Verify Digital Signature with RSA Public Key using Pre-calculated Hash

In this approach, the client sends the pre-calculated hash and the digital signature to the NAE Server. The NAE Server decrypts the digital signature with the sender's public key and compares the two hashes. If the two hashes are identical, the signature is considered to be valid; if the hashes do not match, the signature is treated as invalid.

1. Get an instance of a Signature object, and pass the RSAPSSPaddingSHA256 algorithm as an argument.

2. Obtain an instance of the key you want to use for the Sign Verify operation using the getPublicKey method of the NAEKey class.

3. Initialize the Signature object with the key.

4. Specify the text string that you want to verify and convert it to a byte array.

5. Perform the verify operation by passing the previously calculated digital signature as an argument . At this point, the NAE Server decrypts the previously calculated digital signature and compares the two hashes. If the hashes are identical, true is returned; else, false is returned.

Code sample

The following example, a digital signature is verified with the RSA key, named rsakey. The algorithm used in this sample is RSAPSSPaddingSHA256.

byte[] signature = ... /* get previously calculated signature*/
Signature sig = Signature.getInstance("RSAPSSPaddingSHA256", "IngrianProvider");
PublicKey key = NAEKey.getPublicKey("rsakey");
int saltLength=80;
PSSParameterSpec pssParameterSpec = new PSSParameterSpec(saltLength);
sig.setParameter(pssParameterSpec);
sig.initVerify(key);
sig.update("HelloWorldHelloWorldHelloWorldHe".getBytes());
boolean verified = sig.verify(signature);