Verify a signature (using Bouncycastle) that has been made with OpenSSL
hi!
i got a problem with the signature...
first a signature is created with php (OpenSSL)
then it磗 send to a java application...
i got the problem that i can磘 decrypt the encrypted signature right
(but i know that iam using the right key)...
here is the php code:
$fp = fopen("sec\\key.pem","r");
$priv_key = fread($fp, 8192);
fclose($fp);
$pkeyid = openssl_get_privatekey($priv_key,"test");
$msg ="2005-06-10T11:43:14.0Z181010";
openssl_sign($msg , $signature, $pkeyid);
and now the java code:
Security.addProvider(new BouncyCastleProvider());
Cipher encrypt = Cipher.getInstance("RSA/NONE/PKCS1PADDING","BC");
encrypt.init(Cipher.DECRYPT_MODE, cert);
encrypt.update(signature);
byte[] signdecr = encrypt.doFinal();
iam getting 35 byte instead of 20 (SHA1 hashing)
i hope someone can tell me what iam doing wrong
iam thankfull for everyone that wants to help
have a nice day
Extol
[1246 byte] By [
extola] at [2007-10-1 16:02:28]
The code you used is proper for decryption but not to verify a signature; you might consider using the code below instead:
Security.addProvider(new BouncyCastleProvider());
// look at http://de2.php.net/manual/en/function.openssl-sign.php to see what alg u used for signing
Signature sig= Signature.getInstance("SHA1withRSA","BC");
sig.initVerify(cert);
sig.verify(signature);
If your aim was decryption/encryption you might consider using http://de2.php.net/manual/en/function.openssl-private-decrypt.php
instead of openssl_sign on your php script part.
Thanks alot...
it works now just the way it should...
can someone tell me where to find a documentation on how to create such a signature?
that would be awesome... (especially the way to create a signature like the openssl_sign function does)...
i heard about two signature standards PKCS and ANSI X9.31...
i hope someone can give me some information about that
Hi extol, I need some help with something like your problem, hope you can help me.
I'm doing the oposite, I'm generating a signature in Java with this code:
Signature dsa = Signature.getInstance("SHA1withDSA", "SUN");
dsa.initSign(priv);
String cadena="string to sign";
byte[] a = cadena.getBytes();
dsa.update(a);
byte[] realSig = dsa.sign();
Then I'm saving the signature to a file
FileOutputStream sigfos = new FileOutputStream("inventic.sig");
sigfos.write(realSig);
sigfos.close();
Now, I wanto to verify the signature in PHP using openSSL.
I've converted my certificate generated by keytool to PEM
I have this code:
//I get the public key
$fp = fopen("inventic.pem", "r");
$cert = fread($fp, 8192);
fclose($fp);
$pubkeyid = openssl_get_publickey($cert);
//I get the signature
$fp = fopen("inventic.sig", "r");
$signature = fread($fp, filsesize("inventic.sig"));
fclose($fp);
//I verify the signature
$data = 'string to verify';
$ok = openssl_verify($data, $signature, $pubkeyid);
if ($ok == 1) {
echo "
good";
} elseif ($ok == 0) {
echo "
bad";
} else {
echo "
ugly, error checking signature:
";
}
I always get -1 on verify, do you know what I'm doing wrong? or I'm trying to compare oranges with apples?
Thank you!and
and
Banzinho
