In this chapter, we explore the mechanisms of the digital signature. The use and verification of digital signatures is another standard engine that is included in the security provider architecture. Like the other engines we’ve examined, the classes that implement this engine have both a public interface and an SPI for implementors of the engine.
We’ll start by looking at the interface of the digital
signature engine and see how you can create digitally signed objects
that you can send between programs. We’ll continue by looking
into the details of digitally signed classes, including the
jarsigner tool that creates those classes and
how you can deal with those classes programatically. We’ll
conclude by looking at the details of the engine algorithm and how
you can implement your own digital signature algorithms.
When you handle digital signatures programatically, you perform two
operations on them. You create them by taking a piece of data,
creating a message digest of the data, and signing the message digest
with a private key. The digitally signed data is then transmitted to
someone else, who must verify the digital signature by creating a
message digest of the data and verifying the signed digest using a
public key. All of these operations are embodied within the
Provide an engine to create and verify digital signatures.
The Sun security ...