This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Security and the fly likes Help on signatures Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Help on signatures" Watch "Help on signatures" New topic

Help on signatures

J Krem

Joined: Sep 14, 2004
Posts: 11
Good day all,
I would like to know the difference between digital signatures and hashing. For example, if i make a hash of a certificate using the message digest class and then encrypt the result.... would this be a signature?
Does the following method describe a signature? :

At sending end:
Hash generated certificate
Encrypt hashed value using private key
Send certificate, encrypted hash value over connection

At receiving end:
Receive certificate and encrypted hash value
Using the public key of certificate, decrypt and obtain the hash value....(A)
Make a hash of the received certificate using the same algorithm from the sending end, and compare this hashed value with the hash in line (A)
If they are equal ..and so on

Does the above represent a digital signature? Or do i have to use the signature class to accomplish authenticity? Another question, a generated certificate using the bouncycastle library, does it contain a signature?What is a signature? From my knowledge, I think a signature is the hashed value of the certificate encrypted using an algorithm. Am i correct? If this is true then the above method i described should suffice.....?

subject: Help on signatures
Similar Threads
Help required to solve two drag and drop questions
BadPaddingException using AES
can a .cer file contain private key?
Setting keys
Java Security MOCK