SHA-1 Message Digest

Similar Messages

• Need help about the SHA Message Digest ? & what is use of Message Diagest ?

  need help about the SHA Message Digest ? & what is use of Message Diagest ?
  1>i have one program of making message digest
  2>which requires two files name
  3>one for input like txt
  4> second is out put file of message digest
  can any one tell what is the use of second generated file .

  MessageDigest md = MessageDigest.getInstance("SHA");
  FileInputStream fis = new FileInputStream(args[0]);
  byte[] b = new byte[1024];
  int readed = -1;
  while((readed = fis.read(b)) > 0)
       md.update(b, 0, readed);
  fis.close();
  FileOutputStream fos = new FileOutputStream(args[1]);
  byte[] d = md.digest();
  StringBuffer sb = new StringBuffer();
  for(int i = 0; i < d.length; i++) {
       String str = Integer.toHexString(d[i] & 0xff);
       sb.append(str.length() < 2 ? "0" + str : str);
  fos.write(sb.toString().getBytes());
  fos.close();

• SHA Message Digest Algo not supported by IBM JDK

  Hi,
  When I run an application with IBM's JDK, am getting the following exception:
  "java.lang.SecurityException: SHA MessageDigest not available"
  Any idea on how to create support for this Message Digest algo? One way is to use provider, I guess. But I don't know how to use a provider & where to get it from. Any suggestions/thoughts?
  Regards,
  GSP

  In my code, a class extends java.rmi.server.UnicastRemoteObject. & the exception occurs when this class is run with IBM JDK. The stack trace is:
  java.lang.SecurityException: SHA MessageDigest not available
  at sun.rmi.server.Util.computeMethodHash(Util.java:378)
  at sun.rmi.server.UnicastServerRef$HashToMethod_Maps.createMap(UnicastServerRef.java:544)
  at sun.rmi.server.WeakClassHashMap.getMap(WeakClassHashMap.java:71)
  at sun.rmi.server.UnicastServerRef.exportObject(UnicastServerRef.java:196)
  at java.rmi.server.UnicastRemoteObject.exportObject(UnicastRemoteObject.java:306)
  at java.rmi.server.UnicastRemoteObject.exportObject(UnicastRemoteObject.java:248)
  at java.rmi.server.UnicastRemoteObject.<init>(UnicastRemoteObject.java:146)
  at java.rmi.server.UnicastRemoteObject.<init>(UnicastRemoteObject.java:132)
  at Engine.<init>(Unknown Source)
  where Engine is the class that extends UnicastRemoteObject.

• Message Digest Error (plz help)

