JDK Tutorials - Herong's Tutorial Notes - JCA

JDK Tutorials - Herong's Tutorial Notes

Dr. Herong Yang, Version 4.32, 2006

JCA - Digital Signature

Part: 1 2 3 4 5

JDK Tutorials - Herong's Tutorial Notes © Dr. Herong Yang

Internationalization

Character Set and Encoding

Socket Communication

Document Object Model (DOM)

XSD Validation in Java

XSL - Transformer in Java

JCA - Private and Public Key Pairs

JCE - Secret Key

SSL (Secure Socket Layer)

SSL - Client Authentication

... Table of Contents

(Continued from previous part...)

Here is the result of my first test. It is done with JDK 1.3.1.

javac -classpath . JcaSignatureTest.java

java -cp . JcaSignatureTest JcaSignatureTest.class 
   sign.dsa DSA SHA1withDSA

Signature Object Info:
Algorithm = SHA1withDSA
Provider = SUN version 1.2

Sign Processing Info:
Number of input bytes = 3154
Number of output bytes = 46

Signature Object Info:
Algorithm = SHA1withDSA
Provider = SUN version 1.2
Verify Processing Info:
Number of input bytes = 3154
Verification result = true

java HexWriter sign.dsa sign_dsa.hex
Number of input bytes: 46

type sign_dsa.hex
302C0214008C8936A9A4C5B68D297C23
F867351E036231C00214199BF3F4FF82
C4C4AC4A086F2013290A8FAEFC05

The program seems to be working:

A pair of keys is generated using the DSA algorithm first.
Then a signature is generated for input file, JcaSignatureTest.class, using the SHA1withDSA algorithm, which uses SHA-1 for the message digest generation, and DSA for encryption.
Finally, the signature is verified with the public key and the result shows that the signature is valid.

Of course, you can choose other combinations of different key pair generation algorithms and message digest algorithms. For example:

java -cp . JcaSignatureTest JcaSignatureTest.class 
   sign.rsa RSA SHA1withRSA

Signature Object Info:
Algorithm = SHA1withRSA
Provider = SunRsaSign version 1.0

Sign Processing Info:
Number of input bytes = 3154
Number of output bytes = 64

Signature Object Info:
Algorithm = SHA1withRSA
Provider = SunRsaSign version 1.0
Verify Processing Info:
Number of input bytes = 3154
Verification result = true

java -cp . JcaSignatureTest JcaSignatureTest.class 
   sign_2.rsa RSA MD5withRSA

Signature Object Info:
Algorithm = MD5withRSA
Provider = SunRsaSign version 1.0

Sign Processing Info:
Number of input bytes = 3154
Number of output bytes = 64

Signature Object Info:
Algorithm = MD5withRSA
Provider = SunRsaSign version 1.0
Verify Processing Info:
Number of input bytes = 3154
Verification result = true

java -cp . JcaSignatureTest JcaSignatureTest.class 
   sign_3.rsa RSA MD2withRSA

Signature Object Info:
Algorithm = MD2withRSA
Provider = SunRsaSign version 1.0

Sign Processing Info:
Number of input bytes = 3154
Number of output bytes = 64

Signature Object Info:
Algorithm = MD2withRSA
Provider = SunRsaSign version 1.0
Verify Processing Info:
Number of input bytes = 3154
Verification result = true

This sample program generates the signature and verify the signature in single program. But in the real world, we must have at least two programs, one to be used by the sender of the date to generate the signature, and the other to be used by the receiver to verify the signature.

(Continued on next part...)

Part: 1 2 3 4 5

Dr. Herong Yang, updated in 2006

JDK Tutorials - Herong's Tutorial Notes - JCA - Digital Signature