Previous | Next | Trail Map | Security in JDK 1.1 | Contents

Using the Security API to Generate and Verify a Signature

This lesson walks you through the steps necessary to use the Java Security API to generate a digital signature for data, and to verify that a signature is authentic.

In this lesson, we create a Java application named testSig that uses the Digital Signature Algorithm (DSA) to sign data contained in a file. The application gets the file name from the command line.

The steps to create our sample program to sign and verify data using the Security API are the following:

Step 1: Prepare Initial Program Structure

Create a text file named Type in the initial program structure (import statements, class name, main method, and so on).

Step 2: Generate Public and Private Keys

Generate a key pair (public key and private key). The private key is needed for signing the data, the public key for verifying the signature.

Step 3: Sign the Data

Get a Signature object that can generate and verify signatures. Initialize it, supply it the data to be signed, and generate the signature.

Step 4: Verify the Signature

Initialize the Signature object for verifying the signature. Supply the Signature object the data that was signed, the public key, and the signature, and ask it to do the verification.

Step 5: Compile the Program

Use javac to compile the Java program created in the previous steps.

Step 6: Run the Program

And finally, use java, the Java interpreter, to run the program.

Previous | Next | Trail Map | Security in JDK 1.1 | Contents