Wrox Programmer Forums
Go Back   Wrox Programmer Forums > .NET > Other .NET > General .NET
| Search | Today's Posts | Mark Forums Read
General .NET For general discussion of MICROSOFT .NET topics that don't fall within any of the other .NET forum subcategories or .NET language forums.  If your question is specific to a language (C# or Visual Basic) or type of application (Windows Forms or ASP.Net) try an applicable forum category. ** PLEASE BE SPECIFIC WITH YOUR QUESTION ** When posting here, provide details regarding the Microsoft .NET language you are using and/or what type of application (Windows/Web Forms, etc) you are working in, if applicable to the question. This will help others answer the question without having to ask.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the General .NET section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old October 22nd, 2010, 10:38 AM
Registered User
 
Join Date: Oct 2010
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default MD5 with RSA Signing - Java DotNet interoperability

Hello,

From my 2.0 .Net Framework App I need to sign a string with a X.509 certificate and the encryption algorithm for signing should be MD5/RSA. The resulting signature must be verified in a remote java app. Here's my methods to sign and verify the string:


public byte[] SignMessage(string Message)
{


try {
//----
// Instantiate X509Certificate using file path
X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.Cert ificatePath);

//----
// Convert Message to byte array
byte[] data = Encoding.Unicode.GetBytes(Message);

//----
// Instantiate a RSA Algorithm object with Private Key
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PrivateKey;

//----
// Sign it
// New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.
byte[] signature = rsa.SignData(data, new MD5CryptoServiceProvider());

//---
// Encode the Signature
string Base64EncodededSignatureString = Convert.ToBase64String(signature, Base64FormattingOptions.None);

//----
// Return it as byte array
return Encoding.Unicode.GetBytes(Base64EncodededSignature String);



} catch (Exception ex) {
throw ex;

}

}


public bool VerifyMessage(string Message, byte[] signature)
{


try {
System.Text.UnicodeEncoding enc = new System.Text.UnicodeEncoding();

//---
// Get String form the siganture
string strSignatureToVery = enc.GetString(signature);

//----
// 64Base Uncode the string signature
byte[] DecodededSignature = Convert.FromBase64String(strSignatureToVery);

//----
// Convert to byte array the orignal Message string
byte[] Data = Encoding.Unicode.GetBytes(Message);

//----
// Instantiate X509Certificate using file path
X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.Cert ificatePath);

//----
// Instantiate a RSA Algorithm object with Public Key
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PublicKey.Key;

//---
// Verify Signature
// New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.
return rsa.VerifyData(Data, new MD5CryptoServiceProvider(), DecodededSignature);


} catch (Exception ex) {
return false;

}

}

Here's an example of the strings I'm trying to sign :"bimusermbim_0300400000000000001CLI00300BIMSMS824 0710051013089996019779996019779311720101011T16:30: 16+0200"

And the resulting base64 signature is : "F4kFnD6K1AaqlO/AJ+UJd+40EIg+DCmOr9BgASGFSevf5ocr7BaKsr9sS107KdFGN 6V+DZur+7ZGaiIsEIOwLph3L28sy/6m+Va0g+zWdcTpg+FAkuFI8MCULuYHNA8qPC+qdwSMnYS9fjAg S1boSyGe4+1dopdPiizyxLbEnE4="

The remote java application is from another company, with which we need to exchange this signatures, and the java side the Encryption algorythm object is instantiated with the folowing Signature.getInstance("MD5withRSA"). And we both share the same X.509 certificate used in the signing mechanism.

I'm able to sign and verify with my previous methods on my 2.0 .Net environment , but when I pass the resulting signature to the Remote Java App it fails.

How can I achieve this interoperability? Is my SignMessage method signing the string correctly?

Any help would be appreciatted,

Luis Pedro Ferreira




Similar Threads
Thread Thread Starter Forum Replies Last Post
Using Java To Implement RSA Algorithm Floetic Java Basics 2 March 24th, 2008 12:07 PM
Article on Java and PHP interoperability ypomonh J2EE 0 August 2nd, 2007 05:28 PM
Java Web Service to be consumed in DotNet mohitjaitly .NET Web Services 0 December 21st, 2006 08:48 AM
COM Interoperability BrianWren Pro VB.NET 2002/2003 1 January 27th, 2005 05:47 AM
Accessing Java Servlet thru DotNet r_ganesh76 General .NET 0 June 23rd, 2004 11:45 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.