Cryptography Tutorials - Herong's Tutorial Examples - v5.42, by Herong Yang
DsaSignatureVerifier.java - Verifying DSA Digital Signature
This section provides tutorial example on how to verifying a digital signature for a message file with the DSA public key using the SHA1withDSA algorithm.
When a DSA digital signature is generated, it should be delivered to the receiver together with the original document, and the DSA public key for her/him to verify.
Now let's pretend we are the document receiver and want to verify the digital signature to ensure that no one has modified the document or the signature. I wrote another Java program to do this using the java.security.Signature class:
/* DsaSignatureVerifier.java * Copyright (c) HerongYang.com. All Rights Reserved. */ import java.io.*; import java.security.*; import java.security.spec.*; class DsaSignatureVerifier { public static void main(String[] a) { if (a.length<3) { System.out.println("Usage:"); System.out.println("java DsaSignatureGenerator keyFile" + " msgFile sigFile"); return; } String keyFile = a[0]; String msgFile = a[1]; String sigFile = a[2]; String keyAlgo = "DSA"; String sigAlgo = "SHA1withDSA"; try { PublicKey pubKey = readPublicKey(keyFile,keyAlgo); byte[] sign = readSignature(sigFile); verify(msgFile,sigAlgo,sign,pubKey); } catch (Exception e) { System.out.println("Exception: "+e); return; } } private static PublicKey readPublicKey(String input, String algorithm) throws Exception { FileInputStream pubKeyStream = new FileInputStream(input); int pubKeyLength = pubKeyStream.available(); byte[] pubKeyBytes = new byte[pubKeyLength]; pubKeyStream.read(pubKeyBytes); pubKeyStream.close(); X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(pubKeyBytes); KeyFactory keyFactory = KeyFactory.getInstance(algorithm); PublicKey pubKey = keyFactory.generatePublic(pubKeySpec); System.out.println(); System.out.println("Public Key Info: "); System.out.println("Algorithm = "+pubKey.getAlgorithm()); return pubKey; } private static byte[] readSignature(String input) throws Exception { FileInputStream signStream = new FileInputStream(input); int signLength = signStream.available(); byte[] signBytes = new byte[signLength]; signStream.read(signBytes); signStream.close(); return signBytes; } private static boolean verify(String input, String algorithm, byte[] sign, PublicKey pubKey) throws Exception { Signature sg = Signature.getInstance(algorithm); sg.initVerify(pubKey); System.out.println(); System.out.println("Signature Object Info: "); System.out.println("Algorithm = "+sg.getAlgorithm()); System.out.println("Provider = "+sg.getProvider()); FileInputStream in = new FileInputStream(input); int bufSize = 1024; byte[] buffer = new byte[bufSize]; int n = in.read(buffer,0,bufSize); int count = 0; while (n!=-1) { count += n; sg.update(buffer,0,n); n = in.read(buffer,0,bufSize); } in.close(); boolean ok = sg.verify(sign); System.out.println("Verify Processing Info: "); System.out.println("Number of input bytes = "+count); System.out.println("Verification result = "+ok); return ok; } }
Some notes on the sample program, DsaSignatureVerifier.java:
Table of Contents
Introduction to AES (Advanced Encryption Standard)
DES Algorithm - Illustrated with Java Programs
DES Algorithm Java Implementation
DES Algorithm - Java Implementation in JDK JCE
DES Encryption Operation Modes
PHP Implementation of DES - mcrypt
Blowfish - 8-Byte Block Cipher
Secret Key Generation and Management
Cipher - Secret Key Encryption and Decryption
RSA Implementation using java.math.BigInteger Class
Introduction of DSA (Digital Signature Algorithm)
►Java Default Implementation of DSA
DsaKeyGenerator.java - Generating DSA Key Pair
DSA 512-bit and 1024-bit Key Pair Examples
DsaKeyChecker.java - Reading and Checking DSA Keys
Example of DSA Key Parameters and Properties
java.security.Signature - The Data Signing Class
DsaSignatureGenerator.java - Generating DSA Digital Signature
DsaSignatureGenerator.java Test Results
►DsaSignatureVerifier.java - Verifying DSA Digital Signature
DsaSignatureVerifier.java Test Results
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Cipher - Public Key Encryption and Decryption
OpenSSL Introduction and Installation
OpenSSL Generating and Managing RSA Keys
OpenSSL Generating and Signing CSR
OpenSSL Validating Certificate Path
"keytool" and "keystore" from JDK
"OpenSSL" Signing CSR Generated by "keytool"
Migrating Keys from "keystore" to "OpenSSL" Key Files
Certificate X.509 Standard and DER/PEM Formats
Migrating Keys from "OpenSSL" Key Files to "keystore"