Reputation: 1415
Verifying in C# what was signed in Java
I am trying to port a code from C# to java. There is a part which requires a String to be signed using RSA/Sha1.
To make sure that the java code produces the same result as the C# code, I tried to sign a string from java, and use existing c# code to verify the signature. My challenge is I am unable to verify the string which was signed in Java.
Here is the code;
Java method for Signing:
public static String signPayload(byte[] stringToSign, PrivateKey privateKey){
try {
Signature rsaSignatureProvider = Signature.getInstance("SHA1withRSA");
rsaSignatureProvider.initSign(privateKey);
rsaSignatureProvider.update(stringToSign);
byte[] signature = rsaSignatureProvider.sign();
return new String(Base64.encodeBase64String(signature));
} catch (Exception ex) {
ex.printStackTrace();
}
return null;
}
C# method for signing:
public String signPayload(String stringToSign, AsymmetricAlgorithm privateKey)
{
var hash = sha1.ComputeHash(Convert.FromBase64String(stringToSign));
RSACryptoServiceProvider cryptoProv = (RSACryptoServiceProvider)privateKey;
return Convert.ToBase64String(cryptoProv.SignHash(hash, CryptoConfig.MapNameToOID("SHA1")));
}
C# method which I am using to verify signed data:
public bool verifyHash(String signature, String stringToSign, PublicKey publicKey)
{
bool isVerified = false;
var responseHash = sha1.ComputeHash(Convert.FromBase64String(stringToSign));
RSACryptoServiceProvider publicKeyCrypto = (RSACryptoServiceProvider)publicKey.Key;
isVerified = publicKeyCrypto.VerifyHash(responseHash, CryptoConfig.MapNameToOID("SHA1"), Convert.FromBase64String(signature));
return isVerified;
}
I am unable to see the gap between the two method for signing (Java and C#). What is that I am doing wrong in my Java code?
Upvotes: 3
Views: 1182
Answers (2)
Reputation: 1
I resolved my problem with encode.
C# using default UTF-16LE
The byte array used to sign or validate has to have the same encoding, in my case using "UTF-16LE" on both sides.
String transaction="Hola loco";
byte[] messageToSignOrValidate = transaction.getBytes("UTF-16LE");
Upvotes: 0
Reputation: 1415
I have managed to resolve my problem by changing the way I encode the signature. Below is the code;
public static String signPayload(byte[] stringToSign, PrivateKey privateKey) {
try {
Signature rsaSignatureProvider = Signature.getInstance("SHA1withRSA");
rsaSignatureProvider.initSign(privateKey);
rsaSignatureProvider.update(stringToSign);
byte[] signature = rsaSignatureProvider.sign();
return java.util.Base64.getEncoder().encodeToString(signature);
} catch (Exception ex) {
ex.printStackTrace();
}
return null;
}
Upvotes: 2
Related Questions
- RSA signature Java to C#
- Verify SignatureValue And DigestValue Using Sha256 RSA
- Problem verifying in C# what was signed in Java (RSA)
- Java Validate signature C# equivalent
- validating rsa signature from C# in java
- Verify RSA SHA256 signature in C#
- Verify a signature in Java that is created by Windows Crypto API
- Signing and verifying signatures with RSA C#
- Verify DSA Signature generated by Java in C#
- Java and .NET interop on (RSA) signatures