The Java Tutorials have been written for JDK 8.Java教程是为JDK 8编写的。Examples and practices described in this page don't take advantage of improvements introduced in later releases and might use technology no longer available.本页中描述的示例和实践没有利用后续版本中引入的改进,并且可能使用不再可用的技术。See Java Language Changes for a summary of updated language features in Java SE 9 and subsequent releases.有关Java SE 9及其后续版本中更新的语言特性的摘要,请参阅Java语言更改。
See JDK Release Notes for information about new features, enhancements, and removed or deprecated options for all JDK releases.有关所有JDK版本的新功能、增强功能以及已删除或不推荐的选项的信息,请参阅JDK发行说明。
You've added code to the 您已将代码添加到VerSig
program toVerSig
程序中
PublicKey
named pubKey
pubKey
的PublicKey
sigToVerify
sigToVerify
的字节数组中You can now proceed to do the verification.现在,您可以继续进行验证。
Initialize the Signature Object for Verification初始化签名对象以进行验证
As with signature generation, a signature is verified by using an instance of the 与签名生成一样,签名是通过使用Signature
class. Signature
类的实例进行验证的。You need to create a 您需要创建一个Signature
object that uses the same signature algorithm as was used to generate the signature. Signature
对象,该对象使用与生成签名相同的签名算法。The algorithm used by the GenSig
program was the SHA1withDSA algorithm from the SUN provider.GenSig
程序使用的算法是SUN提供商的SHA1withDSA算法。
Signature sig = Signature.getInstance("SHA1withDSA", "SUN");
Next, you need to initialize the 接下来,您需要初始化Signature
object. The initialization method for verification requires the public key.Signature
对象。验证的初始化方法需要公钥。
sig.initVerify(pubKey);
Supply the Signature Object With the Data to be Verified向签名对象提供要验证的数据 You now need to supply the 现在,您需要向Signature
object with the data for which a signature was generated. Signature
对象提供生成签名的数据。This data is in the file whose name was specified as the third command line argument. 此数据位于名称被指定为第三个命令行参数的文件中。As you did when signing, read in the data one buffer at a time, and supply it to the 与签名时一样,一次读取一个缓冲区的数据,并通过调用Signature
object by calling the update
method.update
方法将其提供给Signature
对象。
FileInputStream datafis = new FileInputStream(args[2]); BufferedInputStream bufin = new BufferedInputStream(datafis); byte[] buffer = new byte[1024]; int len; while (bufin.available() != 0) { len = bufin.read(buffer); sig.update(buffer, 0, len); }; bufin.close();
Verify the Signature验证签名
Once you have supplied all of the data to the 一旦您将所有数据提供给Signature
object, you can verify the digital signature of that data and report the result. Recall that the alleged signature was read into a byte array called sigToVerify
.Signature
对象,您就可以验证该数据的数字签名并报告结果。回想一下,所谓的签名被读入了一个名为sigToVerify
的字节数组中。
boolean verifies = sig.verify(sigToVerify); System.out.println("signature verifies: " + verifies);
The 如果声称的签名(verifies
value will be true
if the alleged signature (sigToVerify
) is the actual signature of the specified data file generated by the private key corresponding to the public key pubKey
.sigToVerify
)是由与公钥pubKey
对应的私钥生成的指定数据文件的实际签名,则verifies
值将为true
。