This section provides a tutorial example on how to write a sample program to generate a private key and a public, generate a digital signature with the private key, and verify the signature with the public key.
The following sample program shows you how to use signature algorithms provided
by the default provider, generate signatures and verify the signatures using the java.security.Signature class:
/**
* JcaSignatureTest.java
* Copyright (c) 2002 by Dr. Herong Yang
*/
import java.io.*;
import java.security.*;
class JcaSignatureTest {
public static void main(String[] a) {
if (a.length<4) {
System.out.println("Usage:");
System.out.println("java JcaSignatureTest input output"
+" keyAlgo signAlgo");
return;
}
String input = a[0];
String output = a[1];
String keyAlgo = a[2];
String signAlgo = a[3];
try {
KeyPair pair = getKeys(keyAlgo);
PrivateKey priKey = pair.getPrivate();
PublicKey pubKey = pair.getPublic();
byte[] sign = sign(input,output,signAlgo,priKey);
verify(input,signAlgo,sign,pubKey);
} catch (Exception e) {
System.out.println("Exception: "+e);
return;
}
}
private static KeyPair getKeys(String algorithm) throws Exception {
KeyPairGenerator kg = KeyPairGenerator.getInstance(algorithm);
int keySize = 512;
kg.initialize(keySize);
KeyPair pair = kg.generateKeyPair();
return pair;
}
private static byte[] sign(String input, String output,
String algorithm, PrivateKey priKey) throws Exception {
Signature sg = Signature.getInstance(algorithm);
sg.initSign(priKey);
System.out.println();
System.out.println("Signature Object Info: ");
System.out.println("Algorithm = "+sg.getAlgorithm());
System.out.println("Provider = "+sg.getProvider());
FileInputStream in = new FileInputStream(input);
int bufSize = 1024;
byte[] buffer = new byte[bufSize];
int n = in.read(buffer,0,bufSize);
int count = 0;
while (n!=-1) {
count += n;
sg.update(buffer,0,n);
n = in.read(buffer,0,bufSize);
}
in.close();
FileOutputStream out = new FileOutputStream(output);
byte[] sign = sg.sign();
out.write(sign);
out.close();
System.out.println();
System.out.println("Sign Processing Info: ");
System.out.println("Number of input bytes = "+count);
System.out.println("Number of output bytes = "+sign.length);
return sign;
}
private static boolean verify(String input, String algorithm,
byte[] sign, PublicKey pubKey) throws Exception {
Signature sg = Signature.getInstance(algorithm);
sg.initVerify(pubKey);
System.out.println();
System.out.println("Signature Object Info: ");
System.out.println("Algorithm = "+sg.getAlgorithm());
System.out.println("Provider = "+sg.getProvider());
FileInputStream in = new FileInputStream(input);
int bufSize = 1024;
byte[] buffer = new byte[bufSize];
int n = in.read(buffer,0,bufSize);
int count = 0;
while (n!=-1) {
count += n;
sg.update(buffer,0,n);
n = in.read(buffer,0,bufSize);
}
in.close();
boolean ok = sg.verify(sign);
System.out.println("Verify Processing Info: ");
System.out.println("Number of input bytes = "+count);
System.out.println("Verification result = "+ok);
return ok;
}
}
Note that:
The first part, getKeys(), is designed to generate a private key and a public key of a given encryption algorithm.
The second part, sign(), is designed to generate a digital signature of a given input data with the private key.
The third part, verify(), is designed to verify the digital signature with the same input data and the public key.
See the next section for testing result of JcaSignatureTest.java.
