1. /*

  2.  * @(#)Signature.java	1.85 00/02/02

  3.  *

  4.  * Copyright 1996-2000 Sun Microsystems, Inc. All Rights Reserved.

  5.  * 

  6.  * This software is the proprietary information of Sun Microsystems, Inc.  

  7.  * Use is subject to license terms.

  8.  * 

  9.  */

  10.   

  11. package java.security;

  12. 

  13. import java.security.spec.AlgorithmParameterSpec;

  14. import java.util.*;

  15. import java.io.*;

  16. import java.security.cert.Certificate;

  17. import java.security.cert.X509Certificate;

  18. 

  19. /**

  20.  * This Signature class is used to provide applications the functionality

  21.  * of a digital signature algorithm. Digital signatures are used for

  22.  * authentication and integrity assurance of digital data.

  23.  *

  24.  * <p> The signature algorithm can be, among others, the NIST standard

  25.  * DSA, using DSA and SHA-1. The DSA algorithm using the

  26.  * SHA-1 message digest algorithm can be specified as <tt>SHA1withDSA</tt>.

  27.  * In the case of RSA, there are multiple choices for the message digest

  28.  * algorithm, so the signing algorithm could be specified as, for example,

  29.  * <tt>MD2withRSA</tt>, <tt>MD5withRSA</tt>, or <tt>SHA1withRSA</tt>.

  30.  * The algorithm name must be specified, as there is no default.

  31.  *

  32.  * <p>Like other algorithm-based classes in Java Security, Signature 

  33.  * provides implementation-independent algorithms, whereby a caller 

  34.  * (application code) requests a particular signature algorithm

  35.  * and is handed back a properly initialized Signature object. It is

  36.  * also possible, if desired, to request a particular algorithm from a

  37.  * particular provider. See the <code>getInstance </code> methods.

  38.  *

  39.  * <p>Thus, there are two ways to request a Signature algorithm object: by

  40.  * specifying either just an algorithm name, or both an algorithm name

  41.  * and a package provider. <ul>

  42.  *

  43.  * <li>If just an algorithm name is specified, the system will

  44.  * determine if there is an implementation of the algorithm requested

  45.  * available in the environment, and if there is more than one, if

  46.  * there is a preferred one.<p>

  47.  * 

  48.  * <li>If both an algorithm name and a package provider are specified,

  49.  * the system will determine if there is an implementation of the

  50.  * algorithm in the package requested, and throw an exception if there

  51.  * is not.

  52.  *

  53.  * </ul>

  54.  *

  55.  * <p>A Signature object can be used to generate and verify digital

  56.  * signatures.

  57.  *

  58.  * <p>There are three phases to the use of a Signature object for

  59.  * either signing data or verifying a signature:<ol>

  60.  *

  61.  * <li>Initialization, with either 

  62.  *

  63.  *     <ul>

  64.  *

  65.  *     <li>a public key, which initializes the signature for

  66.  *     verification (see {@link #initVerify(PublicKey) initVerify}), or

  67.  *

  68.  *     <li>a private key (and optionally a Secure Random Number Generator),

  69.  *     which initializes the signature for signing

  70.  *     (see {@link #initSign(PrivateKey)}

  71.  *     and {@link #initSign(PrivateKey, SecureRandom)}).

  72.  *

  73.  *     </ul><p>

  74.  *

  75.  * <li>Updating<p>

  76.  *

  77.  * <p>Depending on the type of initialization, this will update the

  78.  * bytes to be signed or verified. See the 

  79.  * {@link #update(byte) update} methods.<p>

  80.  *

  81.  * <li>Signing or Verifying a signature on all updated bytes. See the 

  82.  * {@link #sign() sign} methods and the {@link #verify(byte[]) verify}

  83.  * method.

  84.  *

  85.  * </ol>

  86.  *

  87.  * <p>Note that this class is abstract and extends from

  88.  * <code>SignatureSpi</code> for historical reasons.