  Hi,
  I am from India and working on Gemplus Java cards (211 PK) . and using the Gemplus RAD III Kit 3.2
  For Java card Application development (key pair generation and Message DIgest) , I am using the Javacard.security package and MessageDigest class for creating the message digest.
  But I am facing some problems.
  So, I am attaching the .java File. The source Code gets compiled properly but raises a Null Pointer Exception at RunTime (See attached text file) .
  Could you please tell me what the error is?
  Being in India, do these cards support Limited Cryptography or is Message Digesting allowed.
  My .java file (i.e. My source code)
  import java.io.*;
  import java.io.FileInputStream;
  import javacard.security.MessageDigest;
  import javacard.security.CryptoException;
  class MsgDigest
  public static void main(String args[])
       FileInputStream fIn; // File Input stream
       FileOutputStream fOut; // File output stream
       boolean          resRead; //result of "Is file readable?"
       int           resCompare; //resultof comparing 2 file's equality
       String           fNm,temp; //open file name,temparary variable for other testing
       long           fLength; //open file length
       int     resReadFile;// result of reading the file through read()
       int               fileLength=0; //file Length in int
  int          cnt=0;
  try
  //open the file on which message digest is to be performed
            fNm=new String("c:\\sample.txt");
            File fSamp=new File(fNm);
  //checking it for reading operation
            resRead=fSamp.canRead();
            System.out.println(resRead);
  //creating input stream of file and writting it into another file output.txt
  fIn=new FileInputStream(fNm);
  fLength=fNm.length();
       System.out.println("in long file size is : " fLength"\n");
       fOut= new FileOutputStream("C:\\output.txt");
  //reading the file and calculating the length
  do
                 resReadFile=fIn.read();
                 if (resReadFile!=-1)
                 fOut.write(resReadFile);
                 fileLength=fileLength+1;
       }while (resReadFile!=-1);
       fIn.close();
  //reading the file and storing it in a byte array
  fIn=new FileInputStream(fNm);
       System.out.println("in int File size is : "+fileLength+ "\n");
       byte readData[]=new byte[fileLength]; //data in file stored in this byte array
       int i;
       i=fIn.read(readData);
       System.out.println("bytes in readData : "+i+"\n");
  //creating message digest object and update message Digest to work on our message : readData
  byte midData[]=new byte[fileLength];
  MessageDigest md;
  try
       md = MessageDigest.getInstance(MessageDigest.ALG_SHA,false);
  catch(Exception e1)
       e1.printStackTrace();
  //md.update(readData,(short)0,(short)(readData.length));
  //md.doFinal(readData,(short)0,(short)(readData.length),midData,(short)0);
  }//try
  catch (CryptoException e)
            System.err.println("ERROR : "+e);
            System.exit(1);
  catch (FileNotFoundException e)
            System.err.println("ERROR : "+e);
            System.exit(1);
  catch (ArrayIndexOutOfBoundsException e)
            System.err.println("ERROR : "+e);
            System.exit(1);
  catch (Exception e)
            System.err.println("ERROR : "+e);
            System.exit(1);
  }//main
  }//class
  Getting THIS error
  true
  in long file size is : 13
  in int File size is : 241
  bytes in readData : 241
  javacard.security.CryptoException
  at javacard.security.CryptoException.throwIt(Unknown Source)
  at javacard.security.MessageDigest.getInstance(Unknown Source)
  at MsgDigest.main(MsgDigest.java, Compiled Code)
  Press any key to continue...

  The Java card specification says that when calling MessageDigest.getInstance, the exception CryptoException will be thrown if the alg. is not supported or when the shared access mode is not supported. Can you pls check if Gemplus RAD III Kit 3.2 supports SHA-1 alg. ?
  Also, the code that you have written is not compliant with Java Card spec. Because in Java card applets, we cannot use java.io.FileInputStream, etc., main method , etc. If I guess, you may be compiling the java file to class file by linking it to javacard package and executing class file using java interpreter like we do normally for executing a java application. This is not the way that Java applets are written, please go through the Java card spec for developing and compiling java applets.

• Message digest algorithm in Archive Link

  Good Morning.
  We are building interface with the SAP Content Server. We require some help from you on the following items.
  Referring to the SAP Content Server HTTP Interface API 4.5/4.6,
  The library for checking signatures can be obtained from SAP AG. Because the standard format PKCS#7 was used for the signature, other products can also be used for decoding.
  From page 8, can you lets us know where we can get them.
  We would also want to know what is the message digest algorithm in Archive Link.

  Hi,
  SAP content server is using DSS for signing URL parameters. The NIST FIPS-180-3 specification defines which hash functions can be used in DSS. My guess is that it's using SHA1. I doubt that it's using newer version like SHA-256.
  Cheers

• Decrypting a Emcrypted Message Digest

  Hi,
  I have a Encrypted Message Digest which is obtained by hashing the data using SHA1 and then signed the resulted digest with private key. This is done using Entrust API's. Is there any way by which I can decrypt the Encrypted Message Digest using JAVA API's with public key.
  can someone give me any idea.
  Thanks in advance
  Nitin

