A.class
jar it A.jar
sign it get first Message Digest (hash) of A.class and then encrypt it 
using Privage Key.
send (jar enclosing A.class + signed hash) it across to one who has Public Key (Certificate)
Unjar A.class and signed hash
MD A.class to get hash (unsigned)
use public key to decrypt signed hash
compare generated hash and decrypted hash
hash equal means data not tampered, public and private keys match 
public key certified to be of user by CA works so we trust data and user.
Trusted means now user authenticated.
hash match means data integrity validated.
Jar is simplistic encryption.