  89.  * Application developers should only take notice of the methods defined in

  90.  * this <code>Signature</code> class; all the methods in

  91.  * the superclass are intended for cryptographic service providers who wish to

  92.  * supply their own implementations of digital signature algorithms.

  93.  *

  94.  * @author Benjamin Renaud 

  95.  *

  96.  * @version 1.85, 02/02/00

  97.  */

  98. 

  99. public abstract class Signature extends SignatureSpi {

  100. 

  101.     /*  Are we in debugging mode? */

  102.     private static final boolean debug = false;

  103. 

  104.     /*

  105.      * The algorithm for this signature object.

  106.      * This value is used to map an OID to the particular algorithm.

  107.      * The mapping is done in AlgorithmObject.algOID(String algorithm)

  108.      */

  109.     private String algorithm;

  110. 

  111.     // The provider

  112.     private Provider provider;

  113. 

  114.     /** 

  115.      * Possible {@link #state} value, signifying that       

  116.      * this signature object has not yet been initialized.

  117.      */      

  118.     protected final static int UNINITIALIZED = 0;       

  119.        

  120.     /** 

  121.      * Possible {@link #state} value, signifying that       

  122.      * this signature object has been initialized for signing.

  123.      */      

  124.     protected final static int SIGN = 2;

  125.        

  126.     /** 

  127.      * Possible {@link #state} value, signifying that       

  128.      * this signature object has been initialized for verification.

  129.      */      

  130.     protected final static int VERIFY = 3;

  131. 

  132.     /** 

  133.      * Current state of this signature object.

  134.      */      

  135.     protected int state = UNINITIALIZED;

  136. 

  137.     /**

  138.      * Creates a Signature object for the specified algorithm.

  139.      *

  140.      * @param algorithm the standard string name of the algorithm. 

  141.      * See Appendix A in the <a href=

  142.      * "../../../guide/security/CryptoSpec.html#AppA">

  143.      * Java Cryptography Architecture API Specification & Reference </a> 

  144.      * for information about standard algorithm names.

  145.      */

  146.     protected Signature(String algorithm) {

  147. 	this.algorithm = algorithm;

  148.     }

  149. 

  150.     /**

  151.      * Generates a Signature object that implements the specified digest

  152.      * algorithm. If the default provider package

  153.      * provides an implementation of the requested digest algorithm,

  154.      * an instance of Signature containing that implementation is returned.

  155.      * If the algorithm is not available in the default 

  156.      * package, other packages are searched.

  157.      *

  158.      * @param algorithm the standard name of the algorithm requested. 

  159.      * See Appendix A in the <a href=

  160.      * "../../../guide/security/CryptoSpec.html#AppA">

  161.      * Java Cryptography Architecture API Specification & Reference </a> 

  162.      * for information about standard algorithm names.

  163.      *

  164.      * @return the new Signature object.

  165.      *

  166.      * @exception NoSuchAlgorithmException if the algorithm is

  167.      * not available in the environment.

  168.      */

  169.     public static Signature getInstance(String algorithm) 

  170.     throws NoSuchAlgorithmException {

  171. 	try {

  172. 	    Object[] objs = Security.getImpl(algorithm, "Signature", null);

  173. 	    if (objs[0] instanceof Signature) {

  174. 		Signature sig = (Signature)objs[0];

  175. 		sig.provider = (Provider)objs[1];

  176. 		return sig;

  177. 	    } else {

  178. 		Signature delegate =

  179. 		    new Delegate((SignatureSpi)objs[0], algorithm);

  180. 		delegate.provider = (Provider)objs[1];

  181. 		return delegate;

  182. 	    }

  183. 	} catch(NoSuchProviderException e) {

  184. 	    throw new NoSuchAlgorithmException(algorithm + " not found");

  185. 	}

  186.     }

  187. 

  188.     /** 

  189.      * Generates a Signature object implementing the specified

  190.      * algorithm, as supplied from the specified provider, if such an 

  191.      * algorithm is available from the provider.

  192.      *

  193.      * @param algorithm the name of the algorithm requested.

