Home.... | log in.... | Pub my question! | Sign-up....

Help with Digital Signature

Hi,

I used the digital signature technique from

http://java.sun.com/docs/books/tutorial/security/apisign/gensig.html

I need to save the private key into file, i save and read it as Object, but when generating the digital signature from the private key saved from the file, the digital signature have some problems.

Any body have some idea?

[371 byte] By [eng.aymana] at [2007-11-27 4:35:29]

«« selection in jtable
»» help needed regarding replication in ds5.2sp4

# 1

> Any body have some idea?Yes! Give us a chance - post your code and detail the problems.

sabre150a at 2007-7-12 9:45:32 >

top of Java-index,Security,Cryptography...

# 2

Here is the code

private byte[] createSignature(String data) throws Exception{

Signature dsa = Signature.getInstance("SHA1withDSA", "SUN");

ObjectInputStream ois = new ObjectInputStream(new FileInputStream(new File("c:/1.txt")));

PrivateKey priv = (PrivateKey) ois.readObject();

dsa.initSign(priv);

dsa.update(data.getBytes(), 0, data.length());

byte[] realSig = dsa.sign();

System.out.println(new String(realSig));

return realSig;

}

Every time i print the DS with the same data and private key i have a different output.

eng.aymana at 2007-7-12 9:45:32 >

# 3

Actually, the way to verify a signature is to run the signature validation algorithm, using the corresponding PublicKey. The fact that the generated output is different for every invocation is probably a result of a random number generator seeding the signature algorithm, providing random padding bytes or both.

The following code shows the verification process (assuming that you are using a KeyStore object for storing the keypair; you might also store the PublicKey or Certificate it in a file by itself, and read it with ObjectInputStream):

Signature dsa = Signature.getInstance("SHA1withDSA",

keyStore.getProvider());

dsa.initVerify(keyStore.getCertificate("alias"));

dsa.update(data.getBytes());

return dsa.verify(signature);

If you are trying to verify that a given plaintext has not been altered, and you want to perform a byte[] comparison, you should better use one of the MessageDigest algorithms, which provide exactly that functionality.

Kind regards,

Anestis

mrAnesta at 2007-7-12 9:45:32 >

# 4

> very time i print the DS with the same data and

> private key i have a different output.

That is correct. The signature has a random element. Have you tried verifying the signature using the public key?

Edit: :-( very slow again.

Message was edited by:

sabre150

sabre150a at 2007-7-12 9:45:32 >

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

Help with Digital Signature

Security New Topic

Security Hot Topic

Security

All Classified