Verifying certificate signature using Bouncycastle (J2ME)

Discussion in 'Java' started by nx, May 3, 2006.

  1. nx

    nx Guest

    Good day. I have a problem again. I want to verify signature using this
    code:

    // there is Base64.decoded byte array in tmp (represents
    certificate)
    ASN1InputStream a = new ASN1InputStream(tmp);
    DERObject obj = a.readObject();
    ASN1Sequence seq = (ASN1Sequence)obj;
    a.close();

    X509CertificateStructure cert = new
    X509CertificateStructure(seq);

    // Getting the signature. It's correct
    byte[] signature = cert.getSignature().getBytes();

    // Getting pub key. It's correct too
    SubjectPublicKeyInfo spki = cert.getSubjectPublicKeyInfo();
    RSAPublicKeyStructure rsapub = new
    RSAPublicKeyStructure((ASN1Sequence)spki.getPublicKey());
    RSAKeyParameters pub = new RSAKeyParameters(false,
    rsapub.getModulus(), rsapub.getPublicExponent());

    // Getting "to be signed" structure
    TBSCertificateStructure tbs = cert.getTBSCertificate();

    // !!!!!
    // Maybe TBS structure NOT correctly encoded??
    byte[] obg = tbs.getEncoded();

    RSAEngine engine = new RSAEngine();
    MD5Digest digest = new MD5Digest();

    PSSSigner signer = new PSSSigner(engine, digest, 0);
    signer.init(false, pub);

    signer.update(obg, 0, obg.length);
    boolean istrue = signer.verifySignature(signature);

    Signatures doesn't match. i've got istrue = FALSE as result... What's
    wrong? Help please...
    I also tried to sign TBS using the private key but signatures didn't
    match anyway.
     
    nx, May 3, 2006
    #1
    1. Advertising

  2. nx

    nx Guest

    Nobody knows? :'(
    Please help! :)
     
    nx, May 3, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. JJBW
    Replies:
    1
    Views:
    10,531
    Joerg Jooss
    Apr 24, 2004
  2. Sebastian Berger

    EclipseME and BouncyCastle: Configuration

    Sebastian Berger, Apr 17, 2006, in forum: Java
    Replies:
    1
    Views:
    732
    michen
    Apr 27, 2006
  3. Gustavo Narea
    Replies:
    14
    Views:
    890
    Gustavo Narea
    Feb 16, 2009
  4. Peter Ritchie [C# MVP]

    Verifying X509Certificate signature

    Peter Ritchie [C# MVP], Jul 31, 2008, in forum: ASP .Net Security
    Replies:
    8
    Views:
    1,820
    Peter Ritchie [C# MVP]
    Aug 5, 2008
  5. Helena Cai
    Replies:
    0
    Views:
    441
    Helena Cai
    Aug 29, 2004
Loading...

Share This Page