Verify data with Signature public key RSA java

Question

I have simple text.

Then i encrypt this text with Cipher RSA.

But when verify this text with encrypt text by Signature it always return false.

Generate key pair:

KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
keyPairGen.initialize(2048);
KeyPair kp = keyPairGen.generateKeyPair();

Plain text:

byte[] plaintext = "a".getBytes(StandardCharsets.UTF_8);

Encrypt text using RSA:

Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, kp.getPublic());
byte[] encryptText = cipher.doFinal(plaintext);

Verify data using Signature :

Signature sig = Signature.getInstance("SHA256withRSA");
sig.initVerify(kp.getPublic());
sig.update(plaintext);
boolean result = sig.verify(encryptText);
System.out.println(result);

Why this code always return false ? How to verify right way?

Answer 1

In digital signature, you sign (encrypt) the hash of the data using your private key.

You could use Signature class, it will handle the hasing of the data:

public static void main(String[] args) throws Exception {
    String message = "Digital Signature Example";
    byte[] messageBytes = message.getBytes("UTF8");

    // Key generation
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
    keyGen.initialize(2048);
    KeyPair key = keyGen.generateKeyPair();

    // sign
    Signature sig = Signature.getInstance("SHA256WithRSA");
    sig.initSign(key.getPrivate());
    sig.update(messageBytes);
    byte[] signature = sig.sign();

    // verification
    sig.initVerify(key.getPublic());
    sig.update(messageBytes);
    boolean result = sig.verify(signature);

    // result
    System.out.println("Message   = " + message);
    System.out.println("Signature = "
            + Base64.getEncoder().encodeToString(signature));
    System.out.println("Verification Result = " + result);
}

Or you could encrypt/decrypt by using cipher class:

public static void main(String[] args) throws Exception {
    String message = "Digital Signature Example";
    byte[] messageBytes = message.getBytes("UTF8");

    // Key generation
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
    keyGen.initialize(2048);
    KeyPair key = keyGen.generateKeyPair();

    // sign
    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.ENCRYPT_MODE, key.getPrivate());
    byte[] messageHash = SHA(message);
    byte[] signature = cipher.doFinal(messageHash);
    
    // verification
    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.DECRYPT_MODE, key.getPublic());
    byte[] decryptedMessageHash = cipher.doFinal(signature);
    byte[] messageHash = SHA(message);
    boolean result = Arrays.equals(decryptedMessageHash, messageHash);

    System.out.println("Message   = " + message);
    System.out.println("Signature = "
            + Base64.getEncoder().encodeToString(signature));
    System.out.println("Verification Result = " + result);
}


private static byte[] SHA(String message) throws Exception {
    MessageDigest digest = MessageDigest.getInstance("SHA-512");
    digest.update(message.getBytes("UTF8"));
    return digest.digest();
}