stackoom
  简体   繁体   中英

Verifying Java signature in C#

 原文  2018-08-31 23:44:49       java/ c#/ cryptography

Question

I have signature created in Java by following code

KeyFactory keyFactory = KeyFactory.getInstance("RSA");
EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);
signature = (Signature) rsaSha256.getCipher();

signature.initSign(privateKey);
signature.update(binaryData);
signatureBytes = signature.sign();

By verifying signature in C#, im always getting false. Following code use BouncyCastle library

ISigner signer = SignerUtilities.GetSigner("SHA256withRSA");

using (TextReader sr = new StringReader(publicKey))
    {
       PemReader pr = new PemReader(sr);
       RsaKeyParameters keys = (RsaKeyParameters)pr.ReadObject();

       signer.Init(false, keys);
       signer.BlockUpdate(value, 0, value.Length);
       bool isValid = signer.VerifySignature(signature);

       return isValid;
    }

Following code return false too

private static bool VerifyWithPublicKey(byte[] data, byte[] sig, string publicKey)
    {
        RSACryptoServiceProvider rsa;

        using (var keyreader = new StringReader(publicKey))
        {
            var pemReader = new PemReader(keyreader);
            var y = (RsaKeyParameters)pemReader.ReadObject();
            RSAParameters p1 = DotNetUtilities.ToRSAParameters(y);
            rsa = new RSACryptoServiceProvider();

            rsa.ImportParameters(p1);
        }


        byte[] hash;
        using (var sha256 = SHA256.Create())
        {
            hash = sha256.ComputeHash(data);
        }

        RSAPKCS1SignatureDeformatter RSADeformatter = new RSAPKCS1SignatureDeformatter(rsa);
        RSADeformatter.SetHashAlgorithm("SHA256");
        //Verify the hash and display the results to the console. 
        if (RSADeformatter.VerifySignature(hash, sig))
        {
            Console.WriteLine("The signature was verified.");
        }
        else
        {
            Console.WriteLine("The signature was NOT verified.");
        }

        // This always returns false
        return rsa.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA256"), sig);
    }

Im out of ideas. Anyone done something similar? If so, can you share your code please

1 answers

solution1
 0  2020-01-09 17:57:28

This works for me, I see a difference where you use.GetSigner("SHA256withRSA") but I use "SHA-256withRSA"

    public static bool VerifySignature(byte[] hashBytes, byte[] signatureBytes)
    {
        PemReader pemReader = new PemReader(new StreamReader("PublicKey.pem"));
        RsaKeyParameters parameters = (RsaKeyParameters)pemReader.ReadObject();

        RsaDigestSigner signer = (RsaDigestSigner)SignerUtilities.GetSigner("SHA-256withRSA");
        signer.Init(false, parameters);

        signer.BlockUpdate(hashBytes, 0, hashBytes.Length);
        bool isValid = signer.VerifySignature(signatureBytes);

        return isValid;
    }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Verifying JAVA signature in php Verifying a Digital Signature produced by C# on an Android Device Verifying in C# what was signed in Java RSA signature Java to C# Verifying hmac sha1 signature in Java Verifying a signature in java using a certificates public key Problem verifying in C# what was signed in Java (RSA) Verifying Jar signature doesn't work in Java Error when verifying ECDSA signature in Java with BouncyCastle Java Digital Signature different to C#
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM