The JavaTM Tutorial
Previous Page Lesson Contents Next Page Start of Tutorial > Start of Trail > Start of Lesson Search

Trail: Security in JDK 1.1
Lesson: Using the Security API to Generate and Verify a Signature

Step 3: Sign the Data

After we have created a public and private key, we are ready to sign the data.

In this example we will sign the data contained in a file. We get the file name from the command line.

A digital signature is created (or verified) using an instance of the Signature class.

Signing data is done with the following steps:

Get a Signature Object:

The following gets a Signature object for generating (or verifying) signatures using the DSA algorithm. Note that this is the same algorithm for which we generated keys in the previous step, Step 2.
            Signature dsa = Signature.getInstance("SHA/DSA"); 

Note: When specifying the signature algorithm name, you should also include the name of the message digest algorithm used by the signature algorithm. The DSA algorithm is defined to use the SHA-1 message digest algorithm. "SHA" is often used to refer to the SHA-1 algorithm.

Initialize the Signature Object

Before a Signature object can be used for signing (or verifying), it must be initialized. The initialization method for signing requires a private key. We extract and use the private key from the key pair generated in the previous step:

            PrivateKey priv = pair.getPrivate();

            dsa.initSign(priv);

Supply the Signature Object the Data to be Signed

Our example will use the data from the file whose name is specified as the first (and only) command-line argument. We will read in the data a byte at a time, and supply it to the Signature object by calling the update method:
            FileInputStream fis = new FileInputStream(args[0]);
            byte b;
            while (fis.available() != 0) {
                b = (byte) fis.read();
                dsa.update(b);
                };

            fis.close();

Generate the Signature

Once we have supplied all the data to the Signature object, we can generate the digital signature of that data:

            byte[] sig = dsa.sign();

Previous Page Lesson Contents Next Page Start of Tutorial > Start of Trail > Start of Lesson Search