3-8 Oracle Fusion Middleware Reference for Oracle Security Developer Tools
To create a new instance of Signature, call the static getInstance method with an AlgorithmIdentifier and a PrivateKey or PublicKey objects as
parameters. Example 3–10
shows how to create a new Signature object and initialize it with the specified algorithm.
Example 3–10 Code Example for Creating a New
Signature Object
Signature rsaSign = Signature.getInstanceAlgID.md5WithRSAEncryption; Signature rsaVerif = Signature.getInstanceAlgID.md5WithRSAEncryption;
Example 3–11 shows how to set the keys for the Signature objects and set the
document to be signed or verified.
Example 3–11 Code Example for Setting Signature Keys and Documents
rsaSign.setPrivateKeyprivKey; rsaSign.setDocumentdata;
rsaVerif.setPublicKeypubKey; rsaVerif.setDocumentdata;
Example 3–12 shows how to compute the signature using the private key or to verify
the signature using the public key and the signature bytes.
Example 3–12 Code Example for Computing or Verifying a Signature
byte[] sigBytes = rsaSign.sign; boolean verified = rsaVerif.verifysigBytes;
3.3.5 Message Digests
Oracle Crypto provides the following message digest classes:
■
The oracle.security.crypto.core.MessageDigest Class
■
The oracle.security.crypto.core.MAC Class
3.3.5.1 The oracle.security.crypto.core.MessageDigest Class
The MessageDigest abstract class provides methods to hash and digest data. The concrete classes extending the MessageDigest class are the MD2, MD4, MD5 and the
SHA classes.
The available algorithms for message digest operations are: AlgID.md2, AlgID.md4, AlgID.md5, AlgID.sha_1, AlgID.sha_256, AlgID.sha_384 and AlgID.sha_
512.
The basic process for creating a message digest is as follows:
1.
Create a new instance of MessageDigest by calling the static getInstance method with an AlgorithmIdentifier object as a parameter.
2.
Add the data to be digested.
3.
Compute the hash value. Example 3–13
shows how to create an MD5 message digest object.
Example 3–13 Code Example for Creating a Message Digest
Create a new MD5 MessageDigest object MessageDigest md5 = Signature.getInstanceAlgID.md5;
Oracle Crypto 3-9
Add the data to be digested md5.udpatedata1;
md5.udpatedata2;
Compute the hash value md5.computeCurrent;
byte[] digestBits = md5.getDigestBits;
3.3.5.2 The oracle.security.crypto.core.MAC Class
The MAC abstract class provides methods to compute and verify a Message Authentication Code MAC. The concrete class extending the MAC is the HMAC class.
The available algorithms for MAC operations are: AlgID.hmacMD5 and AlgID.hmacSHA.
The basic process for creating a MAC is as follows:
1.
Create a new instance of MAC by calling the static getInstance method with an AlgorithmIdentifier and a SymmetricKey object as a parameter.
2.
Add the data to be digested.
3.
Compute the MAC value and verify it. Example 3–14
shows how to create a new HMAC object with the HMAC-SHA1 algorithm.
Example 3–14 Code Example for Creating a MAC
Create an HMAC object with the HMAC-SHA1 algorithm MAC hmacSha1Compute = MAC.getInstanceAlgID.hmacSHA, hmacSha1Key;
Add the data to be digested hmacSha1Compute.udpatedata;
Compute the MAC value and verify byte[] macValue = hmacSha1Compute.computeMAC;
boolean verified = hmacSha1Verify.verifyMACdata, macValue;
3.3.6 Key Agreement