SATSA-CRYPTO supports verification of digital signatures by means of
the Signature class. This class needs to be instantiated
using the getInstance method passing the algorithm's
name, for example SHA1withRSA. Once again the set of supported algorithms
is dependent on the target device or emulator. For algorithms supported in
your SDK, see the implementation
notes for SATSA API.
The Signature object has to be initialized by passing
a public key object on the initVerify method. Upon this
the update method is used to feed the data used to calculate
the signature and the actual verification is done in the verify method. The
code snippet below shows this process:
// Create the key X509EncodedKeySpec encodedPublicKey = new X509EncodedKeySpec(publicKey); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); // generate the public key from the encoded form PublicKey key = keyFactory.generatePublic(encodedPublicKey); // Get the signature instance and initialize Signature sign = Signature.getInstance("RSAwithSHA-1"); sign.initVerify(key); sign.update(message, 0, message.length); sign.verify(signature);
Notice that SATSA-CRYPTO does not support actually signing a message with your own private/public key pair. To do that you need to use SATSA-PKI, which will sign a message with a private/public key pair stored in a security element.