Security API Problem !!!

Benjamin Renaud (br)
Wed, 12 Mar 1997 10:52:35 -0800

Date: Wed, 12 Mar 1997 10:52:35 -0800
From: br (Benjamin Renaud)
Message-Id: <199703121852.KAA03340@springbank.eng.sun.com>
To: wplatzer <wplatzer@iaik.tu-graz.ac.at>
Subject: Security API Problem !!!
In-Reply-To: <19970312165192.NTM0003@iaik.tu-graz.ac.at>

Hi Wolfgang,

Thanks for your note. I hope this will help resolve your problem:

wplatzer@iaik.tu-graz.ac.at writes:
>
> I wrote a new provider class which implements RSA signatures and came acr=
> oss a problem.

Note that there really is no such thing as an "RSA signature", but
only "MD5 with RSA", "SHA with RSA", etc.

> In the document "JavaTM Cryptography Architecture; API Specification & Re=
> ference" you described the process of verifying signature in this way:
>
> Verifying a Signature
>
> Verifying the signature is straightforward. (Note: here we also=
> use the key pair generated in the key pair example)
>
> 1: /* Initializing the object with the public key */
> 2: PublicKey pub =3D pair.getPublic();
> 3: rsa.initVerify(pub);
> 4:
> 5: /* Update and verify the data */
> 6: rsa.update(data);
> 7: boolean verifies =3D rsa.verify(sig);
> 8: System.out.println("signature verifies: " + verifies);
>
>
> The Problem:
>
> The name of the hash algorithm used to create a signature is located in t=
> he signature (ASN.1 datastructure "DigestInfo"). According to the API of =
> class Signature I get the signature with method verify(byte[] signature) =
> in line 7:. But to hash the document in line 6: I must already know which=
> algorithm I shoud use for hashing the message (MD2, MD4, SHA, ...).

The info is not in the ASN.1 datastructure. The ASN.1 data structure
contains only the encrypted hash value for RSA. We will be publishing
the exact ASN.1 format for RSA-based signatures this later this month.

The key is that you must know at the time you instantiate the
signature object what the hash algorithm you want to use is:

Signature md5Rsa = Signature.getInstance("MD5/RSA");

-- Benjamin