Wrox Programmer Forums
|
BOOK: Beginning Cryptography with Java
This is the forum to discuss the Wrox book Beginning Cryptography with Java by David Hook; ISBN: 9780764596339
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning Cryptography with Java section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old July 8th, 2008, 11:45 AM
Registered User
 
Join Date: Jul 2008
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Signature Validation Failure

I'm having a problem getting signature validation to work, and have
realized that even the example programs fail.

I have installed the provider and mail jars onto a JDK1.6.0_06
install and compiled the examples from the command line, and
chapter9/SignedMailExample produces the following output:

verification failed
Content: Hello world!

I'm developing under Eclipse but did the test above to eliminate
eclipse related issues.

Running the same program under the debugger I can see that the wrong
private key seems to be being returned by the path builder. In
SignedDataProcessor.isValid() after the call to Utils.buildPath I
can see that the result contains three certificates including the
anchor:

           SubjectDN: CN=Test End Certificate
           Public Key: RSA Public Key
            modulus: b343ffb44b7fa313da2820a79ba730b39fedaec168ecdcfed5 147b5641608a390f2a95004f636d16576257e2400ecfbbd03c 68215254b40e27842d4b1bab63e3d09501a7e8453cea268b08 64ef08c6e117ff99f8b3690bb51e8428c84dfa26233f6d4782 947b58408e910691a876d42b28acc9fe0479764f581b1c194f 08e299


            SubjectDN: CN=Test Intermediate Certificate
           Public Key: RSA Public Key
            modulus: 8ddcf0a8e16bd1391bab9a7f3f2c36b22b281b2f40747b25d5 be41ae67ff156b6faf3c770678594ff58372259f18f1015e20 59597092c755f17500941e8c3cfe32ec9c23bd9e075e42e050 84a90719a51292caf890e8b76f3d01af2922bb5d6328b87d4e 4ac0064337ec98b89599ba9a70dcb74779a65eaca5de6e0de6 6c01c1

            SubjectDN: CN=Test CA Certificate
           Public Key: RSA Public Key
            modulus: 98df9f0af99fe887925c40145e52abeb91f4984813bc606b84 0f6f8c3717337eaa7fc10df7393b5ad45a36e3a2006cf3bd24 9aa94e3dc7f0fa05c124a5f66136fb6f421ca44d3ca083578b 50bfb30bf5444cb6e51b63b631df8c28b73ce55a3556debb24 2775e7e6d338b4b292e50c2668246ec046376862ed21613f62 819215


BUT a call to result.getPublicKey() returns

RSA Public Key
            modulus: 8ddcf0a8e16bd1391bab9a7f3f2c36b22b281b2f40747b25d5 be41ae67ff156b6faf3c770678594ff58372259f18f1015e20 59597092c755f17500941e8c3cfe32ec9c23bd9e075e42e050 84a90719a51292caf890e8b76f3d01af2922bb5d6328b87d4e 4ac0064337ec98b89599ba9a70dcb74779a65eaca5de6e0de6 6c01c1
    public exponent: 10001

This is, as you can see, the public key from the intermediate cert.

I cannot step into the code in the debugger because it goes through
the provider API, but I am assuming that if the cert list includes
the correct end entity certificate that the selector is correct, is
that fair?

Either way, I can't see why the wrong key results.

Any clues would be most appreciated.

Thanks,
Bruce.




 
Old July 8th, 2008, 11:52 AM
Registered User
 
Join Date: Jul 2008
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I have just found this:

http://www.bouncycastle.org/devmaila.../msg09238.html

Please disregard.
Bruce.






Similar Threads
Thread Thread Starter Forum Replies Last Post
Hi, how can i attach signature? puzobok Forum and Wrox.com Feedback 1 September 12th, 2008 10:51 AM
Hi! signature question... benderkoz Forum and Wrox.com Feedback 2 August 19th, 2008 07:58 PM
how to implement the digital signature kotaiah J2EE 0 May 11th, 2007 05:06 AM
Show image on signature kherrerab BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 2 February 8th, 2007 11:31 AM
Data Signature? kiw J2EE 0 December 1st, 2004 02:55 AM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.