Good day all,
I would like to know the difference between digital signatures and hashing. For example, if i make a hash of a certificate using the message digest class and then encrypt the result.... would this be a signature?
Does the following method describe a signature? :
At sending end:
Hash generated certificate
Encrypt hashed value using private key
Send certificate, encrypted hash value over connection
At receiving end:
Receive certificate and encrypted hash value
Using the public key of certificate, decrypt and obtain the hash value....(A)
Make a hash of the received certificate using the same algorithm from the sending end, and compare this hashed value with the hash in line (A)
If they are equal ..and so on
Does the above represent a digital signature? Or do i have to use the signature class to accomplish authenticity? Another question, a generated certificate using the bouncycastle library, does it contain a signature?What is a signature? From my knowledge, I think a signature is the hashed value of the certificate encrypted using an algorithm. Am i correct? If this is true then the above method i described should suffice.....?