  194.      * See Appendix A in the <a href=

  195.      * "../../../guide/security/CryptoSpec.html#AppA">

  196.      * Java Cryptography Architecture API Specification & Reference </a> 

  197.      * for information about standard algorithm names.

  198.      *

  199.      * @param provider the name of the provider.

  200.      *

  201.      * @return the new Signature object.

  202.      *

  203.      * @exception NoSuchAlgorithmException if the algorithm is

  204.      * not available in the package supplied by the requested

  205.      * provider.

  206.      *

  207.      * @exception NoSuchProviderException if the provider is not

  208.      * available in the environment. 

  209.      * 

  210.      * @see Provider 

  211.      */

  212.     public static Signature getInstance(String algorithm, String provider) 

  213. 	throws NoSuchAlgorithmException, NoSuchProviderException

  214.     {

  215. 	if (provider == null || provider.length() == 0)

  216. 	    throw new IllegalArgumentException("missing provider");

  217. 	Object[] objs = Security.getImpl(algorithm, "Signature", provider);

  218. 	if (objs[0] instanceof Signature) {

  219. 	    Signature sig = (Signature)objs[0];

  220. 	    sig.provider = (Provider)objs[1];

  221. 	    return sig;

  222. 	} else {

  223. 	    Signature delegate =

  224. 		new Delegate((SignatureSpi)objs[0], algorithm);

  225. 	    delegate.provider = (Provider)objs[1];

  226. 	    return delegate;

  227. 	}

  228.     }

  229. 

  230.     /** 

  231.      * Returns the provider of this signature object.

  232.      * 

  233.      * @return the provider of this signature object

  234.      */

  235.     public final Provider getProvider() {

  236. 	return this.provider;

  237.     }

  238. 

  239.     /**

  240.      * Initializes this object for verification. If this method is called

  241.      * again with a different argument, it negates the effect

  242.      * of this call.

  243.      *

  244.      * @param publicKey the public key of the identity whose signature is

  245.      * going to be verified.

  246.      *

  247.      * @exception InvalidKeyException if the key is invalid.

  248.      */

  249.     public final void initVerify(PublicKey publicKey) 

  250. 	throws InvalidKeyException {

  251. 	    engineInitVerify(publicKey);

  252. 	    state = VERIFY;

  253.     }

  254. 

  255.     /**

  256.       * Initializes this object for verification, using the public key from

  257.       * the given certificate.

  258.       * <p>If the certificate is of type X.509 and has a <i>key usage</i>

  259.      * extension field marked as critical, and the value of the <i>key usage</i>

  260.      * extension field implies that the public key in

  261.      * the certificate and its corresponding private key are not

  262.      * supposed to be used for digital signatures, an <code>InvalidKeyException</code>

  263.      * is thrown.

  264.      *

  265.      * @param certificate the certificate of the identity whose signature is

  266.      * going to be verified.

  267.      *

  268.      * @exception InvalidKeyException  if the public key in the certificate

  269.      * is not encoded properly or does not include required  parameter

  270.      * information or cannot be used for digital signature purposes.

  271.      */

  272.     public final void initVerify(Certificate certificate)

  273. 	throws InvalidKeyException {

  274. 	    // If the certificate is of type X509Certificate,

  275. 	    // we should check whether it has a Key Usage

  276. 	    // extension marked as critical.

  277. 	    if (certificate instanceof java.security.cert.X509Certificate) {

  278. 		// Check whether the cert has a key usage extension

  279. 		// marked as a critical extension.

  280. 		// The OID for KeyUsage extension is 2.5.29.15.

  281. 		X509Certificate cert = (X509Certificate)certificate;

  282. 		Set critSet = cert.getCriticalExtensionOIDs();

  283. 

  284. 		if (critSet != null && !critSet.isEmpty()

  285. 		    && critSet.contains(new String("2.5.29.15"))) {

  286. 		    boolean[] keyUsageInfo = cert.getKeyUsage();

  287. 		    // keyUsageInfo[0] is for digitalSignature.

