java.security
Class Signature

java.lang.Object
  |
  +--java.security.Signature

public abstract class Signature

extends Object

This Signature class is used to provide applications the functionality of a digital signature algorithm. Digital signatures are used for authentication and integrity assurance of digital data.

The signature algorithm can be, among others, the NIST standard DSA, using DSA and SHA-1. The DSA algorithm using the SHA-1 message digest algorithm can be specified as SHA1withDSA. In the case of RSA, there are multiple choices for the message digest algorithm, so the signing algorithm could be specified as, for example, MD2withRSA, MD5withRSA, or SHA1withRSA. The algorithm name must be specified, as there is no default. When an algorithm name is specified, the system will determine if there is an implementation of the algorithm requested available in the environment, and if there is more than one, if there is a preferred one.

A Signature object can be used to generate and verify digital signatures.

There are three phases to the use of a Signature object for verifying a signature:

1. Initialization, with a public key, which initializes the signature for verification
2. Updating

   Depending on the type of initialization, this will update the bytes to be verified.

3. Verifying a signature on all updated bytes.

Method Summary

static Signature	getInstance(String algorithm) Generates a Signature object that implements the specified digest algorithm.
void	initVerify(PublicKey publicKey) Initializes this object for verification.
void	update(byte[] data, int off, int len) Updates the data to be verified, using the specified array of bytes, starting at the specified offset.
boolean	verify(byte[] signature) Verifies the passed-in signature.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getInstance

public static Signature getInstance(String algorithm)
                             throws NoSuchAlgorithmException

Generates a Signature object that implements the specified digest algorithm.

Parameters:

algorithm - the standard name of the algorithm requested. See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.

Returns:

the new Signature object.

Throws:

NoSuchAlgorithmException - if the algorithm is not available in the environment.

initVerify

public final void initVerify(PublicKey publicKey)
                      throws InvalidKeyException

Initializes this object for verification. If this method is called again with a different argument, it negates the effect of this call.

Parameters:

publicKey - the public key of the identity whose signature is going to be verified.

Throws:

InvalidKeyException - if the key is invalid.

verify

public final boolean verify(byte[] signature)
                     throws SignatureException

Verifies the passed-in signature.

A call to this method resets this signature object to the state it was in when previously initialized for verification via a call to initVerify(PublicKey). That is, the object is reset and available to verify another signature from the identity whose public key was specified in the call to initVerify.

Parameters:

signature - the signature bytes to be verified.

Returns:

true if the signature was verified, false if not.

Throws:

SignatureException - if this signature object is not initialized properly, or the passed-in signature is improperly encoded or of the wrong type, etc.

update

public final void update(byte[] data,
                         int off,
                         int len)
                  throws SignatureException

Updates the data to be verified, using the specified array of bytes, starting at the specified offset.

Parameters:

data - the array of bytes.

off - the offset to start from in the array of bytes.

len - the number of bytes to use, starting at offset.

Throws:

SignatureException - if this signature object is not initialized properly.