Name

Signature

Synopsis

This class computes or verifies a digital signature. Obtain a Signature object by calling one of the static getInstance( ) factory methods and specifying the desired digital signature algorithm and, optionally, the desired provider of that algorithm. A digital signature is essentially a message digest encrypted by a public-key encryption algorithm. Thus, to specify a digital signature algorithm, you must specify both the digest algorithm and the encryption algorithm. The only algorithm supported by the default “SUN” provider is “SHA1withDSA”.

Once you have obtained a Signature object, you must initialize it before you can create or verify a digital signature. To initialize a digital signature for creation, call initSign( ) and specify the private key to be used to create the signature. To initialize a signature for verification, call initVerify( ) and specify the public key of the signer. Once the Signature object has been initialized, call update( ) one or more times to specify the data to be signed or verified. Prior to Java 5.0, the data must be specified as an array of bytes. In Java 5.0 and later, you can also pass a ByteBuffer to update( ), and this facilitates the use of the Signature class with the java.nio package.

Finally, to create a digital signature, call sign( ), passing a byte array into which the signature is stored. Or, pass the bytes of the digital signature to verify( ), which returns true if the signature is valid or false otherwise. ...

Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.