In this example we will learn how to verify the digital signature of the previously signed data. To sign the data you can see the previous example on this post How to create a digital signature and sign data?.
Here the code snippet:
package org.kodejava.security;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;
public class VerifyDigitalSignature {
public static void main(String[] args) {
try {
byte[] publicKeyEncoded = Files.readAllBytes(Paths.get("publickey"));
byte[] digitalSignature = Files.readAllBytes(Paths.get("signature"));
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyEncoded);
KeyFactory keyFactory = KeyFactory.getInstance("DSA", "SUN");
PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
Signature signature = Signature.getInstance("SHA1withDSA", "SUN");
signature.initVerify(publicKey);
byte[] bytes = Files.readAllBytes(Paths.get("README.md"));
signature.update(bytes);
boolean verified = signature.verify(digitalSignature);
if (verified) {
System.out.println("Data verified.");
} else {
System.out.println("Cannot verify data.");
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
Latest posts by Wayan (see all)
- How do I get number of each day for a certain month in Java? - September 8, 2024
- How do I get operating system process information using ProcessHandle? - July 22, 2024
- How do I sum a BigDecimal property of a list of objects using Java Stream API? - July 22, 2024
The above code couldn’t run in my system.
Gave
java.security.spec.InvalidKeySpecException: Inappropriate key specification: IOException: DerInputStream.getLength(): lengthTag=111, too big.
At line >> PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
Hi Subuhi, you might also want to check the following example How to create a digital signature and sign data?