/**
* Compute the signature or MAC value over the supplied input.
*
* <p>It is up to the caller to ensure that the specified algorithm ID and isMAC flag are
* consistent with the type of signing key supplied in the signing credential.
*
* @param signingCredential the credential containing the signing key
* @param jcaAlgorithmID the Java JCA algorithm ID to use
* @param isMAC flag indicating whether the operation to be performed is a signature or MAC
* computation
* @param input the input over which to compute the signature
* @return the computed signature or MAC value
* @throws SecurityException throw if the computation process results in an error
*/
public static byte[] sign(
Credential signingCredential, String jcaAlgorithmID, boolean isMAC, byte[] input)
throws SecurityException {
Key signingKey = SecurityHelper.extractSigningKey(signingCredential);
if (signingKey == null) {
log.error("No signing key supplied in signing credential for signature computation");
throw new SecurityException("No signing key supplied in signing credential");
}
if (isMAC) {
return signMAC(signingKey, jcaAlgorithmID, input);
} else if (signingKey instanceof PrivateKey) {
return sign((PrivateKey) signingKey, jcaAlgorithmID, input);
} else {
log.error("No PrivateKey present in signing credential for signature computation");
throw new SecurityException("No PrivateKey supplied for signing");
}
}
