteBuffer data) Updates the data to be signed or verified using the specified ByteBuffer.
public final boolean	Returns: `true` if the signature was verified, `false` if not. verify(byte[] the signature bytes to be verified. signature) Verifies the passed-in signature.
public final boolean	Returns: `true` if the signature was verified, `false` if not. verify(byte[] the signature bytes to be verified. signature, int the offset to start from in the array of bytes. offset, int the number of bytes to use, starting at offset. length) Verifies the passed-in signature in the specified array of bytes, starting at the specified offset.

Inherited from java.security.SignatureSpi:: engineGetParameter engineGetParameters engineInitSign engineInitSign engineInitSign engineInitVerify engineInitVerify engineSetParameter engineSetParameter engineSign engineSign engineUpdate engineUpdate engineUpdate engineVerify engineVerify

public abstract Class Signature

Nested and Inner Type Summary

Field Summary

Constructor Summary

Method Summary