Digital Signature

Class Overview

com.dyadicsec.mobile.tokens.sign
java.lang.Object
     com.dyadicsec.mobile.DYSimpleBase
          com.dyadicsec.mobile.tokens.sign.DYSign

The DYSign is a wrapper class for working with the Unbound signing tokens. It provides methods for the common signing actions: creation and deletion of the single signing token as well as the signing of the data.

createSignToken

Creates the signature token.

Note
This method deletes all other signature tokens.

public void createSignToken(
     String label,
     String username,
     DYCredentials credentials,
     Map< String, String> parameters,
     DYSignTokenFactory.DYInitTokenListener listener)

Parameters:

  • Label - Label assigned to the token.
  • username - Name of the user.
  • credentials - Credentials.
  • parameters - null – for RSA-based signing.
    For the additional options, see the note below.
  • listener - The callback handler.

To use ECDSAClosedElliptic Curve Digital Signature Algorithm - A variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography.-based signing, assign to the parameters the following value:

Map<String, String> parameters = new HashMap<>();
parameters.put(DYSignTokenFactory.TYPE, SignTokenType.ECDSA.toString());

The default crypto-parameters used for signing are:

Parameter

RSA

ECDSAClosedElliptic Curve Digital Signature Algorithm - A variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography.

Padding

PKCSClosedPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1

N/A

Hash

SHA256

SHA256

Key Size

2048

P256

sign

Signing implicitly refers to the signing token created in the previous step.

public void sign(
    byte[] dataToSign,
    DYCredentials credentials,
    IDYSignToken.HASH_ALGORITHM hashAlgorithm,
    IDYSignToken.DYSignListener listener)

Parameters:

  • dataToSign - The byte array to sign.
  • credentials - Credentials.
  • hashAlgorithm - null – the default (SHA256).
    Other values: SHA1, SHA256, SHA384, SHA512.
  • listener - The callback handler.

Sample Code

The sample code presents the use of the following three operations:

Init

It creates a singleton of the CoTClosedCrypto-of-Things (CoT) - Unbound's CoT ensures that your apps are secure regardless of the security posture of the device on which they’re deployed. SDK using DYMobile.getInstance(). See Initialization.

Create Signature Token

private void CreateSignTokenHandler() {
    txtSignature.setText("");
//  specify type of encryption used by signing
    Map<String, String> params = new HashMap<>();
    params.put(DYSignTokenFactory.TYPE, rdbECDSA.isChecked()?
    IDYSignToken.SignTokenType.ECDSA.toString() :
    IDYSignToken.SignTokenType.RSA.toString());
    DYSign.getInstance().createSignToken(
      "label",
       USERNAME,
       new DYNoCredentials() ,
       params, // RSA or ECDSA encryption
       new DYSignTokenFactory.DYInitTokenListener() {
       @Override
       public void completed(final DYStatus status, final IDYSignToken token) {
            runOnUiThread(new Runnable() {
                @Override
                public void run() {
                    // deleted
                    }
                }
            });
        }
    });

Signing

private void signHandler() {
    DYSign.getInstance().sign(
        edtTextToSign.getText().toString().getBytes("UTF-8"),
        new DYNoCredentials(),
        null,// Use SHA256
        new IDYSignToken.DYSignListener() {
            @Override
            // deleted
        });
}