I've searched forums and answers but I can't figure out my problem, I am trying to verify a signature , but it always returns false, am I doing something wrong? I generate the key, sign it and then verify it (the byte arrays are not null)
public void Keygen() throws java.rmi.RemoteException, NoSuchAlgorithmException, IOException, SignatureException, NoSuchProviderException, InvalidKeyException {
KeyPairGenerator Keygen = KeyPairGenerator.getInstance("DSA");
Keygen.initialize(1024, random);
KeyPair pair = Keygen.generateKeyPair();
priv = pair.getPrivate();
pub = pair.getPublic();
public byte [] sign (int k)throws java.rmi.RemoteException, NoSuchAlgorithmException, SignatureException, InvalidKeyException , NoSuchProviderException
Signature dsa = Signature.getInstance("SHA1withDSA", "SUN");
String data = "aa";
byte[] b = data.getBytes();
realSig = dsa.sign();
key = pub.getEncoded();
return realSig;
public int Versig(byte [] sigkeys) throws java.rmi.RemoteException, NoSuchAlgorithmException, IOException, SignatureException, NoSuchProviderException, InvalidKeyException, InvalidKeySpecException{
byte [] pkb = getenckey();
KeyFactory kf = KeyFactory.getInstance("DSA");
PublicKey pubKey = kf.generatePublic(new X509EncodedKeySpec(pkb));
/* create a Signature object and initialize it with the public key */
Signature sig = Signature.getInstance("SHA1withDSA", "SUN");
String data2 = "bb";
byte[] c = data2.getBytes();
boolean verifies = sig.verify(sigkeys);
System.out.println("1 " + verifies);
if (verifies == true) {
System.out.println(" 2 " + verifies);
return (1);
} else {
return (2);
You are signing String data = "aa";
in sign method while verifying String data2 = "bb";
so the signature verification will return false.
digitally signing the data to check it's integrity (which means no alter to the data).
I hope this could help!