Effectively validate signature on large datasets with JCA

Question

Effectively validate signature on large datasets with JCA

I need to verify the signature on a file up to 2GB in size and I want to do it in a way that makes the most of my memory. For various reasons, the file will be fully loaded into memory and accessible by the application InputStream

. I would like to verify the signature using the stream interface, but the JCA Signature

class < method update

only accepts byte[]

related classes.

How can I do this efficiently? I don't want to load the beast into the second byte array, otherwise we will see some serious memory usage, but the interface doesn't seem to support it otherwise.

Update

If it matters, the signature algorithm is SHA-1

+1

java performance security digital-signature jca

Chris r 02 jan. 09 at 20:53

source to share

2 answers

Create a byte array to act as a buffer and read buffer at a time from the InputStream by calling update () on Signature each time. If the buffer is of a reasonable size, CPU time consumes transferring data from one process to another (I assume that what are you doing?) Is likely to be negligible compared to the computation time. In the case of reading from disk, the cut-off point for negligible CPU utilization seems to have a buffer size of around 8KB, and I suspect this will more or less apply in your case. (If interested, see the page I put together on InputStream Buffer Sizes .)

+1

Neil coffey 02 jan. '09 at 23:58

source to share

Jason s · Accepted Answer · 2009-01-02T21:06:57+0000

Why not just read the block's input stream (4096 bytes or whatever size you like) in one go, call update () on each block.

Effectively validate signature on large datasets with JCA

More articles: