Another way is using message digest. First we generate a message digest from the message using hash function. Then the message digest is encrypted using private key. This way we can authenticate the sender by decrypting it using public key. And the message is verified by generating a new message digest from the message. If the digests are equal then the message is verified. We will try to implement this way in Java.
First, we create the message that we want to sign. Here we also create an array of byte from the text message.
Next, we need to generate a message digest from the message. The code below simply calls a method that generates a message digest from the message above. I have posted how to generate a message digest here and here.
Next, we need to encrypt the message digest using our private key as shown below. Here is the post that explains our code below.
The cipherByte above is our digital signature. We can now send it along with the message string to the recipients.
When the recipient receives our message, he/she needs to authenticate the signature. The recipient can achieve this by decrypting the signature with our shared public key as shown below. Here is the post that explains our code below.
If it succeeds, we can obtain the decrypted message digest. This also means that the signature is authenticated, but we still need to verify the message to make sure that it is intact. Using the plain message that was sent along with the signature, we can generate a new message digest as shown below.
Our next step is to compare those two message digests. If those two are equal then the signature is verified.
1 comments:
The above posted detail helped me to learn about this super cool gadget. One of my friend is having this type of signature pad but I never felt the need for it. After reading this detail I find that its of great use to me. I will surely buy it.
what is a digital signature
Post a Comment