  288. 		    if ((keyUsageInfo != null) && (keyUsageInfo[0] == false))

  289. 			throw new InvalidKeyException("Wrong key usage");

  290. 		}

  291. 	    }

  292. 		

  293. 	    PublicKey publicKey = certificate.getPublicKey();

  294. 	    engineInitVerify(publicKey);

  295. 	    state = VERIFY;

  296.     }

  297. 

  298.     /**

  299.      * Initialize this object for signing. If this method is called

  300.      * again with a different argument, it negates the effect

  301.      * of this call.

  302.      *

  303.      * @param privateKey the private key of the identity whose signature

  304.      * is going to be generated.

  305.      * 

  306.      * @exception InvalidKeyException if the key is invalid.  

  307.      */

  308.     public final void initSign(PrivateKey privateKey) 

  309. 	throws InvalidKeyException {

  310. 	    engineInitSign(privateKey);

  311. 	    state = SIGN;

  312.     }

  313. 

  314.     /**

  315.      * Initialize this object for signing. If this method is called

  316.      * again with a different argument, it negates the effect

  317.      * of this call.

  318.      *

  319.      * @param privateKey the private key of the identity whose signature

  320.      * is going to be generated.

  321.      * 

  322.      * @param random the source of randomness for this signature.

  323.      * 

  324.      * @exception InvalidKeyException if the key is invalid.  

  325.      */

  326.     public final void initSign(PrivateKey privateKey, SecureRandom random) 

  327. 	throws InvalidKeyException {

  328. 	    engineInitSign(privateKey, random);

  329. 	    state = SIGN;

  330.     }

  331. 

  332.     /**

  333.      * Returns the signature bytes of all the data updated.

  334.      * The format of the signature depends on the underlying 

  335.      * signature scheme.

  336.      * 

  337.      * <p>A call to this method resets this signature object to the state 

  338.      * it was in when previously initialized for signing via a

  339.      * call to <code>initSign(PrivateKey)</code>. That is, the object is 

  340.      * reset and available to generate another signature from the same 

  341.      * signer, if desired, via new calls to <code>update</code> and 

  342.      * <code>sign</code>.     

  343.      *

  344.      * @return the signature bytes of the signing operation's result.

  345.      *

  346.      * @exception SignatureException if this signature object is not

  347.      * initialized properly.

  348.      */

  349.     public final byte[] sign() throws SignatureException {

  350. 	if (state == SIGN) {

  351. 	    return engineSign();

  352. 	}

  353. 	throw new SignatureException("object not initialized for " +

  354. 				     "signing");

  355.     }

  356. 

  357.     /**

  358.      * Finishes the signature operation and stores the resulting signature

  359.      * bytes in the provided buffer <code>outbuf</code>, starting at

  360.      * <code>offset</code>. 

  361.      * The format of the signature depends on the underlying 

  362.      * signature scheme.

  363.      * 

  364.      * <p>This signature object is reset to its initial state (the state it

  365.      * was in after a call to one of the <code>initSign</code> methods) and

  366.      * can be reused to generate further signatures with the same private key.

  367.      *

  368.      * @param outbuf buffer for the signature result.

  369.      *

  370.      * @param offset offset into <code>outbuf</code> where the signature is

  371.      * stored.

  372.      *

  373.      * @param len number of bytes within <code>outbuf</code> allotted for the

  374.      * signature.

  375.      *

  376.      * @return the number of bytes placed into <code>outbuf</code>.

  377.      *

  378.      * @exception SignatureException if an error occurs or <code>len</code>

  379.      * is less than the actual signature length.

  380.      *

  381.      * @since 1.2

  382.      */

  383.     public final int sign(byte[] outbuf, int offset, int len)

  384. 	throws SignatureException {

  385. 	if (outbuf == null) {

  386. 	    throw new IllegalArgumentException("No output buffer given");

  387. 	}

  388. 	if (outbuf.length - offset < len) {

  389. 	    throw new IllegalArgumentException

  390. 		("Output buffer too small for specified offset and length");

  391. 	}

  392. 	if (state != SIGN) {

  393. 	    throw new SignatureException("object not initialized for " +

  394. 					 "signing");

  395. 	}

  396. 	return engineSign(outbuf, offset, len);

  397.     }

  398. 

