Problem with signature verification using C#

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Problem with signature verification using C#

Vamshi Nadella
Hi,
I couldn't verify the signature using the following code in C#.NET.
I am also including the Java code that was used to sign it .
Can someone offer some insight into why this code wouldn't work as intended?

thanks
Vamshi


string signedToken = @"YeCw6PCj9dDg0QiAfRBxWkiBYp8nob6uHAHWjhnUAVGoi74RbouwNDssV1m5tepJDBjPsqix
ubzV
uux2ZwOintuYtSxs0g1L7OgAcufEzkYMotw69Vq9+OBXkbgRKmB1dY1zxVev4wbuDkLFg9G2
+RG2
f97fv9FN+hCia79Jv8o=";

string encryptedToken = @"Y8EcILBwCvOeaNVe4GKsu/HmpKzO43hn1kbTiKmLz56kJlH1lw1+VKuzyBklt0Qt8ALDZVyW
qem7
I7VgZyAqrURE4UQ3INDkzlNhEiPRd/MylKWyuu18gaIrbrBz6PK4xWvNB9vwPSuqXOkntl6X
9hR5
HZ63lTazI+aPYWY4yDI=";

/* Bouncy castle signature */

Org.BouncyCastle.X509.X509Certificate exelonCert = null;
Org.BouncyCastle.X509.X509CertificateParser certParser = new Org.BouncyCastle.X509.X509CertificateParser();

using (Stream stream = new FileStream(@"C:\Users\vk\Downloads\bccrypto-net-1.6.1-bin\idp-dev-cert.der", FileMode.Open))
{
exelonCert = certParser.ReadCertificate(stream);
}

//byte[] message = System.Text.Encoding.ASCII.GetBytes(encryptedToken);
byte[] message = Convert.FromBase64String(encryptedToken);
byte[] signature = Convert.FromBase64String(signedToken);

ISigner sig = Org.BouncyCastle.Security.SignerUtilities.GetSigner("MD5withRSA");
sig.Init(false, exelonCert.GetPublicKey());
sig.BlockUpdate(message, 0, message.Length);
bool verify = sig.VerifySignature(signature);
/*************************************************************************************************************/
JAVA Code
/*************************************************************************************************************/

public static String signToken(PrivateKey privateKey, String token,

                  String signatureAlgorithm, String signatureProvider)

                  throws SigningException {

 

            String signedEncodedToken = null;

 

            try {

                  Signature sig = Signature.getInstance(signatureAlgorithm,

                              signatureProvider);

                  sig.initSign(privateKey);

                  sig.update(token.getBytes());

 

                  byte[] byteAfterSign = sig.sign();

 

                  // Base64 encode the result

                  signedEncodedToken = new String(new BASE64Encoder()

                              .encode(byteAfterSign));

 

            } catch (NoSuchAlgorithmException e) {

                  throw new SigningException(e);

            } catch (NoSuchProviderException e) {

                  throw new SigningException(e);

            } catch (InvalidKeyException e) {

                  throw new SigningException(e);

            } catch (SignatureException e) {

                  throw new SigningException(e);

            }

 

            return signedEncodedToken;

      }


Reply | Threaded
Open this post in threaded view
|

Re: Problem with signature verification using C#

Hawkerm
I'm also trying to do something similar to the original poster (though with
the generation vs. the verification at this point) and interop between Java
and C#.  The Java code is using *SHA1withDSA*.  The Java code is working,
and I'm now trying to validate my C# code:

   var signer =
Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA1withDSA"); //new
DsaDigestSigner(new DsaSigner(), new Sha1Digest());
   signer.Init(true, privateKey); // type:DSAPrivateKeyParameters
   signer.BlockUpdate(bytes, 0, bytes.Length);
   byte[] signature = signer.GenerateSignature();

But I'm not sure it's working properly to generate a valid signature, as the
server is rejecting my message.  This seems to be the main piece of code
that generates a different result compared to the Java, but there's a random
element to it.

Is there a way I can copy the time/random element seeds for testing from
inspecting my Java environment to ensure that I can setup the C# generation
to mimic the same result?  Otherwise, I'm not sure what else could be wrong.
Here's the code from the Java implementation I'm trying to mimic:

   Signature signer = Signature.getInstance("SHA1withDSA");
   signer.initSign(privateKey); // type:DSAPrivateKey
   signer.update(bytes);
   byte[] signature = signer.sign();

Thanks,
Michael




--
Sent from: http://bouncy-castle.1462172.n4.nabble.com/Bouncy-Castle-Dev-f1462173.html