  With what i could i understand,... you have an encrypted MD.(by private key). It could be like this..
  MessageDigest md= MessageDigest.getInstance("SHA-1");
  md.update("data".getBytes());
  byte[] hash= md.digest();
  Cipher c = Cipher.getInstance("RSA","BC");
  c.init(Cipher.ENCRYPT_MODE,privk);
  byte[] encrypted = c.doFinal(hash);
  Now u can decrypt using the public key to get the original MD like this:
  //initialise the cipher to decrypt mode
  c.init(Cipher.DECRYPT_MODE,pubk);
  byte[] decrypt= c.doFinal(encrypted);          
  Thats it !
  Vijay

• Is message digest a strong cryptography

  for strong cryptography,security is base on the key rather than algorithm itself.but I use message digest,in main I pass in a plain text(args[0]),like this:
  byte[] buf= new byte[args[0].length()];
  buf=args[0].getBytes();
  MessageDigest algorithm=null;
  try {
  algorithm = MessageDigest.getInstance("SHA-1");
  }catch (NoSuchAlgorithmException e) {
  System.out.println(e);
  algorithm.reset();
  algorithm.update(buf);
  byte[] digest1 = algorithm.digest();
  the digest1 is the cipher text.but there looks no way to put key
  so,is the message digest not a strong cryptography?or can I put key for it?

  http://developer.java.sun.com/developer/qow/archive/28/i ndex.html
  they use messagedegist to encrypt password,do you
  think this is wrong?No, they don't encrypt the password. There is no key involved. SHA-1 is a message digest, a sort of a checksum but no encryption. They just make it unreadable by storing the hash of the password. By the way, the method they use is prone to a dictionary attack.
  Encryption is a two-way function. I encrypt a message M by using a key KE with an encryption function E() to produce a cipher text C:
  C := E(KE, M)
  I can decrypt this by using a decryption function D() with a decryption key KD:
  M := D(KD, C)
  This way, you can retrieve the original message from the cipher text.
  The cipher text C is as long as or longer than the oroginal message M.
  However, if you use a digest DS() on a message M you get a hash that has a fixed length:
  H := DS(M)
  This hash is not reversible! I.e. if you know the hash value H, you can not retrieve the message M. SHA-1 has a length of 20 bytes, regardless of the length of the message M. So, if you put one byte into SHA-1 or 1,000,000 bytes, H always has a length of 20 bytes. You can not retrieve the original bytes from that...
  However, if you just want to store passwords in a safe way a hash is a great method for this. You simply don't need to encrypt them if you just want to know wether a user has entered a password that is the same as a stored password.
  But using a hash is not enough. You also need a "salt" and an interation count. Look at PKCS#5 (http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html) at the PBKDF2 chapter (5.2). It has a good introduction in chapters 1 to 4, as well.
  Regards,
  Frank

• Message digest -- BigInteger

  Hi,
  I am wondering about the encoding of a message digest output bytes (such as from SHA-1). Is it a two's complement or what? I want to convert it to a BigInteger object for further math calculation. Is there any convention or convinient way to do that?
  Thanks.
  Liang

  Technically it is not a integer, but a bit string (read FIPS 180-1 or RFC 3174.)
  But you can interpret it as a big integer (as its two's-complement binary), if you want to do so.
  If the most significant bit of the SHA-1 hash is 1, the number will be negative, so if you want to use only positive numbers, you can add a 0-byte to interpret the SHA-1 as a positive number always.
  Check the Javadoc.
  BigInteger(byte[] val)
  Translates a byte array containing the two's-complement binary representation of a BigInteger into a BigInteger.
  For instance, the SHA-1 of "Hello, world!" is 943A702D 06F34599 AEE1F8DA 8EF9F729 6031D699; if you want to make the BigInteger's constructor interpret it as a positive number, copy the SHA-1 to a 21-byte array, making the first byte 0, as 00943A702D 06F34599 AEE1F8DA 8EF9F729 6031D699.

