Module java.base

Class Signature


public abstract class Signature extends SignatureSpi
The Signature class is used to provide applications the functionality of a digital signature algorithm. Digital signatures are used for authentication and integrity assurance of digital data.

The signature algorithm can be, among others, the NIST standard DSA, using DSA and SHA-256. The DSA algorithm using the SHA-256 message digest algorithm can be specified as SHA256withDSA. In the case of RSA the signing algorithm could be specified as, for example, SHA256withRSA. The algorithm name must be specified, as there is no default.

A Signature object can be used to generate and verify digital signatures.

There are three phases to the use of a Signature object for either signing data or verifying a signature:

  1. Initialization, with either
  2. Updating

    Depending on the type of initialization, this will update the bytes to be signed or verified. See the update methods.

  3. Signing or Verifying a signature on all updated bytes. See the sign methods and the verify method.

Note that this class is abstract and extends from SignatureSpi for historical reasons. Application developers should only take notice of the methods defined in this Signature class; all the methods in the superclass are intended for cryptographic service providers who wish to supply their own implementations of digital signature algorithms.

Every implementation of the Java platform is required to support the following standard Signature algorithms:

  • SHA1withDSA
  • SHA256withDSA
  • SHA1withRSA
  • SHA256withRSA
These algorithms are described in the Signature section of the Java Security Standard Algorithm Names Specification. Consult the release documentation for your implementation to see if any other algorithms are supported.