Overview Package Class Use Source Tree Index Deprecated About
Prev Class | Next ClassFrames | No Frames
Summary: Nested | Field | Method | ConstrDetail: Nested | Field | Method | Constr

gnu.java.security.sig.dss

Class DSSSignatureX509Codec

Implemented Interfaces:
ISignatureCodec
public class DSSSignatureX509Codec
extends Object
implements ISignatureCodec
An implementation of an ISignatureCodec that knows to encode and decode DSS signatures into the raw bytes which would constitute a DER-encoded form of the ASN.1 structure defined in RFC-2459, and RFC-2313 as described in the next paragraphs.

Digital signatures when transmitted in an X.509 certificates are encoded in DER (Distinguished Encoding Rules) as a BIT STRING; i.e. 

 Certificate ::= SEQUENCE {
   tbsCertificate       TBSCertificate,
   signatureAlgorithm   AlgorithmIdentifier,
   signature            BIT STRING
 }

The output of the encoder, and the input of the decoder, of this codec are then the raw bytes of such a BIT STRING; i.e. not the DER-encoded form itself.

RFC-2459 states that, for the Digital Signature Standard (DSS), which generates two MPIs, commonly called r and s, as the result of digitally signing a message, these two numbers will be transferred as the following ASN.1 structure: 

   Dss-Sig-Value ::= SEQUENCE {
     r  INTEGER,
     s  INTEGER
   }

Client code that needs to build a DER BIT STRING MUST construct such an ASN.1 value. The following is an example of how to do this: 

 ...
 import gnu.java.security.der.BitString;
 import gnu.java.security.der.DER;
 import gnu.java.security.der.DERValue;
 ...
 DERValue bitString = new DERValue(DER.BIT_STRING, new BitString(sigBytes));
 ...

Fields inherited from interface gnu.java.security.sig.ISignatureCodec

RAW_FORMAT

Method Summary

Object
decodeSignature(byte[] input)
Decodes a signature as defined in the documentation of this class.
byte[]
encodeSignature(Object signature)
Encodes a DSS Signature output as the signature raw bytes which can be used to construct an ASN.1 DER-encoded BIT STRING as defined in the documentation of this class.
int
getFormatID()

Methods inherited from class java.lang.Object

clone, equals, extends Object> getClass, finalize, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

decodeSignature

public Object decodeSignature(byte[] input)
Decodes a signature as defined in the documentation of this class.
Specified by:
decodeSignature in interface ISignatureCodec
Parameters:
input - the byte array to unmarshall into a valid DSS signature instance; i.e. an array of two MPIs. MUST NOT be null.
Returns:
an array of two MPIs, r and s in this order, decoded from the designated input.

encodeSignature

public byte[] encodeSignature(Object signature)
Encodes a DSS Signature output as the signature raw bytes which can be used to construct an ASN.1 DER-encoded BIT STRING as defined in the documentation of this class.
Specified by:
encodeSignature in interface ISignatureCodec
Parameters:
signature - the output of the DSS signature algorithm; i.e. the value returned by the invocation of ISignature.sign() method. In the case of a DSS signature this is an array of two MPIs called r and s.
Returns:
the raw bytes of a DSS signature which could be then used as the contents of a BIT STRING as per rfc-2459.
Throws:
InvalidParameterException - if an exception occurs during the marshalling process.

getFormatID

public int getFormatID()
Specified by:
getFormatID in interface ISignatureCodec
DSSSignatureX509Codec.java -- X.509 encoder/decoder for DSS signatures Copyright (C) 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. GNU Classpath is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. GNU Classpath is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GNU Classpath; see the file COPYING. If not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Linking this library statically or dynamically with other modules is making a combined work based on this library. Thus, the terms and conditions of the GNU General Public License cover the whole combination. As a special exception, the copyright holders of this library give you permission to link this library with independent modules to produce an executable, regardless of the license terms of these independent modules, and to copy and distribute the resulting executable under terms of your choice, provided that you also meet, for each linked independent module, the terms and conditions of the license of that module. An independent module is a module which is not derived from or based on this library. If you modify this library, you may extend this exception to your version of the library, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.

Overview Package Class Use Source Tree Index Deprecated About