I want to know can symmetric keys be used to sign a message ? We can encrpyt using the shared secret key. Also when symmetric key is used for signing , what API can be used in J
Symmetric algorithms can't give the non-repudiation property that asymmetric signature schemes give, i.e. the receiver of a message can't prove that he didn't create the message themselves, as they have to know the scheme.
That said, a message authentication code (MAC) can give you what you want: Both sender and receiver have a shared key, the sender calculates a MAC with the secret and appends it to the message, and the receiver calculates the same MAC and compares it with the received message.
While the most often used MAC type (HMAC) is based on hash functions, there are also ones which are based on a block cipher like AES, like CBC-MAC (this is like CBC, but with zero initialization vector and using only the last block as output). (As said by noloader, CBC-MAC is not the most secure way of doing this, use other modes.)
You should use message authentication in most cases where you use encryption, as many encryption schemes are vulnerable to chosen-plaintext attacks.
In Java, a MAC can be calculated (and checked) by using the javax.crypto.Mac class.
A shared secret key can be used to calculate a Message Authentication Code (MAC), which then can be used to confirm the integrity and authenticity of the message to another party which knows the same shared secret. Unlike digital signatures, which are created using the private key and verified using the public key, MACs do not offer non-repudiation (anyone who can verify the MAC can also generate a MAC for another message).
There are different forms of message authentication codes; probably the most often used variation is HMAC.
If you want to sign a message using a symmentric key, you want to use a CMAC based on AES (or 3-key TDEA, or Cameilla). CMACs are Message Authentication Codes (MAC) constructed on top of block ciphers. You generally use a CMAC if you are also using AES/3TDEA/Cameilla for encryption (ie, it is handy).
You can also use an HMAC. An HMAC is a Message Authentication Code (MAC) constructed on top of a hash. You would use an HMAC is a hash were already present in the program (ie, it was handy).
When I have both a Block Cipher and Hash present in the program, I generally use an HMAC because its faster.
Finally (for completeness), don't use MD5. Its broken (despite what many in the free software world think). SHA-1 is no longer approved for new applications by bodies such NIST, NESSIE, and ECRYPT. Use the SHA-2 family of hashes, or use Whirlpool.
For the java specific stuff, see Java Cryptography Extensions.