Class Signature
Class java.security.Signature
Class Members |
This Package |
All Packages
java.lang.Object
|
+----java.security.Signature
public abstract class Signature
extends Object
This Signature class is used to provide the functionality of a
digital signature algorithm, such as RSA with MD5 or
DSA. Digital signatures are used for authentication and
integrity assurance of digital data.
Like other algorithm-based classes in Java Security, the
Signature class has two major components:
- Digital Signature API (Application Program Interface)
- This is the interface of methods called by applications needing
digital signature services. The API consists of all public methods.
- Digital Signature SPI (Service Provider Interface)
- This is the interface implemented by providers that supply
specific algorithms. It consists of all methods whose names are
prefixed by engine. Each such method is called by a
correspondingly-named public API method. For example, the
engineSign method is called by the
sign method. The SPI methods are abstract;
providers must supply a concrete implementation.
Also like other algorithm-based classes in Java Security, Signature
provides implementation-independent algorithms, whereby a caller
(application code) requests a particular signature algorithm
and is handed back a properly initialized Signature object. It is
also possible, if desired, to request a particular algorithm from a
particular provider. See the getInstance methods.
Thus, there are two ways to request a Signature algorithm object: by
specifying either just an algorithm name, or both an algorithm name
and a package provider.
- If just an algorithm name is specified, the system will
determine if there is an implementation of the algorithm requested
available in the environment, and if there is more than one, if
there is a preferred one.
- If both an algorithm name and a package provider are specified,
the system will determine if there is an implementation of the
algorithm in the package requested, and throw an exception if there
is not.
A Signature object can be used to generate and verify digital
signatures.
There are three phases to the use of a Signature object for
either signing data or verifying a signature:
- Initialization, with either
- a public key, which initializes the signature for
verification (see initVerify), or
- a private key, which initializes the signature for
signing (see initSign).
- Updating
Depending on the type of initialization, this will update the
bytes to be signed or verified. See the update methods.
- Signing or Verifying
a signature on all updated bytes. See sign and verify.