1

I have generated a public and a private key, but how do I sign a text document without using security.Signature library? The reason behind this is because our Professor stated that we should finish the task without using the build-in library

bashbin
  • 415
  • 1
  • 7
  • 21
  • 2
    You could probably get a useful answer if you state what's specifically the reason you cannot or don't want to use that library. – Goran Jovic May 26 '17 at 17:39
  • Just curious, why can't you use it? The alternative will be implementing your own Signature class which is reinventing the wheel. – zengr May 26 '17 at 17:39
  • @GoranJovic Our cybersecurity Professor said we had to do this way, and I don't know where to start. I get the logic, but I don't know the code part.. – bashbin May 26 '17 at 17:42
  • @zengr ^ Then I think the task of my project is to reinvent the wheel. Our Professor asked to complete this task without using the library – bashbin May 26 '17 at 17:43
  • I've said it [before](https://stackoverflow.com/questions/29066294/how-to-pass-biginteger-to-a-signature-function/29067446#comment46370163_29066294) and I say it again: So, you're asking someone to write an RSA signature implementation for you using BigInteger? – Artjom B. May 26 '17 at 17:52
  • 1
    `BigInteger` has a method that you can use for the signature. Read your course materials or the Wikipedia article on RSA encryption to figure out which method to use and how to apply it. Also, be aware that a real RSA signature requires processing of the message before signing that is much more complicated and harder to implement than the signature operation itself. I don't know if that's part of your assignment, or if you are only expected to perform a naive and easily broken signature operation. – erickson May 26 '17 at 18:59

1 Answers1

3

I would look at OpenJDK's Signature.java to understand how its implemented. You need to focus on what .sign does

If you are doing it for better understanding or academic purposes, I would follow this:

Step 1: Calculate the Message Digest (like SHA1 or even MD5 to start with)
Step 2: Calculate the Digital Signature (using public/private keys)

zengr
  • 38,346
  • 37
  • 130
  • 192
  • Thank you for the links. I scanned through the information and I think it will get the job done. – bashbin May 26 '17 at 17:57