  399.     /**

  400.      * Verifies the passed-in signature. 

  401.      * 

  402.      * <p>A call to this method resets this signature object to the state 

  403.      * it was in when previously initialized for verification via a

  404.      * call to <code>initVerify(PublicKey)</code>. That is, the object is 

  405.      * reset and available to verify another signature from the identity

  406.      * whose public key was specified in the call to <code>initVerify</code>.

  407.      *      

  408.      * @param signature the signature bytes to be verified.

  409.      *

  410.      * @return true if the signature was verified, false if not. 

  411.      *

  412.      * @exception SignatureException if this signature object is not 

  413.      * initialized properly, or the passed-in signature is improperly 

  414.      * encoded or of the wrong type, etc.  

  415.      */

  416.     public final boolean verify(byte[] signature) throws SignatureException {

  417. 	if (state == VERIFY) {

  418. 	    return engineVerify(signature);

  419. 	}

  420. 	throw new SignatureException("object not initialized for " +

  421. 				     "verification");

  422.     }

  423. 

  424.     /**

  425.      * Updates the data to be signed or verified by a byte.

  426.      *

  427.      * @param b the byte to use for the update.

  428.      * 

  429.      * @exception SignatureException if this signature object is not 

  430.      * initialized properly.     

  431.      */

  432.     public final void update(byte b) throws SignatureException {

  433. 	if (state == VERIFY || state == SIGN) {

  434. 	    engineUpdate(b);

  435. 	} else {

  436. 	    throw new SignatureException("object not initialized for "

  437. 					 + "signature or verification");

  438. 	}

  439.     }

  440. 

  441.     /**

  442.      * Updates the data to be signed or verified, using the specified

  443.      * array of bytes.

  444.      *

  445.      * @param data the byte array to use for the update.       

  446.      * 

  447.      * @exception SignatureException if this signature object is not 

  448.      * initialized properly.          

  449.      */

  450.     public final void update(byte[] data) throws SignatureException {

  451. 	update(data, 0, data.length);

  452.     }

  453. 

  454.     /**

  455.      * Updates the data to be signed or verified, using the specified

  456.      * array of bytes, starting at the specified offset.  

  457.      *

  458.      * @param data the array of bytes.  

  459.      * @param off the offset to start from in the array of bytes.  

  460.      * @param len the number of bytes to use, starting at offset.

  461.      *  

  462.      * @exception SignatureException if this signature object is not 

  463.      * initialized properly.          

  464.      */

  465.     public final void update(byte[] data, int off, int len) 

  466. 	throws SignatureException {

  467. 	    if (state == SIGN || state == VERIFY) {

  468. 		engineUpdate(data, off, len);

  469. 	    } else {

  470. 		throw new SignatureException("object not initialized for "

  471. 					     + "signature or verification");

  472. 	    }

  473.     }

  474. 

  475.     /** 

  476.      * Returns the name of the algorithm for this signature object.

  477.      * 

  478.      * @return the name of the algorithm for this signature object.

  479.      */

  480.     public final String getAlgorithm() {

  481. 	return this.algorithm;

  482.     }

  483. 

  484.     /**

  485.      * Returns a string representation of this signature object,       

  486.      * providing information that includes the state of the object       

  487.      * and the name of the algorithm used.       

  488.      * 

  489.      * @return a string representation of this signature object.

  490.      */

  491.     public String toString() {

  492. 	String initState = "";

  493. 	switch (state) {

  494. 	case UNINITIALIZED:

  495. 	    initState = "<not initialized>";

  496. 	    break;

  497. 	  case VERIFY:

  498. 	    initState = "<initialized for verifying>";

  499. 	    break;	      

  500. 	  case SIGN:

  501. 	    initState = "<initialized for signing>";

  502. 	    break;	      

  503. 	}

  504. 	return "Signature object: " + getAlgorithm() + initState;

  505.     }

  506. 

