N
nx
Good day. I have a problem again. I want to verify signature using this
code:
// there is Base64.decoded byte array in tmp (represents
certificate)
ASN1InputStream a = new ASN1InputStream(tmp);
DERObject obj = a.readObject();
ASN1Sequence seq = (ASN1Sequence)obj;
a.close();
X509CertificateStructure cert = new
X509CertificateStructure(seq);
// Getting the signature. It's correct
byte[] signature = cert.getSignature().getBytes();
// Getting pub key. It's correct too
SubjectPublicKeyInfo spki = cert.getSubjectPublicKeyInfo();
RSAPublicKeyStructure rsapub = new
RSAPublicKeyStructure((ASN1Sequence)spki.getPublicKey());
RSAKeyParameters pub = new RSAKeyParameters(false,
rsapub.getModulus(), rsapub.getPublicExponent());
// Getting "to be signed" structure
TBSCertificateStructure tbs = cert.getTBSCertificate();
// !!!!!
// Maybe TBS structure NOT correctly encoded??
byte[] obg = tbs.getEncoded();
RSAEngine engine = new RSAEngine();
MD5Digest digest = new MD5Digest();
PSSSigner signer = new PSSSigner(engine, digest, 0);
signer.init(false, pub);
signer.update(obg, 0, obg.length);
boolean istrue = signer.verifySignature(signature);
Signatures doesn't match. i've got istrue = FALSE as result... What's
wrong? Help please...
I also tried to sign TBS using the private key but signatures didn't
match anyway.
code:
// there is Base64.decoded byte array in tmp (represents
certificate)
ASN1InputStream a = new ASN1InputStream(tmp);
DERObject obj = a.readObject();
ASN1Sequence seq = (ASN1Sequence)obj;
a.close();
X509CertificateStructure cert = new
X509CertificateStructure(seq);
// Getting the signature. It's correct
byte[] signature = cert.getSignature().getBytes();
// Getting pub key. It's correct too
SubjectPublicKeyInfo spki = cert.getSubjectPublicKeyInfo();
RSAPublicKeyStructure rsapub = new
RSAPublicKeyStructure((ASN1Sequence)spki.getPublicKey());
RSAKeyParameters pub = new RSAKeyParameters(false,
rsapub.getModulus(), rsapub.getPublicExponent());
// Getting "to be signed" structure
TBSCertificateStructure tbs = cert.getTBSCertificate();
// !!!!!
// Maybe TBS structure NOT correctly encoded??
byte[] obg = tbs.getEncoded();
RSAEngine engine = new RSAEngine();
MD5Digest digest = new MD5Digest();
PSSSigner signer = new PSSSigner(engine, digest, 0);
signer.init(false, pub);
signer.update(obg, 0, obg.length);
boolean istrue = signer.verifySignature(signature);
Signatures doesn't match. i've got istrue = FALSE as result... What's
wrong? Help please...
I also tried to sign TBS using the private key but signatures didn't
match anyway.
