Package org.bouncycastle.crypto.signers

Class HMacDSAKCalculator

  • All Implemented Interfaces:
    DSAKCalculator
    public class HMacDSAKCalculator
extends java.lang.Object
implements DSAKCalculator
    A deterministic K calculator based on the algorithm in section 3.2 of RFC 6979.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void init​(java.math.BigInteger n, java.math.BigInteger d, byte[] message)
      Deterministic initialiser.
      void init​(java.math.BigInteger n, java.security.SecureRandom random)
      Non-deterministic initialiser.
      protected void initAdditionalInput0​(HMac hmac0)
      Supply additional input to HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1)).
      protected void initAdditionalInput1​(HMac hmac1)
      Supply additional input to HMAC_K(V || 0x01 || int2octets(x) || bits2octets(h1)).
      boolean isDeterministic()
      Return true if this calculator is deterministic, false otherwise.
      java.math.BigInteger nextK()
      Return the next valid value of K.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • HMacDSAKCalculator

        public HMacDSAKCalculator​(Digest digest)
        Base constructor.
        Parameters:
        digest - digest to build the HMAC on.

    • Method Detail

      • isDeterministic

        public boolean isDeterministic()
        Description copied from interface: DSAKCalculator
        Return true if this calculator is deterministic, false otherwise.
        Specified by:
        isDeterministic in interface DSAKCalculator
        Returns:
        true if deterministic, otherwise false.

      • init

        public void init​(java.math.BigInteger n,
                 java.security.SecureRandom random)
        Description copied from interface: DSAKCalculator
        Non-deterministic initialiser.
        Specified by:
        init in interface DSAKCalculator
        Parameters:
        n - the order of the DSA group.
        random - a source of randomness.

      • init

        public void init​(java.math.BigInteger n,
                 java.math.BigInteger d,
                 byte[] message)
        Description copied from interface: DSAKCalculator
        Deterministic initialiser.
        Specified by:
        init in interface DSAKCalculator
        Parameters:
        n - the order of the DSA group.
        d - the DSA private value.
        message - the message being signed.

      • nextK

        public java.math.BigInteger nextK()
        Description copied from interface: DSAKCalculator
        Return the next valid value of K.
        Specified by:
        nextK in interface DSAKCalculator
        Returns:
        a K value.

      • initAdditionalInput0

        protected void initAdditionalInput0​(HMac hmac0)
        Supply additional input to HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1)).

        RFC 6979 3.6. Additional data may be added to the input of HMAC [..]. A use case may be a protocol that requires a non-deterministic signature algorithm on a system that does not have access to a high-quality random source. It suffices that the additional data [..] is non-repeating (e.g., a signature counter or a monotonic clock) to ensure "random-looking" signatures are indistinguishable, in a cryptographic way, from plain (EC)DSA signatures.

        By default there is no additional input. Override this method to supply additional input, bearing in mind that this calculator may be used for many signatures.

        Parameters:
        hmac0 - the HMac to which the additional input should be added.

      • initAdditionalInput1

        protected void initAdditionalInput1​(HMac hmac1)
        Supply additional input to HMAC_K(V || 0x01 || int2octets(x) || bits2octets(h1)).

        Refer to comments for initAdditionalInput0(HMac).

        Parameters:
        hmac1 - the HMac to which the additional input should be added.