Java Signature verify()

In this guide, you will learn about the Signature verify() method in Java programming and how to use it with an example.

1. Signature verify() Method Overview


The verify() method of the Java Signature class is used to verify a given signature against the Signature object’s own, using the initialized public key. This is especially useful in cryptography to ensure the integrity and authenticity of received data.


public boolean verify(byte[] signature) throws SignatureException


- signature: The signature bytes to be verified against.

Key Points:

- The Signature object must be initialized for verification using the public key before calling verify().

- The method returns a boolean indicating whether the signature is valid.

- It throws a SignatureException if the signature is invalid or if the Signature object is not initialized properly.

- The update() method should be used to supply the data for which the signature needs to be verified.

2. Signature verify() Method Example


public class SignatureVerifyExample {

    public static void main(String[] args) {
        try {
            // Generate a key pair
            KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
            KeyPair keyPair = keyGen.genKeyPair();

            // Creating a Signature object for the SHA256withRSA algorithm
            Signature signature = Signature.getInstance("SHA256withRSA");

            // Initializing the Signature object with the private key for signing

            // Supplying data to be signed
            String data = "Hello, World!";

            // Signing the data
            byte[] signedData = signature.sign();

            // Initializing the Signature object with the public key for verification

            // Supplying the original data for verification

            // Verifying the signature
            boolean isValid = signature.verify(signedData);
            System.out.println("Signature is valid: " + isValid);

        } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) {
            // Handle the exception


Signature is valid: true


In this example, we first generated a key pair and initialized a Signature object for signing. 

After supplying and signing the data, we reinitialized the Signature object for verification using the public key and supplied the original data. 

Finally, we used the verify() method to check the validity of the signature and printed the result, indicating whether the signature is valid.