In this article we will see how to sign a document. In order to sign a document, we need a Signature
instance implementing a specified signature algorithm, a private key and the document to be signed.
- We will first need access to private key for signing and then the public key when we want to verify the signature. The security keys are stored in files
sec.priv
andsec.pub
. See here to know more about how to generate and extract security keys. We need to read thesec.priv
and import it intoPrivateKey
object. - Next is to get an instance of
Signature
for a specified signature algorithm. In our case, it isSHA1withDSA
. - We then initialize the signature with the private key and provide the document to be signed.
- We then sign the document, encode the signature and append the signature to the original document.
SignDocumentExample:
package com.javarticles.security; import java.io.BufferedWriter; import java.io.FileWriter; import java.io.IOException; import java.io.Writer; import java.security.Signature; import org.springframework.security.crypto.codec.Base64; public class SignDocumentExample { public static void main(String[] args) { Writer output = null; try { ImportDSAKey keys = new ImportDSAKey("sec.priv", "sec.pub"); String doc = "This is test document"; System.out.println("Sign document (" + doc + ")"); Signature signer = Signature.getInstance("SHA1withDSA"); signer.initSign(keys.getPrivKey()); signer.update(doc.getBytes()); //Sign byte[] signatureBytes = signer.sign(); byte[] encodedSignature = Base64.encode(signatureBytes); String signed = new String(encodedSignature); System.out.println("Encoded key is (" + new String(encodedSignature) +")"); //Signed doc output = new BufferedWriter(new FileWriter("signed.txt")); String signedDoc = doc + " key=" + signed; output.write(signedDoc); System.out.println("Signed document (" + signedDoc +")"); } catch (Exception e) { System.out.println(e); } finally { if (output != null) { try { output.close(); } catch (IOException e) { System.out.println(e); } } } } }
Below class imports the DSA keys.
ImportDSAKey:
package com.javarticles.security; import java.io.FileInputStream; import java.io.IOException; import java.io.ObjectInputStream; import java.math.BigInteger; import java.security.KeyFactory; import java.security.PrivateKey; import java.security.PublicKey; import java.security.spec.DSAPrivateKeySpec; import java.security.spec.DSAPublicKeySpec; public class ImportDSAKey { private PrivateKey privKey; private PublicKey pubKey; public ImportDSAKey(String privateKeyFile, String publicKeyFile) { importPrivateKeys(privateKeyFile); importPublicKeys(publicKeyFile); } private void importPublicKeys(String publicKeyFile) { ObjectInputStream ois = null; try { ois = new ObjectInputStream(new FileInputStream(publicKeyFile)); DSAPublicKeySpec ks = new DSAPublicKeySpec( (BigInteger) ois.readObject(), (BigInteger) ois.readObject(), (BigInteger) ois.readObject(), (BigInteger) ois.readObject()); KeyFactory kf = KeyFactory.getInstance("DSA"); pubKey = kf.generatePublic(ks); } catch (Exception e) { System.out.println(e); } finally { if (ois != null) { try { ois.close(); } catch (IOException e) { System.out.println(e); } } } } private void importPrivateKeys(String privateKeyFile) { ObjectInputStream ois = null; try { ois = new ObjectInputStream( new FileInputStream(privateKeyFile)); DSAPrivateKeySpec ks = new DSAPrivateKeySpec( (BigInteger) ois.readObject(), (BigInteger) ois.readObject(), (BigInteger) ois.readObject(), (BigInteger) ois.readObject()); KeyFactory kf = KeyFactory.getInstance("DSA"); privKey = kf.generatePrivate(ks); } catch (Exception e) { System.out.println(e); } finally { if (ois != null) { try { ois.close(); } catch (IOException e) { System.out.println(e); } } } } public PrivateKey getPrivKey() { return privKey; } public PublicKey getPubKey() { return pubKey; } }
Output:
Sign document (This is test document) Encoded key is (MC0CFQCLjtR/wplDkClarntbIpQSZcqITAIUdpPAb4JXJiKJWYenSe7M35sEem8=) Signed document (This is test document key=MC0CFQCLjtR/wplDkClarntbIpQSZcqITAIUdpPAb4JXJiKJWYenSe7M35sEem8=)
Download the source code
This example was about how to sign a document.
You can download the source code here: javaSignDocument.zip