• Sha1 hash function (Message Digest)

  I am trying to create a program that lists the current java programs in a directory that is run through command line arguments, ( which works) however once i have populated all the java files i need to then turn the file names into sha1 message digests for the next step. I have the relevant code for this to work but i can not get it to compile is there something i have done wrong? or put the code in the wrong place?? here is my code feel free to amend it.
  Thanks Mich
  import java.io.UnsupportedEncodingException;
  import java.security.MessageDigest;
  import java.security.NoSuchAlgorithmException;
  import java.io.File;
  import java.io.FilenameFilter;
  import java.util.Scanner;
  public class ListDirectories implements FilenameFilter {
  static Scanner sc = new Scanner(System.in);
  public static void main (String [] args) throws UnsupportedEncodingException, NoSuchAlgorithmException {
  String path = args [0];
  ListDirectories ff = new ListDirectories();
  ff.process(path);
  public void process(String dir) {
  String objects[] = (new File(dir)).list(this);
  for (int i = 0; i < objects.length; i++) {
  System.out.println("TRACE:"+objects);
  public boolean accept(File dir, String s) {
  if (s.endsWith(".java")) {
  return true;
  return false;
  //public void MessageDigest(){
  MessageDigest md = MessageDigest.getInstance("SHA");
  try {
  md.update(objects);
  MessageDigest objects = md.clone();
  byte[] objectsDigest = objects.digest();
  md.update(objects);
  } catch (CloneNotSupportedException cnse) {
  throw new DigestException("couldn't make digest of partial content");

  import java.io.UnsupportedEncodingException;
  import java.security.DigestException;
  import java.security.MessageDigest;
  import java.security.NoSuchAlgorithmException;
  import java.io.File;
  import java.io.FilenameFilter;
  import java.util.Scanner;
  public class ListDirectories implements FilenameFilter {
       static Scanner sc = new Scanner(System.in);
       public static void main (String [] args) throws UnsupportedEncodingException, NoSuchAlgorithmException {
            String path = args [0];
            ListDirectories ff = new ListDirectories();
            ff.process(path);
       public void process(String dir) {
            String objects[] = (new File(dir)).list(this);
            for (int i = 0; i < objects.length; i++) {
                 System.out.println("TRACE:"+objects);
       public boolean accept(File dir, String s) {
            if (s.endsWith(".java")) {
                 return true;
            return false;
       public void MessageDigest(){
            MessageDigest md = MessageDigest.getInstance("SHA");
            try {
                 MessageDigest objects = md.clone();
                 md.update(objects);
                 byte[] objectsDigest = objects.digest();
                 md.update(objects);
            } catch (CloneNotSupportedException cnse) {
                 throw new DigestException("couldn't make digest of partial content");
  }this where the error occur
  MessageDigest objects = md.clone();
  md.update(objects);
  byte[] objectsDigest = objects.digest();
  md.update(objects);
  The method update(byte) in the type MessageDigest is not applicable for the argumentsListDirectories.java     line 42     1187874400500     26683
  The method update(byte) in the type MessageDigest is not applicable for the arguments ListDirectories.java     line 44     1187874400500     26684
  Type mismatch: cannot convert from Object to MessageDigest     Test2     ListDirectories.java     line 41     1187874400500     26682

