1

I cannot find any good (complete) documentation on how to exchange a public/private key signed message in Java.

I have yet to find a concise document on the minimum steps needed to generate a public key and private key using DSA, sign a byte[], and verify it.

The documentation from Oracle is too broken up and requires running across multiple JVMs.

Improve this question

1 Answer 1

Reset to default
3

I have successfully signed a byte array with a private key and verified it with a public key.

Example.

    byte[] data = "hello.".getBytes();

    /* Test generating and verifying a DSA signature */
    try {
        /* generate a key pair */
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
        keyGen.initialize(1024, new SecureRandom());
        KeyPair pair = keyGen.generateKeyPair();

        /* create a Signature object to use
         * for signing and verifying */
        Signature dsa = Signature.getInstance("SHA/DSA"); 

        /* initialize the Signature object for signing */
        PrivateKey priv = pair.getPrivate();
        dsa.initSign(priv);

        /* Update and sign the data */
        dsa.update(data);

        /* Now that all the data to be signed
         * has been read in, sign it */
        byte[] sig = dsa.sign();

        /* Verify the signature */

        /* Initialize the Signature object for verification */
        PublicKey pub = pair.getPublic();
        dsa.initVerify(pub);

        /* Update and verify the data */
        dsa.update(data);

        boolean verifies = dsa.verify(sig);
        Assert.assertTrue(verifies);
    } catch (Exception e) {
        System.err.println("Caught exception " + e.toString());
    }

In this version, I serialize the public key into a byte array and then create a PublicKey from that byte array.

    byte[] data = "hello.".getBytes();

    /* Test generating and verifying a DSA signature */
    try {
        /* generate a key pair */
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
        keyGen.initialize(1024, new SecureRandom());
        KeyPair pair = keyGen.generateKeyPair();

        /* create a Signature object to use
         * for signing and verifying */
        Signature dsa = Signature.getInstance("SHA/DSA"); 

        /* initialize the Signature object for signing */
        PrivateKey priv = pair.getPrivate();
        dsa.initSign(priv);

        /* Update and sign the data */
        dsa.update(data);

        /* Now that all the data to be signed
         * has been read in, sign it */
        byte[] sig = dsa.sign();

        /* Verify the signature */

        /* Initialize the Signature object for verification */
        PublicKey pub = pair.getPublic();
        /* Encode the public key into a byte array */
        byte[] encoded = pub.getEncoded();
        /* Get the public key from the encoded byte array */
        PublicKey fromEncoded = KeyFactory.getInstance("DSA", "SUN").generatePublic(new X509EncodedKeySpec(encoded));
        dsa.initVerify(fromEncoded);

        /* Update and verify the data */
        dsa.update(data);

        boolean verifies = dsa.verify(sig);
        Assert.assertTrue(verifies);
    } catch (Exception e) {
        System.err.println("Caught exception " + e.toString());
    }
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.