Verifying a Digital Signature验证数字签名

If you have data for which a digital signature was generated, you can verify the authenticity of the signature. To do so, you need如果您有生成数字签名的数据，则可以验证签名的真实性。为此，您需要

• the data数据
• the signature签名
• the public key corresponding to the private key used to sign the data与用于对数据进行签名的私钥对应的公钥

In this example you write a VerSig program to verify the signature generated by the GenSig program. This demonstrates the steps required to verify the authenticity of an alleged signature.在这个例子中，您编写了一个VerSig程序来验证GenSig程序生成的签名。这演示了验证所谓签名真实性所需的步骤。

VerSig imports a public key and a signature that is alleged to be the signature of a specified data file and then verifies the authenticity of the signature. 导入公钥和据称是指定数据文件签名的签名，然后验证签名的真实性。The public key, signature, and data file names are specified on the command line.公钥、签名和数据文件名在命令行上指定。

The steps to create the VerSig sample program to import the files and to verify the signature are the following.创建VerSig示例程序以导入文件和验证签名的步骤如下。

1. Prepare Initial Program Structure准备初始程序结构

   Create a text file named VerSig.java. Type in the initial program structure (import statements, class name, main method, and so on).创建一个名为VerSigjava的文本文件。键入初始程序结构（导入语句、类名、main方法等）。

2. Input and Convert the Encoded Public Key Bytes输入并转换编码的公钥字节

   Import the encoded public key bytes from the file specified as the first command line argument and convert them to a PublicKey.从指定为第一个命令行参数的文件中导入编码的公钥字节，并将其转换为PublicKey。

3. Input the Signature Bytes输入签名字节

   Input the signature bytes from the file specified as the second command line argument.从指定为第二个命令行参数的文件中输入签名字节。

4. Verify the Signature验证签名

   Get a Signature object and initialize it with the public key for verifying the signature. Supply it with the data whose signature is to be verified (from the file specified as the third command line argument), and verify the signature.获取Signature对象，并使用公钥对其进行初始化，以验证签名。向它提供要验证其签名的数据（来自指定为第三个命令行参数的文件），并验证签名。

5. Compile and Run the Program编译并运行程序