• Verifying a Digital Signature using message digest

  Hi, i am new to java.
  I have a Digitally signed document, i wanna verify this signed document against the original one.
  i got the idea from this link:
  http://help.sap.com/saphelp_45b/helpdata/en/8d/517619da7d11d1a5ab0000e835363f/content.htm
  i signed a pdf doc with my SmartCard. the third party signing tool passed me the PKCS7 digital signature and i stored it in database. the problem arose when i retrieved this digital signature from DB and verified against the original doc using the message digest method. the base64 result strings are always not equal.
  I am sure about this:
  -the retrieved digital signature was GOOD.
  -the original doc was GOOD.
  but why i can't get the same 2 message digests? can somebody please help?
  below is part of my code:
  while (rsetDs.next())
       InputStream DSName2 = rsetDs.getBinaryStream(1);
       ByteArrayOutputStream byteStream = new ByteArrayOutputStream();
       byte[] myByte = Base64.decode(byteStream.toString());
       ByteArrayInputStream newStream = new ByteArrayInputStream(myByte);
       CertificateFactory cf = CertificateFactory.getInstance("X.509");
       Collection c = cf.generateCertificates(newStream2);
       Iterator i = c.iterator();
       while (i.hasNext())
            Certificate cert = (Certificate)i.next();
            X509Certificate cert1 = (X509Certificate)cert;
            try
                 java.security.MessageDigest md = java.security.MessageDigest.getInstance("MD5");
                 /*=============DB MD (BEGIN)==================*/
                 byte [] pubkeyByte = cert1.getPublicKey().getEncoded();
                 md.update(myByte);
                 md.update(pubkeyByte);
                 byte[] raw = md.digest();
                 String db_md = Base64.encode(raw);
                 /*============DB MD (end)============*/
                 /*=============PDF MD (BEGIN)==================*/
                 DataInputStream m_disFile = new DataInputStream(new FileInputStream("C:\\" + "original_doc.pdf"));
                 int m_iNum = m_disFile.available();
                 byte[] msgBytes = new byte[m_iNum];
                 m_iNum = m_disFile.read(msgBytes, 0, m_iNum);
                 md.update(msgBytes);
                 byte[] digestMd = md.digest();
                 md.reset();
                 String pdf_md = Base64.encode(digestMd);
                 /*=============PDF MD (END)==================*/
  ..thanks in advance.

  PKCS#7 SignedData objects are far more complex then it looks like you are taking them. First the PKCS#7 SignedData object will contain the OID for the message digest algorithm used and for the encryption algorithm used. From the looks of your code you are simply assuming MD5.
  It also contains all of the data that was signed which is typically much more than just the document. It also of course contains the public keys and signatures which singed the document. In your case it will probably only have one public certificate and one signature.
  Also note that a signature is an encrypted hash. Looking at your code I do not see you use encryption at all or rather for verification decryption.
  Here is the basic process a signature takes.
  MessageDigest md = MessageDigest.getInstance(algOID);
  byte[] digest = md.digest(message.getBytes(charEncoding));
  Cipher c = Cipher.getInstance("RSA/2/PKCS1Padding");
  c.init(Cipher.ENCRYPT_MODE, priKey);
  byte[] signature = c.doFinal(digest);Note that the resulting byte array is not the message digest but the encrypted message digest. You must use the corresponding public key to decrypt the signature to get the message digest value. It is because the trusted public key can decrypt the correct message digest that we know it was encrypted by the holder of the private key. It is because the decrypted message digest value is equal to my computed message digest value that we know the document has not be altered...
  Now PKCS#7 SignedData does not take the message digest of the document, in your case your PDF. It creates a message digest on an ASN.1 object which includes the bytes of your document plus a bunch of meta data.
  For more info on the exact format of a PKCS#7 signature file check out
  http://www.rsasecurity.com/rsalabs/pkcs/pkcs-7/index.html
  Look through this doucment for SignedData as a starting place and follow through all of the sub objects that make up a SignedData object. This will give you an idea of what is involved.

• Failed to verify AS2 message Reason message-digest attribute value

  Hi All,
  I have scenario from AS2---->PI--
  >ECC(AS2 to Proxy) .I tested in QA system successfully but messages not reached to PI system.Communcation channel montering error message is Failed to verify AS2 message. Reason: message-digest attribute value does not match calculated value (Software version: 1.0.2). This scenario working fine producation server using with receiver file adapter.After transported from QA to PROD error got occured.Please provide your inputs on this issue
  Regards,
  Ramesh

