none
MD5 with RSA Signing - Java DotNet interoperability

    Question

  • Hello,

    From my 2.0 .Net Framework App I need to sign a string with a X.509 certificate and the encryption algorithm for signing should be MD5/RSA. The resulting signature must be verified in a remote java app. Here's my methods to sign and verify the string:


    public byte[] SignMessage(string Message)
    {


     try {
      //----
      // Instantiate X509Certificate using file path
      X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.CertificatePath);

      //----
      // Convert Message to byte array
      byte[] data = Encoding.Unicode.GetBytes(Message);

      //----
      // Instantiate a RSA Algorithm object with Private Key
      RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PrivateKey;

      //----
      // Sign it
      // New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.
      byte[] signature = rsa.SignData(data, new MD5CryptoServiceProvider());

      //---
      // Encode the Signature
      string Base64EncodededSignatureString = Convert.ToBase64String(signature, Base64FormattingOptions.None);

      //----
      // Return it as byte array
      return Encoding.Unicode.GetBytes(Base64EncodededSignatureString);

     

     } catch (Exception ex) {
      throw ex;

     }

    }


    public bool VerifyMessage(string Message, byte[] signature)
    {


     try {
      System.Text.UnicodeEncoding enc = new System.Text.UnicodeEncoding();

      //---
      // Get String form the siganture
      string strSignatureToVery = enc.GetString(signature);

      //----
      // 64Base Uncode the string signature
      byte[] DecodededSignature = Convert.FromBase64String(strSignatureToVery);

      //----
      // Convert to byte array the orignal Message string
      byte[] Data = Encoding.Unicode.GetBytes(Message);

      //----
      // Instantiate X509Certificate using file path
      X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.CertificatePath);

      //----
      // Instantiate a RSA Algorithm object with Public Key
      RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PublicKey.Key;

      //---
      // Verify Signature
      // New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.
      return rsa.VerifyData(Data, new MD5CryptoServiceProvider(), DecodededSignature);


     } catch (Exception ex) {
      return false;

     }

    }

    Here's an example of the strings I'm trying to sign :"bimusermbim_0300400000000000001CLI00300BIMSMS8240710051013089996019779996019779311720101011T16:30:16+0200"

    And the resulting base64 signature is : "F4kFnD6K1AaqlO/AJ+UJd+40EIg+DCmOr9BgASGFSevf5ocr7BaKsr9sS107KdFGN6V+DZur+7ZGaiIsEIOwLph3L28sy/6m+Va0g+zWdcTpg+FAkuFI8MCULuYHNA8qPC+qdwSMnYS9fjAgS1boSyGe4+1dopdPiizyxLbEnE4="

    The remote java application is from another company, with which we need to exchange this signatures,  and the java side the Encryption algorythm object is instantiated with the folowing Signature.getInstance("MD5withRSA"). And we both share the same X.509 certificate used in the signing mechanism.

    I'm able to sign and verify with my previous methods on my 2.0 .Net environment , but when I pass the resulting signature to the Remote Java App it fails.

    How can I achieve this interoperability?  Is my SignMessage method signing the string correctly?

    Any help would be appreciatted,

    Luis Pedro Ferreira

     

    • Moved by SamAgain Tuesday, October 26, 2010 12:55 AM not bcl question (From:.NET Base Class Library)
    Friday, October 22, 2010 8:40 AM

Answers