Hello,
From my 2.0 .Net Framework App I need to sign a string with a X.509 certificate and the encryption algorithm for signing should be MD5/RSA. The resulting signature must be verified in a remote java app. Here's my methods to sign and verify the string:
Here's an example of the strings I'm trying to sign :"bimusermbim_0300400000000000001CLI00300BIMSMS8240710051013089996019779996019779311720101011T16:30:16+0200"
And the resulting base64 signature is : "F4kFnD6K1AaqlO/AJ+UJd+40EIg+DCmOr9BgASGFSevf5ocr7BaKsr9sS107KdFGN6V+DZur+7ZGaiIsEIOwLph3L28sy/6m+Va0g+zWdcTpg+FAkuFI8MCULuYHNA8qPC+qdwSMnYS9fjAgS1boSyGe4+1dopdPiizyxLbEnE4="
The remote java application is from another company, with which we need to exchange this signatures, and the java side the Encryption algorythm object is instantiated with the folowing Signature.getInstance("MD5withRSA"). And we both share the same X.509 certificate used in the signing mechanism.
I'm able to sign and verify with my previous methods on my 2.0 .Net environment , but when I pass the resulting signature to the Remote Java App it fails.
How can I achieve this interoperability? Is my SignMessage method signing the string correctly?
Any help would be appreciatted,
Luis Pedro Ferreira
From my 2.0 .Net Framework App I need to sign a string with a X.509 certificate and the encryption algorithm for signing should be MD5/RSA. The resulting signature must be verified in a remote java app. Here's my methods to sign and verify the string:
Code:
public byte[] SignMessage(string Message)
{
try {
//----
// Instantiate X509Certificate using file path
X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.CertificatePath);
//----
// Convert Message to byte array
byte[] data = Encoding.Unicode.GetBytes(Message);
//----
// Instantiate a RSA Algorithm object with Private Key
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PrivateKey;
//----
// Sign it
// New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.
byte[] signature = rsa.SignData(data, new MD5CryptoServiceProvider());
//---
// Encode the Signature
string Base64EncodededSignatureString = Convert.ToBase64String(signature, Base64FormattingOptions.None);
//----
// Return it as byte array
return Encoding.Unicode.GetBytes(Base64EncodededSignatureString);
} catch (Exception ex) {
throw ex;
}
}
public bool VerifyMessage(string Message, byte[] signature)
{
try {
System.Text.UnicodeEncoding enc = new System.Text.UnicodeEncoding();
//---
// Get String form the siganture
string strSignatureToVery = enc.GetString(signature);
//----
// 64Base Uncode the string signature
byte[] DecodededSignature = Convert.FromBase64String(strSignatureToVery);
//----
// Convert to byte array the orignal Message string
byte[] Data = Encoding.Unicode.GetBytes(Message);
//----
// Instantiate X509Certificate using file path
X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.CertificatePath);
//----
// Instantiate a RSA Algorithm object with Public Key
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PublicKey.Key;
//---
// Verify Signature
// New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.
return rsa.VerifyData(Data, new MD5CryptoServiceProvider(), DecodededSignature);
} catch (Exception ex) {
return false;
}
}Here's an example of the strings I'm trying to sign :"bimusermbim_0300400000000000001CLI00300BIMSMS8240710051013089996019779996019779311720101011T16:30:16+0200"
And the resulting base64 signature is : "F4kFnD6K1AaqlO/AJ+UJd+40EIg+DCmOr9BgASGFSevf5ocr7BaKsr9sS107KdFGN6V+DZur+7ZGaiIsEIOwLph3L28sy/6m+Va0g+zWdcTpg+FAkuFI8MCULuYHNA8qPC+qdwSMnYS9fjAgS1boSyGe4+1dopdPiizyxLbEnE4="
The remote java application is from another company, with which we need to exchange this signatures, and the java side the Encryption algorythm object is instantiated with the folowing Signature.getInstance("MD5withRSA"). And we both share the same X.509 certificate used in the signing mechanism.
I'm able to sign and verify with my previous methods on my 2.0 .Net environment , but when I pass the resulting signature to the Remote Java App it fails.
How can I achieve this interoperability? Is my SignMessage method signing the string correctly?
Any help would be appreciatted,
Luis Pedro Ferreira
Last edited by a moderator: