The Signature class

The IBMJCECCA provider supports signatures of the following types.

  • SHA1 with DSA, except that DSA is only supported on z800 and z900 hardware
  • SHA1 with RSA
  • MD2 with RSA
  • MD5 with RSA
  • SHA256 with RSA (supported on z9 and newer zSeries processor families)
  • SHA384 with RSA (supported on z10 and newer zSeries processor families). Note that the alias names "SHA3/RSA" and "SHA3withRSA", which refer to the SHA384 with RSA implementation in IBMJCECCA, were deprecated in Java™ 8. Use the "SHA384withRSA" alias name instead.
  • SHA512 with RSA (supported on z10 and newer zSeries processor families). Note that the alias names "SHA5/RSA" and "SHA5withRSA", which refer to the SHA512 with RSA implementation in IBMJCECCA, were deprecated in Java 8. Use the "SHA512withRSA" alias name instead.
  • SHA1 with ECDSA (supported on zSeries processor families where the Crypto Express 3 Coprocessor or newer is available)
  • SHA256 with ECDSA (supported on zSeries processor families where the Crypto Express 3 Coprocessor or newer is available)
  • SHA384 with ECDSA (supported on zSeries processor families where the Crypto Express 3 Coprocessor or newer is available). Note that the alias names "SHA3/ECDSA" and "SHA3withECDSA", which refer to the SHA384 with ECDSA implementation in IBMJCECCA, were deprecated in Java 8. Use the "SHA384withECDSA" alias name instead.
  • SHA512 with ECDSA (supported on zSeries processor families where the Crypto Express 3 Coprocessor or newer is available). Note that the alias names "SHA5/ECDSA" and "SHA5withECDSA", which refer to the SHA512 with ECDSA implementation in IBMJCECCA, were deprecated in Java 8. Use the "SHA512withECDSA" alias name instead.

A Signature is created by calling the MessageDigest class that will be used when computing the signature, then calling the CCA hardware to create the signature from the hash and the corresponding private key. A Signature is verified by creating a hash and passing in both the public key and the previously generated signature to the hardware.