2

I use java.security.Signature to sign data. Signing does the following process:

  1. Create the hash of the data
  2. Encrypt it with the private key

I would like to store the hash of the data in order to re-sign the content later without the need of the full data. My questions are now:

  1. How do I get the hash of the data? As a workaround, I could hash it on my own again using the same hash function (SHA1, MD5, ...). Is there a better way?
  2. How can I create a signature of the given hash, instead of creating a signature of the data itself?

I'm aware of this thread that describes how Java signs, but the interface does not provide the functionality requested.

Edit 1

The currently used signature algorithm is SHA1 with DSA. Here's the code:

Signature signature = Signature.getInstance("SHA1withDSA");
signature.initSign(privateKey);
ByteBuffer[] byteBuffers = buf.nioBuffers();
int len = byteBuffers.length;
for (int i = 0; i < len; i++) {
    ByteBuffer buffer = byteBuffers[i];
    signature.update(buffer);
}
byte[] signatureData = signature.sign();

Edit 2

With the help of the user mkl, I was able to construct a demo-code that actually runs using RSA. The steps are

  1. Create a dummy object, sign it with private key 1 using the 'official' signature functionality
  2. Decrypt the signature with public key 1 in order to get the hash
  3. Encrypt this hash with private key 2
  4. Verify the 2nd signature using the 'official' signature functionality.

The code can be found here. Even though it is working, I still wonder if there is a more elegant way to do this?

Community
  • 1
  • 1
nico.ruti
  • 605
  • 6
  • 17
  • Which signature algorithms do you use? I ask because not every signature algorithm allows the extraction of a hash. Furthermore, depending on the very hash and signature algorithm combination not all of the hash is used for the signature, merely e.g. the highest 256 bits. – mkl Mar 19 '14 at 13:39
  • @mkl I added some details about the used signature algorithm to the question. Do you have a reference where I can check how the signatures are done in detail? In addition, it would be nice to just get the hash (however the signature instance calculates it) directly from the signature, which can later be used to re-sign. – nico.ruti Mar 19 '14 at 18:49
  • 1
    Unfortunately (in this context) you use DSA. DSA does not allow the extraction of the hash value from the signature, merely the verification of a given hash matches the signature. While e.g. in case of [RSA](http://en.wikipedia.org/wiki/RSA_(cryptosystem)#Signing_messages) a signature is verified by decrypting the signature and comparing the resulting value with the actual document hash, in case of [DSA](http://en.wikipedia.org/wiki/Digital_Signature_Algorithm) verification uses actual hash and signature and checks whether they in some calculation result in a specific value. – mkl Mar 19 '14 at 21:04
  • The problem with DSA is actually a good point which helped a lot. Thanks for that! I edited the question once more (Edit 2) and added a running example. This solves the issue, but in a 'hacky' and non-elegant way. – nico.ruti Mar 20 '14 at 06:17
  • I don't consider it too *hacky*; in case of RSA the signature essentially is an encrypted data object denoting a hash algorithm and a hash value. To resign with a different private RSA key, therefore, you have to first decrypt the original signature using the original signer's public key and then encode again with the new private key, exactly what you are doing. The RSA key pair sizes should be the same, though, e.g. if the original signature used RSA/2048, the resigning should use RSA/2048, too. – mkl Mar 20 '14 at 09:04

0 Answers0