  507.     /**

  508.      * Sets the specified algorithm parameter to the specified value.

  509.      * This method supplies a general-purpose mechanism through

  510.      * which it is possible to set the various parameters of this object. 

  511.      * A parameter may be any settable parameter for the algorithm, such as 

  512.      * a parameter size, or a source of random bits for signature generation 

  513.      * (if appropriate), or an indication of whether or not to perform

  514.      * a specific but optional computation. A uniform algorithm-specific 

  515.      * naming scheme for each parameter is desirable but left unspecified 

  516.      * at this time.

  517.      *

  518.      * @param param the string identifier of the parameter.

  519.      * @param value the parameter value.

  520.      *

  521.      * @exception InvalidParameterException if <code>param</code> is an

  522.      * invalid parameter for this signature algorithm engine,

  523.      * the parameter is already set

  524.      * and cannot be set again, a security exception occurs, and so on.

  525.      *

  526.      * @deprecated Use 

  527.      * {@link #setParameter(java.security.spec.AlgorithmParameterSpec)

  528.      * setParameter}.

  529.      */

  530.     public final void setParameter(String param, Object value) 

  531. 	throws InvalidParameterException {

  532. 	    engineSetParameter(param, value);

  533.     }

  534. 

  535.     /**

  536.      * Initializes this signature engine with the specified parameter set.

  537.      *

  538.      * @param params the parameters

  539.      *

  540.      * @exception InvalidAlgorithmParameterException if the given parameters

  541.      * are inappropriate for this signature engine

  542.      */

  543.     public final void setParameter(AlgorithmParameterSpec params)

  544. 	throws InvalidAlgorithmParameterException {

  545. 	    engineSetParameter(params);

  546.     }

  547. 

  548.     /**

  549.      * Gets the value of the specified algorithm parameter. This method 

  550.      * supplies a general-purpose mechanism through which it is possible to 

  551.      * get the various parameters of this object. A parameter may be any 

  552.      * settable parameter for the algorithm, such as a parameter size, or 

  553.      * a source of random bits for signature generation (if appropriate), 

  554.      * or an indication of whether or not to perform a specific but optional 

  555.      * computation. A uniform algorithm-specific naming scheme for each 

  556.      * parameter is desirable but left unspecified at this time.

  557.      *

  558.      * @param param the string name of the parameter.

  559.      *

  560.      * @return the object that represents the parameter value, or null if

  561.      * there is none.

  562.      *

  563.      * @exception InvalidParameterException if <code>param</code> is an invalid

  564.      * parameter for this engine, or another exception occurs while

  565.      * trying to get this parameter.

  566.      *

  567.      * @deprecated

  568.      */

  569.     public final Object getParameter(String param) 

  570. 	throws InvalidParameterException {

  571. 	    return engineGetParameter(param);

  572.     }

  573. 

  574.     /**

  575.      * Returns a clone if the implementation is cloneable.

  576.      * 

  577.      * @return a clone if the implementation is cloneable.

  578.      *

  579.      * @exception CloneNotSupportedException if this is called

  580.      * on an implementation that does not support <code>Cloneable</code>.

  581.      */

  582.     public Object clone() throws CloneNotSupportedException {

  583. 	if (this instanceof Cloneable) {

  584. 	    return super.clone();

  585. 	} else {

  586. 	    throw new CloneNotSupportedException();

  587. 	}

  588.     }

  589. 

  590.     // private debugging method.

  591.     private static void debug(String statement) {

  592. 	if (debug) {

  593. 	    System.err.println(statement);

  594. 	}

  595.     }

  596. 

  597.     // private debugging method.

  598.     private static void debug(Exception e) {

  599. 	if (debug) {

  600. 	    e.printStackTrace();

  601. 	}

  602.     }

  603. 

  604. 

  605. 

  606. 

  607.     /*

  608.      * The following class allows providers to extend from SignatureSpi

  609.      * rather than from Signature. It represents a Signature with an

  610.      * encapsulated, provider-supplied SPI object (of type SignatureSpi).

