rdk
Reputation: 13
How can I verify signature for open PGP using BouncyCastle
How can I verify signature for open PGP using BouncyCastle?
- I am using C#
- I have pulic key http://itransact.com/support/toolkit/html-connection/pgp.php
- I am using BouncyCastle as open pgp library
- I have signature that I recieve in query string.
- According to instruction (http://itransact.com/downloads/PCFullDocument-4.4.pdf p.145) algorithm is RSA.
I checked a lot of resource but no success. As I understood I need to pass public key and signature to some Verify method.
It is also not clear if I have to convert given public key in string format to some appropriate public key object. If I have to what is the type? I have tried to convert it to RsaKeyParameters but got error message about inappropriate block on public key.
At the moment I have the following code
private bool VerifyWithPublicKey(string data, byte[] sig)
{
RSACryptoServiceProvider rsa;
using (var keyreader = new StringReader(publicKey))
{
var pemReader = new PemReader(keyreader);
var y = (RsaKeyParameters)pemReader.ReadObject();
rsa = (RSACryptoServiceProvider)RSA.Create();
var rsaParameters = new RSAParameters();
rsaParameters.Modulus = y.Modulus.ToByteArray();
rsaParameters.Exponent = y.Exponent.ToByteArray();
rsa.ImportParameters(rsaParameters);
// compute sha1 hash of the data
var sha = new SHA1CryptoServiceProvider();
byte[] hash = sha.ComputeHash(Encoding.ASCII.GetBytes(data));
// This always returns false
return rsa.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA1"), sig);
}
Upvotes: 1
Views: 2330
Answers (1)
Riddik
Reputation: 2963
Using RSA is not your case. You need
- Define public key
- Convert public ket into PgPPublicKey
- Get PgpSignature object
- Verify signature
To verify signature you will need original data that was signed.
public class iTransactVerifier
{
private const string PublicKey = @"-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 4.5
mQCNAjZu
-----END PGP PUBLIC KEY BLOCK-----";
public static bool Verify(string signature, string data)
{
var inputStream = ConvertStringToStream(signature);
PgpPublicKey publicKey = ReadPublicKeyFromString();
var stream = PgpUtilities.GetDecoderStream(inputStream);
PgpObjectFactory pgpFact = new PgpObjectFactory(stream);
PgpSignatureList sList = pgpFact.NextPgpObject() as PgpSignatureList;
if (sList == null)
{
throw new InvalidOperationException("PgpObjectFactory could not create signature list");
}
PgpSignature firstSig = sList[0];
firstSig.InitVerify(publicKey);
firstSig.Update(Encoding.UTF8.GetBytes(data));
var verified = firstSig.Verify();
return verified;
}
....
private static PgpPublicKey ReadPublicKeyFromString()
{
var varstream = ConvertStringToStream(PublicKey);
var stream = PgpUtilities.GetDecoderStream(varstream);
PgpObjectFactory pgpFact = new PgpObjectFactory(stream);
var keyRing = (PgpPublicKeyRing)pgpFact.NextPgpObject();
return keyRing.GetPublicKey();
}
}
Upvotes: 3
Related Questions
- How to verify this PGP message in C# using Bouncy Castle or other c# library
- Bouncycastle PGP decrypt and verify
- BouncyCastle - To verify the signature
- How to verify PGP detached signature using Bouncycastle
- How to verify a PGP-signed text with BouncyCastle in Java without a public-key
- How to sign public PGP key with Bouncy Castle in C#
- How to sign a txt file with a PGP key in C# using Bouncy Castle library
- How to decrypt pgp file with bouncycastle using c# using the public key
- Verify a PgP Encrypted and Signed file with BouncyCastle
- PGP Encryption with BouncyCastle C# causes invalid key warning on signature verification