|
If you have data for which a digital signature was generated, you can verify the authenticity of the signature. To do so, you need
In this example you write a VerSig
program to verify the signature generated by the
GenSig program.
This demonstrates
the steps required to verify the authenticity of an alleged signature.
VerSig imports a public key and a signature that is alleged
to be the signature of a specified data file and then verifies
the authenticity of the signature. The public key,
signature, and data file names are specified on the command line.
The steps to create the VerSig sample program to
import the files and to verify the signature are the following.
Prepare Initial Program Structure
Create a text file named VerSig.java.
Type in the initial program
structure (import statements, class name, main
method, and so on).
Input and Convert the Encoded Public Key Bytes
Import the encoded public key bytes from the file specified as the first
command line argument
and convert them to a PublicKey.
Input the signature bytes from the file specified as the second command line argument.
Get a Signature object and initialize it
with the public key for verifying the signature.
Supply it with the data whose signature is to be
verified (from the file specified as the third
command line argument), and verify the signature.
|
