/** * Creates a signature over the byte array representation of the packet * @param identity An email identity that matches the destination field * @param keyUpdateHandler * @throws PasswordException * @throws GeneralSecurityException */ private void sign(EmailIdentity identity, KeyUpdateHandler keyUpdateHandler) throws GeneralSecurityException, PasswordException { byte[] data = getDataToSign(); CryptoImplementation cryptoImpl = identity.getCryptoImpl(); PrivateKey privateSigningKey = identity.getPrivateSigningKey(); signature = cryptoImpl.sign(data, privateSigningKey, keyUpdateHandler); }
@Test public void signAndVerify() throws GeneralSecurityException, IOException, PasswordException { for (TestIdentity testIdentity: testIdentities) { KeyUpdateHandler keyUpdateHandler; if (testIdentity.cryptoImpl instanceof NTRUEncrypt1087_GMSS512) keyUpdateHandler = TestUtil.createVerifyingKeyUpdateHandler(testMessages.size()); // verify that KeyUpdateHandler is called once for each signed message else keyUpdateHandler = TestUtil.createDummyKeyUpdateHandler(); for (byte[] message: testMessages) { CryptoImplementation cryptoImpl = testIdentity.cryptoImpl; KeyPair signingKeys = testIdentity.signingKeys; byte[] signature = cryptoImpl.sign(message, signingKeys.getPrivate(), keyUpdateHandler); assertTrue("Invalid signature for crypto implementation <" + cryptoImpl.getName() + ">", cryptoImpl.verify(message, signature, signingKeys.getPublic())); } } } }
cryptoImpl.sign(message, privateKey, identities);
/** * Creates a digital signature of the email and stores it in the * <code>SIGNATURE_HEADER</code> header field. It also removes the * <code>SIGNATURE_VALID_HEADER</code> header. If there is a signature * already, it is replaced.<br/> * The signature is computed over the stream representation of the * email, minus the signature header if it is present.<br/> * The signature includes the ID number of the {@link CryptoImplementation} * used (signature lengths can be different for the same algorithm). * @param senderIdentity * @param keyUpdateHandler Needed for updating the signature key after signing (see {@link CryptoImplementation#sign(byte[], PrivateKey, KeyUpdateHandler)}) * @throws MessagingException * @throws GeneralSecurityException * @throws PasswordException */ public void sign(EmailIdentity senderIdentity, KeyUpdateHandler keyUpdateHandler) throws MessagingException, GeneralSecurityException, PasswordException { removeHeader(SIGNATURE_HEADER); // make sure there is no existing signature which would make the new signature invalid removeHeader(SIGNATURE_VALID_HEADER); // remove the signature validity flag before signing CryptoImplementation cryptoImpl = senderIdentity.getCryptoImpl(); PrivateKey privateSigningKey = senderIdentity.getPrivateSigningKey(); byte[] signature = cryptoImpl.sign(toByteArray(), privateSigningKey, keyUpdateHandler); String foldedSignature = foldSignature(cryptoImpl.getId() + "_" + Base64.encode(signature)); setHeader(SIGNATURE_HEADER, foldedSignature); }