DsaSignatureVerifier.java - Verifying DSA Digital Signature

This section provides tutorial example on how to verifying a digital signature for a message file with the DSA public key using the SHA1withDSA algorithm.

When a DSA digital signature is generated, it should be delivered to the receiver together with the original document, and the DSA public key for her/him to verify.

Now let's pretend we are the document receiver and want to verify the digital signature to ensure that no one has modified the document or the signature. I wrote another Java program to do this using the java.security.Signature class:

/* DsaSignatureVerifier.java
 * Copyright (c) HerongYang.com. All Rights Reserved.
 */
import java.io.*;
import java.security.*;
import java.security.spec.*;
class DsaSignatureVerifier {
   public static void main(String[] a) {
      if (a.length<3) {
         System.out.println("Usage:");
         System.out.println("java DsaSignatureGenerator keyFile"
            + " msgFile sigFile");
         return;
      }
      String keyFile = a[0];
      String msgFile = a[1];
      String sigFile = a[2];
      String keyAlgo = "DSA";
      String sigAlgo = "SHA1withDSA";

      try {
         PublicKey pubKey = readPublicKey(keyFile,keyAlgo);
         byte[] sign = readSignature(sigFile);
         verify(msgFile,sigAlgo,sign,pubKey);
      } catch (Exception e) {
         System.out.println("Exception: "+e);
         return;
      }
   }
   private static PublicKey readPublicKey(String input,
         String algorithm) throws Exception {
      FileInputStream pubKeyStream = new FileInputStream(input);
      int pubKeyLength = pubKeyStream.available();
      byte[] pubKeyBytes = new byte[pubKeyLength];
      pubKeyStream.read(pubKeyBytes);
      pubKeyStream.close();
      X509EncodedKeySpec pubKeySpec 
         = new X509EncodedKeySpec(pubKeyBytes);
      KeyFactory keyFactory = KeyFactory.getInstance(algorithm);
      PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
      System.out.println();
      System.out.println("Public Key Info: ");
      System.out.println("Algorithm = "+pubKey.getAlgorithm());
      return pubKey;
   }
   private static byte[] readSignature(String input) 
         throws Exception {
      FileInputStream signStream = new FileInputStream(input);
      int signLength = signStream.available();
      byte[] signBytes = new byte[signLength];
      signStream.read(signBytes);
      signStream.close();
      return  signBytes;
   }
   private static boolean verify(String input, String algorithm, 
         byte[] sign, PublicKey pubKey) throws Exception {
      Signature sg = Signature.getInstance(algorithm);
      sg.initVerify(pubKey);
      System.out.println();
      System.out.println("Signature Object Info: ");
      System.out.println("Algorithm = "+sg.getAlgorithm());
      System.out.println("Provider = "+sg.getProvider());
      FileInputStream in = new FileInputStream(input);
      int bufSize = 1024;
      byte[] buffer = new byte[bufSize];
      int n = in.read(buffer,0,bufSize);
      int count = 0;
      while (n!=-1) {
         count += n;
         sg.update(buffer,0,n);
         n = in.read(buffer,0,bufSize);
      }
      in.close();
      boolean ok = sg.verify(sign);
      System.out.println("Verify Processing Info: ");
      System.out.println("Number of input bytes = "+count);
      System.out.println("Verification result = "+ok);
      return ok;
   }
}

Some notes on the sample program, DsaSignatureVerifier.java:

Table of Contents

 About This Book

 Cryptography Terminology

 Cryptography Basic Concepts

 Introduction to AES (Advanced Encryption Standard)

 Introduction to DES Algorithm

 DES Algorithm - Illustrated with Java Programs

 DES Algorithm Java Implementation

 DES Algorithm - Java Implementation in JDK JCE

 DES Encryption Operation Modes

 DES in Stream Cipher Modes

 PHP Implementation of DES - mcrypt

 Blowfish - 8-Byte Block Cipher

 Secret Key Generation and Management

 Cipher - Secret Key Encryption and Decryption

 Introduction of RSA Algorithm

 RSA Implementation using java.math.BigInteger Class

 Introduction of DSA (Digital Signature Algorithm)

Java Default Implementation of DSA

 DsaKeyGenerator.java - Generating DSA Key Pair

 DSA 512-bit and 1024-bit Key Pair Examples

 DsaKeyChecker.java - Reading and Checking DSA Keys

 Example of DSA Key Parameters and Properties

 java.security.Signature - The Data Signing Class

 DsaSignatureGenerator.java - Generating DSA Digital Signature

 DsaSignatureGenerator.java Test Results

DsaSignatureVerifier.java - Verifying DSA Digital Signature

 DsaSignatureVerifier.java Test Results

 Private key and Public Key Pair Generation

 PKCS#8/X.509 Private/Public Encoding Standards

 Cipher - Public Key Encryption and Decryption

 MD5 Mesasge Digest Algorithm

 SHA1 Mesasge Digest Algorithm

 OpenSSL Introduction and Installation

 OpenSSL Generating and Managing RSA Keys

 OpenSSL Managing Certificates

 OpenSSL Generating and Signing CSR

 OpenSSL Validating Certificate Path

 "keytool" and "keystore" from JDK

 "OpenSSL" Signing CSR Generated by "keytool"

 Migrating Keys from "keystore" to "OpenSSL" Key Files

 Certificate X.509 Standard and DER/PEM Formats

 Migrating Keys from "OpenSSL" Key Files to "keystore"

 Using Certificates in IE

 Using Certificates in Google Chrome

 Using Certificates in Firefox

 Archived Tutorials

 References

 Full Version in PDF/EPUB