Verifying digitally signed data from a .NET application in a Java Servlet

[Kerry Sanders]

I am working on a project that takes signed data from an application
that can be in either Java or .NET. The data signature is verified via
a Java servlet. Verification from Java to Java works every time, but
verifying the signed data from a .NET application either gives an error
of "Invalid encoding for signature" or it just fails verification.

I have tried RSA and DSA (both with SHA1) for testing. One item of
contention is importing an X.509 certificate that was created in
Windows with the Makecert utility into my .keystore using Keytool. At
first, I was thinking that the "Invalid encoding for signature" error
was due to the way that .NET saves its public key blobs using little
endian order. However, after exporting in ASN.1 (ASCII armor) format
and then importing with Keytool, I am not sure if that is the problem.

I was hoping to find others who have worked through this issue, but I
seem to be finding nothing but dead ends when I do see posts from
people who have asked about this in the past.

Is there anyone out there who has successfully created digital
signatures of data in a .NET application and then verified that
signature in Java with JCE? I can use all the help that I can get
right now. This has really stumped me.

 

[apadgett]

Verifying signed data from .Net application

Kerry,

I am having a similar issue, but may have a solution now. Did you get this problem solved?

It may be that the value must be digested twice using RSA1 in .Net in order for Java to verifying the signed info. We've had some success but are completing the testing now.