Signing String with SHA1withRSA Signature.
Hi,
I have some technical problems with the Signature class.
I need to sign a String using SHA1, the problem I have is that I already have a RSA private key. I tried to use the Signature class using the SHA1withRSA provider but for the moment I don't know how to use my private key I already have; I review the API documentation but I'm not sure which objects I need to use.
I appreciate any help.
Note: The private key is String stored in a DB.
Thanks.
Regards,
Lares
[520 byte] By [
Laresa] at [2007-11-26 13:47:03]
# 2
This is the code I'm testing just to see what I need to sign a String. This implementation has the objective to create a class in order to sign emails with DomainKeys. We don't want to use the library from yahoo to avoid issues with the OS the program will run.
I didn't put all the code I use to extract the private key from the DB and other stuff.
private static String signDocument(final String messageToSign) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException,
SignatureException {
String signedMessage;
String privateKeyDB = "The private key obtained from the DataBase";
Signature dmSignature = Signature.getInstance("SHA1withRSA");
KeyFactory kf = KeyFactory.getInstance("RSA");
PrivateKey privateKey = kf.generatePrivate(newPKCS8EncodedKeySpec(privateKeyDB.getBytes()));
dmSignature.initSign(privateKey);
dmSignature.update(messageToSign.getBytes());
signedMessage = new String(Base64.encode(dmSignature.sign()));
return signedMessage;
}
Thanks for the help.
Regards,
Lares
# 4
Yes, I agree with you. The code I put it's "dummy". Maybe a better example would be like this.
private static String signDocument(final String messageToSign) throws NoSuchAlgorithmException,
InvalidKeySpecException,
InvalidKeyException,
SignatureException {
String signedMessage = "";
// This private key it's stored in the DB, and it's in a BASE64 encoding
String privateKeyDB = "MIIBygIBAAJhAMawUze5rLX+U7OtQlOJK+N5EJhFNvTTb/yKC7pVJknEG3vX8DfL"
+ "LrX59IxTzSsWm+NTjlkMVVUQuam3DumEJ9wpOUX9Vdwnn1EIOmV9XhmvuheGE6kh"
+ "BvRcdauCKNhAZwIDAQABAmAip8isFJe6WrTwxwylk2xzTb+GP7RZObPzwYRQKN/3"
+ "x9vfWwfMQ4VPOlzcSRWlKVkSKuRyYmKXv6g6U3cA7KT68th1Q2EC8t9o8U5W0qmo"
+ "oRfmOmnfVkx2IOlLscRizqkCMQD+cZ22Ddc8xCRiqECNwRlDh1oN6vVkEOeFyU8J"
+ "VjPlsOzWPUfM1J0Y8uMKhEQ4mw0CMQDH52m+dFY6d/xRhfa6dPeJycVq0rN1Yaqy"
+ "ZLda90uh9iU3YO+nWjDrNw/fNE/LXEMCMHP3+Le3SziI9UR6ByIUtp0Onb7mLf3z"
+ "rnJNtFY/EdxIbUmgGI+FAC0U1uI+MpHSKQIwDKrsd4Y1xKS/14auuOgam5+uo/NQ"
+ "LfsPbxiUye3r3AqWFylMZoV/nhgyKEnPWKqzAjEA10IZ15EcyESRM3ROKnDnem5i"
+ "YkhrIRDYp2x131TWx1bc6em/rymoXn6HLTVPmgqA";
Signature dmSignature = Signature.getInstance("SHA1withRSA");
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decode(privateKeyDB));
RSAPrivateKey privateKey = (RSAPrivateKey)KeyFactory.getInstance("RSA").generatePrivate(keySpec);
dmSignature.initSign(privateKey);
dmSignature.update(messageToSign.getBytes());
signedMessage = new String(Base64.encodeBytes(dmSignature.sign()));
return signedMessage;
}
With this code I'm getting: java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
For the moment I really don't know how to use the private key to create the RSAPrivateKey object in order to create the BASE64 string that I need to put in the DomainKey's header.
I really appreciate your help, thank you very much.
Regards,
Lares
Mensaje editado por:
Lares
# 8
I found the problem and it seems I have some problems with the private key, apparently I need to convert the private key to PKCS8 before java will be able to read it.
This solution it's in this post:
http://forum.java.sun.com/thread.jspa?threadID=776346&tstart=180
It create a pair of keys with the openssl command that this post has and everything works fine.
Regards,
Lares
