Class WeakSignature
This API provides access to Deprecated algorithms.
See Signature for full documentation. WeakSignature is simply a drop-in replacement that only supports deprecated algorithms. This is helpful when you need to deal with weak algorithms for backward compatibility purposes, but Signature should always be used for new development and for anything intended to be secure.
This class allows access to signature services offered through the Java Cryptography Architecture (JCA). At this time the signature/verification implementation of the methods is based on the default RSA JCE provider of the JDK - sun.security.rsa.SunRsaSign
dw.crypto.WeakSignature is an adapter to the security provider implementation and only covers one digest algorithm:
- SHA1withRSA
Note: this class handles sensitive security-related data. Pay special attention to PCI DSS v3. requirements 2, 4, 12, and other relevant requirements.
| Constructor | Description |
|---|---|
| WeakSignature() |
| Method | Description |
|---|---|
| isDigestAlgorithmSupported(String) | Checks to see if a digest algorithm is supported |
| sign(String, KeyRef, String) | Signs a string and returns a string |
| sign(String, String, String) | Signs a string and returns a string |
| signBytes(Bytes, KeyRef, String) | Signs bytes and returns bytes |
| signBytes(Bytes, String, String) | Signs bytes and returns bytes |
| verifyBytesSignature(Bytes, Bytes, CertificateRef, String) | Verifies a signature supplied as bytes |
| verifyBytesSignature(Bytes, Bytes, String, String) | Verifies a signature supplied as bytes |
| verifySignature(String, String, CertificateRef, String) | Verifies a signature supplied as string |
| verifySignature(String, String, String, String) | Verifies a signature supplied as string |
assign, create, create, defineProperties, defineProperty, entries, freeze, fromEntries, getOwnPropertyDescriptor, getOwnPropertyNames, getOwnPropertySymbols, getPrototypeOf, hasOwnProperty, is, isExtensible, isFrozen, isPrototypeOf, isSealed, keys, preventExtensions, propertyIsEnumerable, seal, setPrototypeOf, toLocaleString, toString, valueOf, values
- WeakSignature()
- isDigestAlgorithmSupported(digestAlgorithm: String): Boolean
Checks to see if a digest algorithm is supported
Parameters:
- digestAlgorithm - the digest algorithm name
Returns:
- a boolean indicating success (true) or failure (false)
- sign(contentToSign: String, privateKey: KeyRef, digestAlgorithm: String): String
Signs a string and returns a string
Parameters:
- contentToSign - base64 encoded content to sign
- privateKey - a reference to a private key entry in the keystore
- digestAlgorithm - must be one of the currently supported ones
Returns:
- the base64 encoded signature
- sign(contentToSign: String, privateKey: String, digestAlgorithm: String): String
Signs a string and returns a string
Parameters:
- contentToSign - base64 encoded content to sign
- privateKey - base64 encoded private key
- digestAlgorithm - must be one of the currently supported ones
Returns:
- the base64 encoded signature
- signBytes(contentToSign: Bytes, privateKey: KeyRef, digestAlgorithm: String): Bytes
Signs bytes and returns bytes
Parameters:
- contentToSign - transformed with UTF-8 encoding into a byte stream
- privateKey - a reference to a private key entry in the keystore
- digestAlgorithm - must be one of the currently supported ones
Returns:
- signature
- signBytes(contentToSign: Bytes, privateKey: String, digestAlgorithm: String): Bytes
Signs bytes and returns bytes
Parameters:
- contentToSign - transformed with UTF-8 encoding into a byte stream
- privateKey - base64 encoded private key
- digestAlgorithm - must be one of the currently supported ones
Returns:
- signature
- verifyBytesSignature(signature: Bytes, contentToVerify: Bytes, certificate: CertificateRef, digestAlgorithm: String): Boolean
Verifies a signature supplied as bytes
Parameters:
- signature - signature to check as bytes
- contentToVerify - as bytes
- certificate - a reference to a trusted certificate
- digestAlgorithm - must be one of the currently supported ones
Returns:
- a boolean indicating success (true) or failure (false)
- verifyBytesSignature(signature: Bytes, contentToVerify: Bytes, publicKey: String, digestAlgorithm: String): Boolean
Verifies a signature supplied as bytes
Parameters:
- signature - signature to check as bytes
- contentToVerify - as bytes
- publicKey - base64 encoded public key
- digestAlgorithm - must be one of the currently supported ones
Returns:
- a boolean indicating success (true) or failure (false)
- verifySignature(signature: String, contentToVerify: String, certificate: CertificateRef, digestAlgorithm: String): Boolean
Verifies a signature supplied as string
Parameters:
- signature - base64 encoded signature
- contentToVerify - base64 encoded content to verify
- certificate - a reference to a trusted certificate
- digestAlgorithm - must be one of the currently supported ones
Returns:
- a boolean indicating success (true) or failure (false)
- verifySignature(signature: String, contentToVerify: String, publicKey: String, digestAlgorithm: String): Boolean
Verifies a signature supplied as string
Parameters:
- signature - base64 encoded signature
- contentToVerify - base64 encoded content to verify
- publicKey - base64 encoded public key
- digestAlgorithm - must be one of the currently supported ones
Returns:
- a boolean indicating success (true) or failure (false)