Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Other JSE/JEE APIs and the fly likes DSA - Signature failed Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Other JSE/JEE APIs
Bookmark "DSA - Signature failed" Watch "DSA - Signature failed" New topic
Author

DSA - Signature failed

Murali Sekhar
Greenhorn

Joined: Mar 11, 2002
Posts: 4
The following program failed in verifying. Can somebody tell me where I am doing mistake...
import java.io.*;
import java.security.*;
import java.security.interfaces.*;
import sun.misc.BASE64Encoder;
import java.security.spec.*;
public class JCETest {
public static void main(String[] args) throws Exception {
FileReader fr = new FileReader("c:/ebmessage.xml");
BufferedReader br = new BufferedReader(fr);
String message = "";
String record = "";
while((record = br.readLine()) != null)
{
record = br.readLine();
message+=record;

}

byte[] messageBytes = message.getBytes("UTF8");

KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA","SUN");
SecureRandom raandom = SecureRandom.getInstance("SHA1PRNG", "SUN");
kpg.initialize(1024, raandom);
System.out.println("Generating a key pair...");
KeyPair mykeyPair = kpg.generateKeyPair();
System.out.println("Done generating keys.\n");

Signature dsa = Signature.getInstance("SHA1withDSA", "SUN");

DSAPrivateKey priKey = (DSAPrivateKey)mykeyPair.getPrivate();
dsa.initSign(priKey);
dsa.update(messageBytes);
byte[] sign = dsa.sign();


DSAPublicKey pKey = (DSAPublicKey)mykeyPair.getPublic();
dsa.initVerify(pKey);
//dsa.update(sign);
boolean verifies = dsa.verify(sign);

System.out.println("signature verifies: " + verifies);


}
}
Thomas Paul
mister krabs
Ranch Hand

Joined: May 05, 2000
Posts: 13974
Murali, please update your display name to meet the requirements of JavaRanch. You must use you real first anme -space - your real last name.
As to your question:
You aren't using the signatures correctly. Let's think about what you are trying to do. You have a message and you want to verify that it came from Al Capone. Al Capone sends you his public cipher and a message that can only be generated with Al Capone's private cipher. You want to verify that the message that came in the clear is identical to Al's secret message. If they are then the original message really did come from Al and you can make your Valetine's Day plans.
How to do that? Change this line:
//dsa.update(sign);
to
dsa.update(messageBytes);
happy encrypting!


Associate Instructor - Hofstra University
Amazon Top 750 reviewer - Blog - Unresolved References - Book Review Blog
Murali Sekhar
Greenhorn

Joined: Mar 11, 2002
Posts: 4
Thanx Paul,
Its working.great!
Murali
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: DSA - Signature failed
 
Similar Threads
Return Token with Private/Public keys
Unusual FileNotFoundException error
Writing to File
Create .txt file
Exception errror in a program