  Thank you,
  I've followed all the steps in the link for the section : For a new wallet, please follow.
  SSL is not used, the B2B sends to a proxy server which uses SSL to the Trading Partner.
  This is a future production system; the same setup and configuration has been successfully used in development and test.
  The configuration all looks the same between environments, but dev and test work while this fails.
  The previous configuration did not have the TP's public cert in the wallet, so I added it according to the link.
  However the same error occurs.
  Is there any chance this behaviour is related to this : metalink docid : 803466.1 / Oracle B2B certificate for ebMS will expire July 17 2009
  This is AS2, not using ebXML, but I do see references to the phaos security tool kit in the logs.
  Currently all environments use MLR#7.
  Edited by: tdba2 on Aug 1, 2009 11:58 PM

• Newbie question about message digests

  I understand that a digest is a one-way process, that a message digest is a "fingerprint" of the original message but that there is no way to recover the original (I think Ronald Rivest's document says it is "conjectured to be computationally infeasible" to do so). So far so good.
  But I also read this about digest algorithms: "it is virtually impossible to create a message with a predetermined digest." ( http://tinyurl.com/39thq )
  What does this mean, given that a particular message will always hash to the same digest?
  Thanks for any guidance.
  -javahombre

  Great, now I see! Thanks!
  This sounds especially true now that I see the explanation. For example, I notice that even different case for the "same" string matters: "test" vs. "Test" comes out to different hash.
  As for picking completely different strings that hash to the same digest, that seems almost inconceivable.
  Thanks again,
  javahombre

• URGENT: inconsistencies between Message Digests

  Hi
  I'm developing a system wherein the contents of a JMS message are fed into a MessageDigest, and signed by a Signature with the sending node's Private Key. The signed bytes from the Signature are then set as a message property.
  The node that receives the message then creates a MessageDigest from the message body text, and using another Signature, performs verification of the new MessageDigest with the signed bytes obtained from the JMS message property that was set.
  The problem is that, despite explicitly using the UTF-8 encryption when converting from byte[] to String in my code, the MessageDigest of the message body is always different (and differs upon each program run, even when the message body contents are the same for repeated runs). I've checked and the text being used to create the message digest on each node is exactly the same (including when checking the bytes), yet as I have said, the digests are always different. However, I am running one node on Windows XP, and another node on Solaris, but I can't see how this might affect things if I've explicitly used UTF-8 encoding, and have the same Provider (SUN version 1.2) in use on both platforms.
  Are any aspects of Message Digests time-dependent/platform-dependent/randomly-generated?
  Should I not even be using Message Digests/Signatures and instead use Ciphers?
  Can anyone help me out here? I would be extremely grateful for any assistance!
  Thanks,
  Simon Parkin

  Thanks for the help.
  I removed the MessageDigest code ... and I'm still having problems (in a different area now).
  I hate having to do this, but here is the code listing for the functions I've created (minus the Exception catching code):
  public String signedDigest(String messageText)
       PrivateKey key = (PrivateKey)KEYSTORE.getKey(LOCAL_ALIAS, LOCAL_PASSWORD.toCharArray());
       Signature kSig = Signature.getInstance(SIGNATURE_ALGORITHM);
       kSig.initSign(key);
       kSig.update(messageText.trim().getBytes("UTF-8"));     
       byte[] signedBytes = kSig.sign();
       return new String(signedBytes, "UTF-8").trim();
  public boolean verifyContent(String messageText, String signedDigest, String receiverID)
       Certificate kCert = KEYSTORE.getCertificate(receiverID);     
       PublicKey kPub = kCert.getPublicKey();
       Signature kVer = Signature.getInstance(SIGNATURE_ALGORITHM);
       kVer.initVerify(kPub);
       kVer.update(messageText.trim().getBytes("UTF-8"));          
       boolean result = kVer.verify(signedDigest.trim().getBytes("UTF-8"));
       return result;
  'signedDigest' creates the signed content in the sending node, and 'verifyContent' checks it at the receiver end. Now I've checked the content of the 'signedBytes' produced in 'signedDigest', and compared it to 'signedDigest.getBytes("UTF-8)' in 'verifyContent', and they are exactly the same, yet the verification never returns true. I'm using the right keys, and the 'messageText' used at both ends is the same, so I still can't understand why this isn't working.
  Any further help would be very much appreciated.
  Simon Parkin

