This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
Good day all, I would like to know the difference between digital signatures and hashing. For example, if i make a hash of a certificate using the message digest class and then encrypt the result.... would this be a signature? Does the following method describe a signature? :
At sending end: Hash generated certificate Encrypt hashed value using private key Send certificate, encrypted hash value over connection
At receiving end: Receive certificate and encrypted hash value Using the public key of certificate, decrypt and obtain the hash value....(A) Make a hash of the received certificate using the same algorithm from the sending end, and compare this hashed value with the hash in line (A) If they are equal ..and so on
Does the above represent a digital signature? Or do i have to use the signature class to accomplish authenticity? Another question, a generated certificate using the bouncycastle library, does it contain a signature?What is a signature? From my knowledge, I think a signature is the hashed value of the certificate encrypted using an algorithm. Am i correct? If this is true then the above method i described should suffice.....?