This lesson walks you through the steps necessary to use the Java Security API to generate a digital signature for data, and to verify that a signature is authentic.
In this lesson, we create a Java application named
testSigthat uses the Digital Signature Algorithm (DSA) to sign data contained in a file. The application gets the file name from the command line.
The steps to create our sample program to sign and verify data using the Security API are the following:
Step 1: Prepare Initial Program StructureCreate a text file named
testSig.java. Type in the initial program structure (import statements, class name,
mainmethod, and so on).
Step 2: Generate Public and Private KeysGenerate a key pair (public key and private key). The private key is needed for signing the data, the public key for verifying the signature.
Step 3: Sign the DataGet a Signature object that can generate and verify signatures. Initialize it, supply it the data to be signed, and generate the signature.
Step 4: Verify the SignatureInitialize the Signature object for verifying the signature. Supply the Signature object the data that was signed, the public key, and the signature, and ask it to do the verification.
Step 5: Compile the ProgramUse
javacto compile the Java program created in the previous steps.
Step 6: Run the ProgramAnd finally, use
java, the Java interpreter, to run the program.