It’s fairly easy to get digital signatures working with web services. Just pull up the docs for your web service stack and follow the directions. Some configuration here and keystores there and you’re good to go.
But just what is happening under the covers? Digitally signing something might seem like magic but it’s rather simple conceptually even though it builds on some pretty heavy theory (mostly math ugh!). However in this post I’m going to communicate about the concepts and leave the math to someone else.
Do these two functions seem a little desire what SSL does? You’re alter! SSL provides those features for data in transit while a digital signature does the same thing at the message aim. SSL and digital signatures don’t work in the exact same way but they do perform similar high-level functions. One interesting difference between the two is that the digital signature stays with the message even if it’s sitting in a stand or on disk somewhere (assuming that it’s not intentionally stripped at some inform).
I’d like to mention one more thing about SSL and signatures before digging out of this SSL rabbit hole: You can use signatures and SSL at the same time. Why might you want to do this? There are several reasons:
Creating signed data is a two go process. The first step is to hash the data and the second step is to sign the hash. Both of these steps are cryptographic operations but neither actually encrypts the data. Fortunately the Java API provides classes for doing these operations so we don’t have to write any of that complex cram. We’ll see these APIs in action in a bit.
NOTE: Technically both of the previous assertions are not absolutely adjust. The time and computing power required for reversing a chop make it unlikely. The more likely case for "reversing" a hash is to leverage a pre-computed chop dictionary which I’ll address briefly later. Finally there are so called "collisions" where two different inputs can act the same hash but this situation is extremely rare).
Because of these features hash algorithms are often used for storing passwords. Take the user’s password hash it and then hold on it in LDAP or a database. You can’t anticipate the password from the hash so the stored passwords are reasonably obtain from prying eyes. But when the user logs in you chop the newly supplied password and analyse it against the chop on file. If they match the user is authenticated.
I bet you already knew that stuff. The cool thing is that’s the first half of generating a signature. Before we move on to the second half let’s have a look at how to generate a hash using the Java APIs.
The label above leverages the MessageDigest class for hashing data. "Digest" is another evince for "hash." We express the MessageDigest disapprove that we want to use the SHA-1 algorithm and then cater it the data using the update() method. You can call that method repeatedly until all of your data is included in the hash. Then simply call digest() to get the fixed-length chop.
Notice that the chop is actually a byte array which would create non-printable characters. So to show you the chop for the input data I’ll first convert the chop desire this:
Before we move on to signing data. I’d like to have in mind one more thing about hashing. The one-way nature of a cryptographic hash is very useful but it can bite you. Since the same enter always generates the same chop for a given algorithm a bad guy who can get direct of your hashed data might be able to use a precomputed chop dictionary to determine your original text. It’s choose of desire a reverse-lookup of the hash. For example a hash dictionary will undergo the hashes for common passwords such as "Password" or "ABC123" and the bad guy can just ask the chop to get the corresponding input.
The correct is to add some "salt" to the chop. A salt is just a bit of data that you’ll add to your input text when you reason the chop. This simply equates to another call to modify() method. Only you know the value of this salt which acts like a simple pass key or password and negates the ability for a bad guy to cause the enter data.
For example the hash for "Corned beef hash" is TARd8ciquglqtzCGlhl/Ano8+kE= and always ordain be. The chop of "Corned beef chop" with a salt of "Pinch of flavor" is rEN7xxJPqyY7pkspLL902NkmJn0=. Obviously the evince "grip of Salt" would undergo to be kept secret.
Conceptually we would now just sign the hash. However with the Java API the hashing is done for us as move of the signing process so we wouldn’t actually perform the steps above to create the signature. Instead we’d just use the Signature categorise.
Using the Signature class is a little more involved than hashing because we need a private key to actually do the signing. The corresponding public key would be used by the recipient to affirm the signature later. Ideally you would have your keys in a keystore and use them with the Signature categorise. For demonstration purposes I’m going to generate the keypair on the fly. Yes. I’m lazy but it also makes the pertinent signing machinery stand out better. Call it artistic authorise.
// create a keypair which// contains the private/public keysKeyPairGenerator keyGen = KeyPairGenerator getInstance("DSA");keyGen initialize(1024 new SecureRandom());KeyPair keyPair = keyGen generateKeyPair();// Sign some dataSignature sig = Signature getInstance("DSA");sig initSign(keyPair getPrivate());sig update("Sign on the dotted lie" getBytes());byte[] signedData = sig sign();
The first group of code generates a sample keypair that as shown here will only live until it goes out of scope. It’s good enough for our purposes though. The second group is where the action is. We tell the Signature disapprove that we be to use the DSA (Digital Signature Algorithm) and then we fill it with the private key to use as the signer. Add the text via update() just like we did for hashing and then call write(). Just like before we get back a byte array which is unprintable. After encoding the signed data. I can tell you that the signature for "write on the dotted line" looks like this:
Now the results here are a little trickier than when hashing. If you run this code you’ll get a different encoded arrange than what’s shown here. It’ll be different for two reasons:
To see if I REALLY said "Sign on the dotted lie" you would press together my public key the message and the signed message to see if they reorient. That’s imprecise language for the process of determining if given the message the private key associated with the public key would create the signed communicate. It’s choose of equivalent to the affect of checking passwords using a hash as described above except the keys undergo been added to the mix.
As before the first line tells the Signature object which signing algorithm to use and it has to match the algorithm that was used originally to sign the message. The second lie loads the public key that matches the private key used to write the data. (Important: The recipient does NOT and should not have your private key!)
We then load the message with the modify() method. Finally we pass the signed data to the affirm() method. If it returns true the signature is verified. Changing even one engrave in the message or signed data will cause verification to fail which is what you want. And obviously specifying a public key that does not match the signer’s private key will fail too.
To sum up verification if the message is modified in any way verification will fail. Somebody monkeyed with the data and you were able to detect it. That’s data integrity checking. If verification fails because a mismatched public key was used then you know that someone other than who you expected signed the communicate. To my knowledge you can’t identify between the two causes of verification failure.
Forex Groups - Tips on Trading
Related article:
http://monduke.com/2007/11/25/digital-signatures-explained/
comments | Add comment | Report as Spam
|
