- Java Cryptography Tutorial
- Java Cryptography - Home
- Java Cryptography - Introduction
- Message Digest and MAC
- Java Cryptography - Message Digest
- Java Cryptography - Creating a MAC
- Keys and Key Store
- Java Cryptography - Keys
- Java Cryptography - Storing keys
- Java Cryptography - Retrieving keys
- Generating Keys
- KeyGenerator
- KeyPairGenerator
- Digital Signature
- Creating Signature
- Verifying Signature
- Java Cryptography Resources
- Java Cryptography - Quick Guide
- Java Cryptography - Resources
- Java Cryptography - Discussion
Java Cryptography - Verifying Signature
You can create digital signature using Java and verify it following the steps given below.
Step 1: Create a KeyPairGenerator object
The KeyPairGenerator class provides getInstance() method which accepts a String variable representing the required key-generating algorithm and returns a KeyPairGenerator object that generates keys.
Create KeyPairGenerator object using the getInstance() method as shown below.
//Creating KeyPair generator object
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("DSA");
Step 2: Initialize the KeyPairGenerator object
The KeyPairGenerator class provides a method named initialize() method. This method is used to initialize the key pair generator. This method accepts an integer value representing the key size.
Initialize the KeyPairGenerator object created in the previous step using the initialize() method as shown below.
//Initializing the KeyPairGenerator keyPairGen.initialize(2048);
Step 3: Generate the KeyPairGenerator
You can generate the KeyPair using the generateKeyPair() method. Generate the keypair using this method as shown below.
//Generate the pair of keys KeyPair pair = keyPairGen.generateKeyPair();
Step 4: Get the private key from the pair
You can get the private key from the generated KeyPair object using the getPrivate() method.
Get the private key using the getPrivate() method as shown below.
//Getting the private key from the key pair PrivateKey privKey = pair.getPrivate();
Step 5: Create a signature object
The getInstance() method of the Signature class accepts a string parameter representing required signature algorithm and returns the respective Signature object.
Create an object of the Signature class using the getInstance() method.
//Creating a Signature object
Signature sign = Signature.getInstance("SHA256withDSA");
Step 6: Initialize the Signature object
The initSign() method of the Signature class accepts a PrivateKey object and initializes the current Signature object.
Initialize the Signature object created in the previous step using the initSign() method as shown below.
//Initialize the signature sign.initSign(privKey);
Step 7: Add data to the Signature object
The update() method of the Signature class accepts a byte array representing the data to be signed or verified and updates the current object with the data given.
Update the initialized Signature object by passing the data to be signed to the update() method in the form of byte array as shown below.
byte[] bytes = "Hello how are you".getBytes(); //Adding data to the signature sign.update(bytes);
Step 8: Calculate the Signature
The sign() method of the Signature class returns the signature bytes of the updated data.
Calculate the Signature using the sign() method as shown below.
//Calculating the signature byte[] signature = sign.sign();
Step 9: Initialize the signature object for verification
To verify a Signature object you need to initialize it first using the initVerify() method it method accepts a PublicKey object.
Therefore, initialize the Signature object for verification using the initVerify() method as shown below.
//Initializing the signature sign.initVerify(pair.getPublic());
Step 10: Update the data to be verified
Update the initialized (for verification) object with the data the data to be verified using the update method as shown below.
//Update the data to be verified sign.update(bytes);
Step 11: Verify the Signature
The verify() method of the Signature class accepts another signature object and verifies it with the current one. If a match occurs, it returns true else it returns false.
Verify the signature using this method as shown below.
//Verify the signature boolean bool = sign.verify(signature);
Example
Following Java program accepts a message from the user, generates a digital signature for the given message, and verifies it.
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Signature;
import java.util.Scanner;
public class SignatureVerification {
public static void main(String args[]) throws Exception{
//Creating KeyPair generator object
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("DSA");
//Initializing the key pair generator
keyPairGen.initialize(2048);
//Generate the pair of keys
KeyPair pair = keyPairGen.generateKeyPair();
//Getting the privatekey from the key pair
PrivateKey privKey = pair.getPrivate();
//Creating a Signature object
Signature sign = Signature.getInstance("SHA256withDSA");
//Initializing the signature
sign.initSign(privKey);
byte[] bytes = "Hello how are you".getBytes();
//Adding data to the signature
sign.update(bytes);
//Calculating the signature
byte[] signature = sign.sign();
//Initializing the signature
sign.initVerify(pair.getPublic());
sign.update(bytes);
//Verifying the signature
boolean bool = sign.verify(signature);
if(bool) {
System.out.println("Signature verified");
} else {
System.out.println("Signature failed");
}
}
}
Output
The above program generates the following output −
Signature verified
To Continue Learning Please Login