## CrySL Specifications 

## Java API Signature

The sample program for the Java API Signature (https://docs.oracle.com/javase/8/docs/api/java/security/Signature.html)

Here I used the SHA256withRSA algorithm, we can also use SHA1withDSA and SHA1withRSA

```
Sigature signature = Signature.getInstance("SHA256withRSA");

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(2048);
KeyPair keypair = keyGen.generateKeyPair();

signature.initSign(keypair.getPrivate())

byte[] data = "CrySL Specifications!".getBytes();
signature.update(data);
byte[] signatureBytes = signature.sign();

signature.initVerify(keyPair.getPublic());
signature.update(data);
boolean verified = signature.verify(signatureBytes);
```

Steps happening above:
1. Getting the signature instance with SHA256withRSA Algorithm
2. Creating a key pair(public,private keys), with the keysize of 20-48 bits, which is considered to be strong enough in RSA Alogrithm
3. A private key initializes the signature for signing.
4. Writing and updating some data (here the data is CrySL Specifications!)
5. Storing the signed bytes in signatureBytes.
6. Initialize verify using PublicKey and update the data again.
7. Now verify the signature comparing with signatureBytes.

ORDER OF EXECUTION:

Signature Instance <-> KeyPairGenerator Instance -> initSign (using Private Key) -> update Data -> init Verify (using Public Key) -> Verify the signature

The Assumptions I made is
1. There are only one parameter for the getInstanceMethods() and initialize() so using only algorithm names | keysize.
2. The signature alogrithm can be of SHA256withRSA or SHA1withDSA or SHA1withRSA and the keysize can be of 2048 or 1024 in all 3 algorithm cases

## Specification 

```
SPEC java.security.Signature

OBJECTS
    java.lang.String signatureAlgorithm;
    java.lang.String keyalgorithm;
    int keySize;
    java.lang.Object keypair; (https://docs.oracle.com/javase/7/docs/api/java/security/KeyPair.html)
    java.lang.String data;
    java.security.KeyPairGenerator keyGen;

EVENTS:
    g1: getInstance(signatureAlgorithm)
    g2: getInstance(keyAlgorithm)
    GetInstance:= g1 | g2; ## Because both events are mutually exclusive, so order does not matter
    
    i1: init(keySize);
    i2: initSign(keypair.privekey) ## Don't know this is the correct way
    InitSign:= i1,i2; ## we need i1 to be done before i2, because we need the private key to do i2
    
    u1: update(data);
    UpdateSign:= u1;
    
    i3: initVerify(keyPair.publicKey);
    InitVerify:= i3;
    
    u2: = update(data);
    UpdateVerify:= u2;
    
    v1:= .......;
    SignatureVerify:= v1;
    
ORDER:
    GetInstance, InitSign, UpdateSign, InitVerify, UpdateVerify,  SignatureVerify
    
CONSTRAINTS:
    signaturealgorithm in {"SHA256withRSA","SHA1withDSA","SHA1withRSA"} => keySize in {1024,2048};
    
    
ENSURES:
    verify(signature) ## Ensures the verification of digital signature.
```
    

Thins I'm not sure:
1. Representation of using the privatekey from the object KeyPair.

## SecureRandom

SecureRandom is a class that provides a cryptographically strong random number generator (RNG). Those generated sequence of random numbers are used then in the cryptographic applications for example:- Generating Encryption Keys.
It uses a seed to generate the sequence of pseudorandom numbers.

```
SecureRandom secureRandom = new SecureRandom()
byte[] randomBytes = new byte[16];
secureRandom.nextBytes(randomBytes);
```

As a result of the above program, a 16 byte array will be filled with random values.

## Specification

```
SPEC java.security.SecureRandom

OBJECTS:
    byte[] randomBytes;
EVENTS:
    e1: SecureRandom()
    e2: nextBytes() ## Generates a user-specified number of random bytes.
FORBIDDEN:
    SecureRandom.setSeed(long seed) ## It weakens the security of the generated random numbers, if the seed is known to the attacker.
    
ORDER:
    e1,e2
```