Reputation: 435
signature.verify() is returning false in java
First of all, I see there are other posts with this question, but no one has the same problem as me, i.e. signature.verify() is unexpectedly returning false.
Here's my code:
private static String encriptar(String xmlSolicitud, PrivateKey privateKey)
throws Exception {
Signature signature=Signature.getInstance("SHA1withRSA");
signature.initSign(privateKey);
signature.update(xmlSolicitud.getBytes(Charset.forName("UTF-8")));
byte[] signatureValue = signature.sign();
String response = Base64.encode(signatureValue);
signature.initVerify(keyReader.publicKeyRead(Reference.rutaPublicKeyTest));
System.out.println(signature.verify(signatureValue));
return response;
}
And here is how I read in the keys (if needed):
public static PrivateKey privateKeyRead(String filename)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
File f = new File(filename);
FileInputStream fis = new FileInputStream(f);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int)f.length()];
dis.readFully(keyBytes);
dis.close();
PKCS8EncodedKeySpec spec =
new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePrivate(spec);
}
public static PublicKey publicKeyRead(String filename)
throws Exception {
File f = new File(filename);
FileInputStream fis = new FileInputStream(f);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int)f.length()];
dis.readFully(keyBytes);
dis.close();
X509EncodedKeySpec spec =
new X509EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePublic(spec);
}
Upvotes: 3
Views: 5163
Answers (1)
Reputation: 97120
The state of the signature is reset after you call sign. As per the documentation:
A call to this method resets this signature object to the state it was in when previously initialized for signing via a call to
initSign(PrivateKey). That is, the object is reset and available to generate another signature from the same signer, if desired, via new calls toupdateandsign.
You need to update the signature again with the bytes that were signed:
private static String encriptar(String xmlSolicitud, PrivateKey privateKey)
throws Exception {
Signature signature=Signature.getInstance("SHA1withRSA");
signature.initSign(privateKey);
signature.update(xmlSolicitud.getBytes(Charset.forName("UTF-8")));
byte[] signatureValue = signature.sign();
String response = Base64.encode(signatureValue);
signature.initVerify(keyReader.publicKeyRead(Reference.rutaPublicKeyTest));
signature.update(xmlSolicitud.getBytes(Charset.forName("UTF-8"))); // <-- Here
System.out.println(signature.verify(signatureValue)); // <-- Will print true
return response;
}
On a side note, it looks like you're signing XML content. Probably wise to use XML signatures to avoid being tripped up by canonicalization issues.
Upvotes: 3
Related Questions
- Why is the signature verification not working despite using the same parameters?
- Digital signature verification failing - Java
- Verify signature
- RSA java signature verification failed
- Exception while trying to verify a digital signature
- Why always give me false in signature?
- signature.verify() Always returns False?
- Signature.verify() is always returning false
- how to do verify using java.security.Signature
- signature.verify() Always returns False