  611.      * If the provider implementation is an instance of SignatureSpi, the

  612.      * getInstance() methods above return an instance of this class, with

  613.      * the SPI object encapsulated.

  614.      *

  615.      * Note: All SPI methods from the original Signature class have been

  616.      * moved up the hierarchy into a new class (SignatureSpi), which has

  617.      * been interposed in the hierarchy between the API (Signature)

  618.      * and its original parent (Object).

  619.      */

  620. 

  621.     static class Delegate extends Signature {

  622. 

  623. 	// The provider implementation (delegate)

  624. 	private SignatureSpi sigSpi;

  625. 

  626. 	// constructor

  627. 	public Delegate(SignatureSpi sigSpi, String algorithm) {

  628. 	    super(algorithm);

  629. 	    this.sigSpi = sigSpi;

  630. 	}

  631. 

  632. 	/*

  633. 	 * Returns a clone if the delegate is cloneable.    

  634. 	 * 

  635. 	 * @return a clone if the delegate is cloneable.

  636. 	 *

  637. 	 * @exception CloneNotSupportedException if this is called on a

  638. 	 * delegate that does not support <code>Cloneable</code>.

  639. 	 */

  640. 	public Object clone() throws CloneNotSupportedException {

  641. 	    if (sigSpi instanceof Cloneable) {

  642. 		SignatureSpi sigSpiClone = (SignatureSpi)sigSpi.clone();

  643. 		// Because 'algorithm' and 'provider' are private

  644. 		// members of our supertype, we must perform a cast to

  645. 		// access them.

  646. 		Signature that =

  647. 		    new Delegate(sigSpiClone, ((Signature)this).algorithm);

  648. 		that.provider = ((Signature)this).provider;

  649. 		return that;

  650. 	    } else {

  651. 		throw new CloneNotSupportedException();

  652. 	    }

  653. 	}

  654. 

  655. 	protected void engineInitVerify(PublicKey publicKey)

  656. 	    throws InvalidKeyException {

  657. 		sigSpi.engineInitVerify(publicKey);

  658. 	}

  659. 

  660. 	protected void engineInitSign(PrivateKey privateKey)

  661. 	    throws InvalidKeyException {

  662. 		sigSpi.engineInitSign(privateKey);

  663. 	}

  664. 

  665. 	protected void engineUpdate(byte b) throws SignatureException {

  666. 	    sigSpi.engineUpdate(b);

  667. 	}

  668. 

  669. 	protected void engineUpdate(byte[] b, int off, int len) 

  670. 	    throws SignatureException {

  671. 		sigSpi.engineUpdate(b, off, len);

  672. 	}

  673. 	

  674. 	protected byte[] engineSign() throws SignatureException {

  675. 	    return sigSpi.engineSign();

  676. 	}

  677. 

  678. 	protected int engineSign(byte[] outbuf, int offset, int len)

  679. 	    throws SignatureException {

  680. 		return sigSpi.engineSign(outbuf, offset, len);

  681. 	}

  682. 

  683. 	protected boolean engineVerify(byte[] sigBytes) 

  684. 	    throws SignatureException {

  685. 		return sigSpi.engineVerify(sigBytes);

  686. 	}

  687. 

  688. 	protected void engineSetParameter(String param, Object value) 

  689. 	    throws InvalidParameterException {

  690. 		sigSpi.engineSetParameter(param, value);

  691. 	}

  692. 

  693. 	protected void engineSetParameter(AlgorithmParameterSpec params)

  694. 	    throws InvalidAlgorithmParameterException {

  695. 		sigSpi.engineSetParameter(params);

  696. 	}

  697. 

  698. 	protected Object engineGetParameter(String param)

  699. 	    throws InvalidParameterException {

  700. 		return sigSpi.engineGetParameter(param);

  701. 	}

  702.     }

  703. }

  704.     

  705. 	    

  706. 

  707. 

  708. 

  709. 	    

  710. 	    

  711.