com.nimbusds.jose.crypto.impl

Class ECDSA

java.lang.Object

com.nimbusds.jose.crypto.impl.ECDSA

public class ECDSA
extends Object

Elliptic Curve Digital Signature Algorithm (ECDSA) functions and utilities.

Version:

2019-10-03

Author:

Vladimir Dzhuvinov, Aleksei Doroganov

Method Summary

Modifier and Type	Method and Description
static int	getSignatureByteArrayLength(JWSAlgorithm alg) Returns the expected signature byte array length (R + S parts) for the specified ECDSA algorithm.
static Signature	getSignerAndVerifier(JWSAlgorithm alg, Provider jcaProvider) Creates a new JCA signer / verifier for ECDSA.
static JWSAlgorithm	resolveAlgorithm(Curve curve) Resolves the matching EC DSA algorithm for the specified elliptic curve.
static JWSAlgorithm	resolveAlgorithm(ECKey ecKey) Resolves the matching EC DSA algorithm for the specified EC key (public or private).
static byte[]	transcodeSignatureToConcat(byte[] derSignature, int outputLength) Transcodes the JCA ASN.1/DER-encoded signature into the concatenated R + S format expected by ECDSA JWS.
static byte[]	transcodeSignatureToDER(byte[] jwsSignature) Transcodes the ECDSA JWS signature into ASN.1/DER format for use by the JCA verifier.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

resolveAlgorithm

public static JWSAlgorithm resolveAlgorithm(ECKey ecKey)
                                     throws JOSEException

Resolves the matching EC DSA algorithm for the specified EC key (public or private).

Parameters:

ecKey - The EC key. Must not be null.

Returns:

The matching EC DSA algorithm.

Throws:

JOSEException - If the elliptic curve of key is not supported.

resolveAlgorithm

public static JWSAlgorithm resolveAlgorithm(Curve curve)
                                     throws JOSEException

Resolves the matching EC DSA algorithm for the specified elliptic curve.

Parameters:

curve - The elliptic curve. May be null.

Returns:

The matching EC DSA algorithm.

Throws:

JOSEException - If the elliptic curve of key is not supported.

getSignerAndVerifier

public static Signature getSignerAndVerifier(JWSAlgorithm alg,
                                             Provider jcaProvider)
                                      throws JOSEException

Creates a new JCA signer / verifier for ECDSA.

Parameters:

alg - The ECDSA JWS algorithm. Must not be null.

jcaProvider - The JCA provider, null if not specified.

Returns:

The JCA signer / verifier instance.

Throws:

JOSEException - If a JCA signer / verifier couldn't be created.

getSignatureByteArrayLength

public static int getSignatureByteArrayLength(JWSAlgorithm alg)
                                       throws JOSEException

Returns the expected signature byte array length (R + S parts) for the specified ECDSA algorithm.

Parameters:

alg - The ECDSA algorithm. Must be supported and not null.

Returns:

The expected byte array length for the signature.

Throws:

JOSEException - If the algorithm is not supported.

transcodeSignatureToConcat

public static byte[] transcodeSignatureToConcat(byte[] derSignature,
                                                int outputLength)
                                         throws JOSEException

Transcodes the JCA ASN.1/DER-encoded signature into the concatenated R + S format expected by ECDSA JWS.

Parameters:

derSignature - The ASN1./DER-encoded. Must not be null.

outputLength - The expected length of the ECDSA JWS signature.

Returns:

The ECDSA JWS encoded signature.

Throws:

JOSEException - If the ASN.1/DER signature format is invalid.

transcodeSignatureToDER

public static byte[] transcodeSignatureToDER(byte[] jwsSignature)
                                      throws JOSEException

Transcodes the ECDSA JWS signature into ASN.1/DER format for use by the JCA verifier.

Parameters:

jwsSignature - The JWS signature, consisting of the concatenated R and S values. Must not be null.

Returns:

The ASN.1/DER encoded signature.

Throws:

JOSEException - If the ECDSA JWS signature format is invalid.