This class allows access to signature services offered through the Java Cryptography Architecture (JCA). At this time the signature/verification implementation of the methods is based on the default RSA JCE provider of the JDK - sun.security.rsa.SunRsaSign
dw.crypto.Signature is an adapter to the security provider implementation and covers several digest algorithms:
- SHA1withRSA (deprecated)
- SHA256withRSA
- SHA384withRSA
- SHA512withRSA
- SHA256withRSA/PSS
- SHA384withRSA/PSS
- SHA512withRSA/PSS
Key size generally ranges between 512 and 65536 bits (the latter of which is unnecessarily large).
Default key size for RSA is 1024. SHA384withRSA and SHA512withRSA require a key with length of at least 1024 bits.
When choosing a key size - beware of the tradeoff between security and processing time:
The longer the key, the harder to break it but also it takes more time for the two sides to sign and verify the signature.
An exception will be thrown for keys shorter than 2048 bits in this version of the API.