• Message Digest MD5 Problem

  My application downloads a zip file from given URL and also gets message digest (MD5) for the file.
  Then, it creates another message digest and compares them.
  I have tried files from tomcat.apache.org
  The results are below:
  apache-tomcat-6.0.20-deployer.zip (downloaded)
  1b3287c53a12e935a8c965b15af39f07 --> code from the website
  1b3287c53a12e935a8c965b15af39f7 --> code by the application
  apache-tomcat-6.0.20.zip (downloaded)
  714b973e98d47ec2df6d5e1486019f22 --> code from the website
  714b973e98d47ec2df6d5e148619f22 --> code by the application
  I could not understand why 0's are missing in my code. Should I try another files except from Apache?

  try{
               MessageDigest algo = MessageDigest.getInstance("MD5");
               algo.reset();
               algo.update(data);
               byte messageDigest[] = algo.digest();
               StringBuffer hexString = new StringBuffer();
               for (int i=0;i<messageDigest.length;i++) {
                    hexString.append(Integer.toHexString(0xFF & messageDigest));
       System.out.println(hexString.toString());
  catch(NoSuchAlgorithmException e) {
       e.printStackTrace();
  }I have got the content of the file in a byte array --> data.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

• How to decrypt to get the message digest?

  Ok, I'm aware that, message digest, is a one-way hash algorithm. From what I gathered, we can decrypt then use the MessageDigest method, IsEqual to compared the hash value to ensure they are the same right?
  But my problem is, right now, I has the code to encrypt and digitally signed on a xml.
  But no one has used it before to decrypt. So i need to find out how.
  Below is the code to generate the signed XML.
  Can anyone tell me how to decrypt it?
  Thanks...
      public boolean generateSignXmlDocument(String xmlDocPath, String newDocPath, KeyStore keystore, String alias, String password)
          boolean status = false;
          try
              DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
              dbf.setNamespaceAware(true);
              DocumentBuilder builder = dbf.newDocumentBuilder();
              File f = new File(xmlDocPath);
              Document doc = builder.parse(new FileInputStream(f));
              KeyPair kp = getPrivateKey(keystore, alias, password);
              DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement());
              String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
              log.info("Creating xml sign.....");
              log.debug("Provider Name " + providerName);
              XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", (Provider)Class.forName(providerName).newInstance());
              javax.xml.crypto.dsig.Reference ref = fac.newReference("", fac.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", null), Collections.singletonList(fac.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", null)), null, null);
              javax.xml.crypto.dsig.SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments", null), fac.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#rsa-sha1", null), Collections.singletonList(ref));
              KeyInfoFactory kif = fac.getKeyInfoFactory();
              javax.xml.crypto.dsig.keyinfo.KeyValue kv = kif.newKeyValue(kp.getPublic());
              javax.xml.crypto.dsig.keyinfo.KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
              XMLSignature signature = fac.newXMLSignature(si, ki);
              signature.sign(dsc);
              java.io.OutputStream os = new FileOutputStream(newDocPath);
              TransformerFactory tf = TransformerFactory.newInstance();
              Transformer trans = tf.newTransformer();
              trans.transform(new DOMSource(doc), new StreamResult(os));
              status = true;
          catch(Exception e)
              log.error(e);
          return status;
      }

  Kyle Treece wrote:
  It says that both IMAP and POP are enabled in my settings.
  what settings ? in gmail webmail interface? I'm talking about how your gmail account is configured in Mail on your computer. It's configured for POP. you need to delete it from Mail and then create a new account in Mail and make it IMAP. do not use automated account setup which Mail will offer to do. that will make the account POP again. enter all server info and account type by hand.
  see this link for details
  http://mail.google.com/support/bin/answer.py?answer=81379
  If I turn POP completely off, will it kick all the messages out of my iPhone?
  as I said, this is not about turning something on or off in webmail gmail. you have to configure your email client Mail correctly. it will have no effect on your iphone.