MD5 with RSA Signing - Java DotNet interoperability

[lupefe]

Hello,

 

From my 2.0 .Net Framework App I need to sign a string with a X.509 certificate and the encryption algorithm for signing should be MD5/RSA. The resulting signature must be verified in a remote java app. Here's my methods to sign and verify the string:

 

public byte[] SignMessage(string Message)

{





 try {

  //----

  // Instantiate X509Certificate using file path

  X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.CertificatePath);



  //----

  // Convert Message to byte array

  byte[] data = Encoding.Unicode.GetBytes(Message);



  //----

  // Instantiate a RSA Algorithm object with Private Key

  RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PrivateKey;



  //----

  // Sign it

  // New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.

  byte[] signature = rsa.SignData(data, new MD5CryptoServiceProvider());



  //---

  // Encode the Signature

  string Base64EncodededSignatureString = Convert.ToBase64String(signature, Base64FormattingOptions.None);



  //----

  // Return it as byte array

  return Encoding.Unicode.GetBytes(Base64EncodededSignatureString);



 



 } catch (Exception ex) {

  throw ex;



 }



}





public bool VerifyMessage(string Message, byte[] signature)

{





 try {

  System.Text.UnicodeEncoding enc = new System.Text.UnicodeEncoding();



  //---

  // Get String form the siganture

  string strSignatureToVery = enc.GetString(signature);



  //----

  // 64Base Uncode the string signature

  byte[] DecodededSignature = Convert.FromBase64String(strSignatureToVery);



  //----

  // Convert to byte array the orignal Message string

  byte[] Data = Encoding.Unicode.GetBytes(Message);



  //----

  // Instantiate X509Certificate using file path

  X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.CertificatePath);



  //----

  // Instantiate a RSA Algorithm object with Public Key

  RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PublicKey.Key;



  //---

  // Verify Signature

  // New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.

  return rsa.VerifyData(Data, new MD5CryptoServiceProvider(), DecodededSignature);





 } catch (Exception ex) {

  return false;



 }



}[/Code]

 

Here's an example of the strings I'm trying to sign :"bimusermbim_0300400000000000001CLI00300BIMSMS8240710051013089996019779996019779311720101011T16:30:16+0200"

 

And the resulting base64 signature is : "F4kFnD6K1AaqlO/AJ+UJd+40EIg+DCmOr9BgASGFSevf5ocr7BaKsr9sS107KdFGN6V+DZur+7ZGaiIsEIOwLph3L28sy/6m+Va0g+zWdcTpg+FAkuFI8MCULuYHNA8qPC+qdwSMnYS9fjAgS1boSyGe4+1dopdPiizyxLbEnE4="

 

The remote java application is from another company, with which we need to exchange this signatures, and the java side the Encryption algorythm object is instantiated with the folowing Signature.getInstance("MD5withRSA"). And we both share the same X.509 certificate used in the signing mechanism.

 

I'm able to sign and verify with my previous methods on my 2.0 .Net environment , but when I pass the resulting signature to the Remote Java App it fails.

 

How can I achieve this interoperability? Is my SignMessage method signing the string correctly?

 

Any help would be appreciatted,

 

Luis Pedro Ferreira

Edited October 22, 2010 by snarfblam