For the latest news and information visit
The GNU Crypto project

gnu.crypto.sig.rsa
Class EMSA_PSS

java.lang.Object
  extended bygnu.crypto.sig.rsa.EMSA_PSS
All Implemented Interfaces:
java.lang.Cloneable

public class EMSA_PSS
extends java.lang.Object
implements java.lang.Cloneable

An implementation of the EMSA-PSS encoding/decoding scheme.

EMSA-PSS coincides with EMSA4 in IEEE P1363a D5 except that EMSA-PSS acts on octet strings and not on bit strings. In particular, the bit lengths of the hash and the salt must be multiples of 8 in EMSA-PSS. Moreover, EMSA4 outputs an integer of a desired bit length rather than an octet string.

EMSA-PSS is parameterized by the choice of hash function Hash and mask generation function MGF. In this submission, MGF is based on a Hash definition that coincides with the corresponding definitions in IEEE Std 1363-2000, PKCS #1 v2.0, and the draft ANSI X9.44. In PKCS #1 v2.0 and the draft ANSI X9.44, the recommended hash function is SHA-1, while IEEE Std 1363-2000 recommends SHA-1 and RIPEMD-160.

References:

  1. RSA-PSS Signature Scheme with Appendix, part B.
    Primitive specification and supporting documentation.
    Jakob Jonsson and Burt Kaliski.

Version:
$Revision: 1.2 $

Method Summary
 java.lang.Object clone()
           
 boolean decode(byte[] mHash, byte[] EM, int emBits, int sLen)
          The decoding operation EMSA-PSS-Decode recovers the message hash from an encoded message EM and compares it to the hash of M.
 byte[] encode(byte[] mHash, int emBits, byte[] salt)
          The encoding operation EMSA-PSS-Encode computes the hash of a message M using a hash function and maps the result to an encoded message EM of a specified length using a mask generation function.
static EMSA_PSS getInstance(java.lang.String mdName)
          Returns an instance of this object given a designated name of a hash function.
 
Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

getInstance

public static EMSA_PSS getInstance(java.lang.String mdName)

Returns an instance of this object given a designated name of a hash function.

Parameters:
mdName - the canonical name of a hash function.
Returns:
an instance of this object configured for use with the designated options.

clone

public java.lang.Object clone()

encode

public byte[] encode(byte[] mHash,
                     int emBits,
                     byte[] salt)

The encoding operation EMSA-PSS-Encode computes the hash of a message M using a hash function and maps the result to an encoded message EM of a specified length using a mask generation function.

Parameters:
mHash - the byte sequence resulting from applying the message digest algorithm Hash to the message M.
emBits - the maximal bit length of the integer OS2IP(EM), at least 8.hLen + 8.sLen + 9.
salt - the salt to use when encoding the output.
Returns:
the encoded message EM, an octet string of length emLen = CEILING(emBits / 8).
Throws:
java.lang.IllegalArgumentException - if an exception occurs.

decode

public boolean decode(byte[] mHash,
                      byte[] EM,
                      int emBits,
                      int sLen)

The decoding operation EMSA-PSS-Decode recovers the message hash from an encoded message EM and compares it to the hash of M.

Parameters:
mHash - the byte sequence resulting from applying the message digest algorithm Hash to the message M.
EM - the encoded message, an octet string of length emLen = CEILING(emBits/8).
emBits - the maximal bit length of the integer OS2IP(EM), at least 8.hLen + 8.sLen + 9.
sLen - the length, in octets, of the expected salt.
Returns:
true if the result of the verification was consistent with the expected reseult; and false if the result was inconsistent.
Throws:
java.lang.IllegalArgumentException - if an exception occurs.

For the latest news and information visit
The GNU Crypto project

Copyright © 2001, 2002, 2003 Free Software Foundation, Inc. All Rights Reserved.