Ejemplo de firma y verificación mediante relleno PSS.
package doxy.examples;
import com.dinamonetworks.Dinamo;
import br.com.trueaccess.TacException;
import br.com.trueaccess.TacNDJavaLib;
public class SignVerifyPss {
public static void main(String[] args) throws TacException {
Dinamo api = new Dinamo();
api.openSession("127.0.0.1", "master", "12345678", false);
byte[] message = { (byte)0xD5, (byte)0x17, (byte)0xED, (byte)0x40, (byte)0x1D,
(byte)0xF3, (byte)0x03, (byte)0x38, (byte)0x37, (byte)0xE0,
(byte)0x8B, (byte)0x62, (byte)0x55, (byte)0xBE, (byte)0xDB,
(byte)0xF9, (byte)0x52, (byte)0x0E, (byte)0xF8, (byte)0x8E };
String keyId = "rsa";
api.createKey(keyId, TacNDJavaLib.ALG_RSA_2048);
byte[] signature = api.sign(keyId, TacNDJavaLib.ALG_SHA2_256, TacNDJavaLib.D_PSS_PADDING, message);
System.out.println("Sign: ok");
byte[] pubKeyDer = api.exportKey(keyId, TacNDJavaLib.PUBLICKEY_BLOB);
byte[] pubKeyHandle = api.importKey(keyId, TacNDJavaLib.PUBLICKEY_BLOB, TacNDJavaLib.ALG_RSA_2048_PUB,
0, pubKeyDer);
api.setPadding(pubKeyHandle, TacNDJavaLib.D_PSS_PADDING);
api.verifySignature(pubKeyHandle, TacNDJavaLib.ALG_SHA2_256, signature, message);
System.out.println("Verify: ok");
api.deleteKey(keyId);
api.closeSession();
}
}