public class ExtendedSignature
extends java.lang.Object
keyId
. The signed
timestamp seals the signature creation time. The whole extended signature then is signed by the provided private key.
This not only provides timestamps in signatures, but also repels theoretically possible chosen-text type attacks on
source documents, as actual signature is calculated twice and includes timestamp.
Use keyId
to get an id of a public or private key (for a keypair, the id is the same for both private and
public key).
Use extractKeyId(byte[])
to get key id from a packed signature.
Constructor | Description |
---|---|
ExtendedSignature() |
Modifier and Type | Method | Description |
---|---|---|
static byte[] |
createTargetSignature(com.icodici.crypto.PublicKey publicKey,
byte[] data,
boolean savePublicKey) |
|
static net.sergeych.utils.Bytes |
extractKeyId(byte[] signature) |
Get the keyId (see
keyId ) from a packed binary signature. |
static com.icodici.crypto.PublicKey |
extractPublicKey(byte[] signature) |
Get the keyId (see
keyId ) from a packed binary signature. |
java.time.ZonedDateTime |
getCreatedAt() |
|
net.sergeych.utils.Bytes |
getKeyId() |
|
com.icodici.crypto.PublicKey |
getPublicKey() |
|
byte[] |
getSignature() |
|
static net.sergeych.utils.Bytes |
keyId(com.icodici.crypto.AbstractKey key) |
Calculate keyId for a given key (should be either
PublicKey or PrivateKey ). |
static byte[] |
of(byte[] targetSignature,
byte[] sign,
byte[] sign2) |
Deprecated.
|
static byte[] |
ofSha512AndSha3_384(byte[] targetSignature,
byte[] sign512,
byte[] sign3_384) |
|
static byte[] |
sign(com.icodici.crypto.PrivateKey key,
byte[] data) |
Sign the data with a given key.
|
static byte[] |
sign(com.icodici.crypto.PrivateKey key,
byte[] data,
boolean savePublicKey) |
Sign the data with a given key.
|
static ExtendedSignature |
verify(com.icodici.crypto.PublicKey key,
byte[] signature,
byte[] data) |
Unpack and the extended signature.
|
public net.sergeych.utils.Bytes getKeyId()
public java.time.ZonedDateTime getCreatedAt()
public com.icodici.crypto.PublicKey getPublicKey()
public static byte[] sign(com.icodici.crypto.PrivateKey key, byte[] data)
key
- is PrivateKey
to sign withdata
- to be sign with keypublic static byte[] sign(com.icodici.crypto.PrivateKey key, byte[] data, boolean savePublicKey)
key
- is PrivateKey
to sign with.data
- to be sign with key.savePublicKey
- if true key will stored in the ExtendedSignature
.public static byte[] createTargetSignature(com.icodici.crypto.PublicKey publicKey, byte[] data, boolean savePublicKey)
@Deprecated public static byte[] of(byte[] targetSignature, byte[] sign, byte[] sign2)
public static byte[] ofSha512AndSha3_384(byte[] targetSignature, byte[] sign512, byte[] sign3_384)
public static net.sergeych.utils.Bytes keyId(com.icodici.crypto.AbstractKey key)
PublicKey
or PrivateKey
). the keyId is the same
for public and private key and can be used to store/access keys in Map (Bytes
instances can be used as
Map keys.
Use extractKeyId(byte[])
to get a keyId from a packed extended signature, find the proper key, than
verify(PublicKey, byte[], byte[])
the data. It uses corresponding PublicKey.fingerprint()
.
key
- key to calculate Idpublic static net.sergeych.utils.Bytes extractKeyId(byte[] signature)
keyId
) from a packed binary signature. This method can be used to find proper public
key when signing with several keys.signature
- to extrack keyId fromBytes
public static com.icodici.crypto.PublicKey extractPublicKey(byte[] signature)
keyId
) from a packed binary signature. This method can be used to find proper public
key when signing with several keys.signature
- to extrack keyId fromBytes
public byte[] getSignature()
public static ExtendedSignature verify(com.icodici.crypto.PublicKey key, byte[] signature, byte[] data)
ExtendedSignature
with a decoded
timestamp, getCreatedAt()
key
- to verify signature withsignature
- the binary extended signaturedata
- signed dataExtendedSignature
instance on success.