Using Java to verify signature created in Golang

Others 2022-04-21 21:07:21 views: 0
Miguel Reis :

I'm creating a signature in Go, for example:

//I'm reading a file with -----BEGIN RSA PRIVATE KEY-----
privateKeyPem := strings.Replace(privateKeyString, `\n`, "\n", -1) //file has '/n' instead of break lines for dev purposes
block, _ := pem.Decode([]byte(privateKeyPem))
key, _ := x509.ParsePKCS1PrivateKey(block.Bytes)
hashedString := sha256.Sum256([]byte(stringTosign))
signature, err = rsa.SignPKCS1v15(rand.Reader, key, crypto2.SHA256, hashedString[:])
signatureString := base64.StdEncoding.EncodeToString(signature)

Java program receives the variable signatureString and does:

byte[] keyBytes = Files.readAllBytes(Paths.get("./golangSignerPubKey.der"));
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey publicKey =  kf.generatePublic(spec);
Signature signature = Signature.getInstance("SHA256withRSA", "BC");
signature.initVerify(publicKey);
signature.update(stringUnsigned.getBytes());
boolean signatureIsValid = signature.verify(Base64.getDecoder().decode(signatureString.getBytes()));

But the signatureIsValid boolean is always false, am I doing something wrong?

Miguel Reis :

I was able to verify the signature. I'm posting here in case someone comes across this with the same question:

Signature creation in Go:

bytesToSign := []byte (stringToSign)
block, err8 := pem.Decode([]byte(privateKeyPem)) //-----BEGIN RSA PRIVATE KEY----
if err8 != nil {
    logger.Debugf("Error trying decode endorser private key")
}
key, _ := x509.ParsePKCS1PrivateKey(block.Bytes)
h := sha256.New()
h.Write(bytesToSign)
d := h.Sum(nil)
signature, err = rsa.SignPKCS1v15(rand.Reader, key, crypto.SHA256, d)
if err != nil {
    panic(err)
}
signatureString = base64.StdEncoding.EncodeToString(signature)

Signature verification in Java (receives signatureString): I have the public key in a .pub file and:

byte[] keyBytes = Files.readAllBytes(Paths.get("./public_key.pub"));
String temp = new String(keyBytes);
String publicKeyPEM = temp.replace("-----BEGIN PUBLIC KEY-----\n", "");
publicKeyPEM = publicKeyPEM.replace("\n-----END PUBLIC KEY-----", "");
BASE64Decoder b64= new BASE64Decoder();
byte[] decoded = b64.decodeBuffer(publicKeyPEM);
X509EncodedKeySpec spec = new X509EncodedKeySpec(decoded);
KeyFactory kf = KeyFactory.getInstance("RSA");
publicKey = kf.generatePublic(spec);
Signature signature = Signature.getInstance("SHA256withRSA", "BC");
signature.initVerify(publicKey);
signature.update(bytesToVerify); //bytesToVerify = bytesToSign in go
byte[] signatureDecoded = Base64.getDecoder().decode(signatureString);
boolean endorserSignatureIsValid = signature.verify(signatureDecoded);
//It is now valid

I was not able to use Base64.getDecoder() (java.lang.IllegalArgumentException: Illegal base64 character a) to decode the publicKeyPEM so I used BASE64Decoder. Not sure why.

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=83099&siteId=1
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com