This Signature class is used to provide applications the functionality of a digital signature algorithm. Digital signatures are used for authentication and integrity assurance of digital data.
The signature algorithm can be, among others, the NIST standard DSA, using DSA and SHA-1. The DSA algorithm using the SHA-1 message digest algorithm can be specified as SHA1withDSA. In the case of RSA, there are multiple choices for the message digest algorithm, so the signing algorithm could be specified as, for example, MD2withRSA, MD5withRSA, or SHA1withRSA. The algorithm name must be specified, as there is no default.
A Signature object can be used to generate and verify digital signatures.
There are three phases to the use of a Signature object for either signing data or verifying a signature:
- Initialization, with either
- a public key, which initializes the signature for verification (see {@link #initVerify(PublicKey) initVerify}), or
- a private key (and optionally a Secure Random Number Generator), which initializes the signature for signing (see {@link #initSign(PrivateKey)}and {@link #initSign(PrivateKey,SecureRandom)}).
- Updating
Depending on the type of initialization, this will update the bytes to be signed or verified. See the {@link #update(byte) update} methods.
- Signing or Verifying a signature on all updated bytes. See the {@link #sign() sign} methods and the {@link #verify(byte[]) verify}method.
Note that this class is abstract and extends from SignatureSpi for historical reasons. Application developers should only take notice of the methods defined in this Signature class; all the methods in the superclass are intended for cryptographic service providers who wish to supply their own implementations of digital signature algorithms.
@author Benjamin Renaud
@version 1.103, 04/21/06