.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
 
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan

Home >> Forum >> .NET Framework >> Post New QuestionBookmark and Share Subscribe to Forum

MD5 with RSA Signing - Java DotNet interoperability

Posted By: Luis     Posted Date: October 22, 2010    Points:2   Category :.NET Framework
Hello,

From my 2.0 .Net Framework App I need to sign a string with a X.509 certificate and the encryption algorithm for signing should be MD5/RSA. The resulting signature must be verified in a remote java app. Here's my methods to sign and verify the string:


public byte[] SignMessage(string Message)
{


try {
//----
// Instantiate X509Certificate using file path
X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.CertificatePath);

//----
// Convert Message to byte array
byte[] data = Encoding.Unicode.GetBytes(Message);

//----
// Instantiate a RSA Algorithm object with Private Key
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PrivateKey;

//----
// Sign it
// New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.
byte[] signature = rsa.SignData(data, new MD5CryptoServiceProvider());

//---
// Encode the Signature
string Base64EncodededSignatureString = Convert.ToBase64String(signature, Base64FormattingOptions.None);

//----
// Return it as byte array
return Encoding.Unicode.GetBytes(Base64EncodededSignatureString);



} catch (Exception ex) {
throw ex;

}

}


public bool VerifyMessage(string Message, byte[] signature)
{


try {
System.Text.UnicodeEncoding enc = new System.Text.UnicodeEncoding();

//---
// Get String form the siganture
string strSignatureToVery = enc.GetString(signature);

//----
// 64Base Uncode the string signature
byte[] DecodededSignature = Convert.FromBase64String(strSignatureToVery);

//----
// Convert to byte array the orignal Message string
byte[] Data = Encoding.Unicode.GetBytes(Message);

//----
// Instantiate X509Certificate using file path
X509Certificates.X509Certificate2 x509 = new X509Certificates.X509Certificate2(My.Settings.CertificatePath);

//----
// Instantiate a RSA Algorithm object with Public Key
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PublicKey.Key;

//---
// Verify Signature
// New MD5CryptoServiceProvider -> Instantiate the hash Algorithm to create the hash value.
return rsa.VerifyData(Data, new MD5CryptoServiceProvider(), DecodededSignature);


} catch (Exception ex) {
return false;

}

}

Here's an example of the strings I'm trying to sign :"bimusermbim_0300400000000000001CLI00300BIMSMS8240710051013089996019779996019779311720101011T16:30:16+0200"

And the resulting base64 signature is : "F4kFnD6K1AaqlO/AJ+UJd+40EIg+DCmOr9BgASGFSevf5ocr7BaKsr9sS107KdFGN6V+DZur+7ZGaiIsEIOwLph3L28sy/6m+Va0g+zWdcTpg+FAkuFI8MCULuYHNA8qPC+qdwSMnYS9fjAgS1boSyGe4+1dopdPiizyxLbEnE4="

The remote java application is from another company, with which we need to exchange this signatures, and the java side the Encryption algorythm object is instantiated with the folowing Signature.getInstance("MD5withRSA"). And we both share the same X.509 certificate used in the signing mechanism.

I'm able to sign and verify with my previous methods on my 2.0 .Net environment , but when I pass the resulting signature to the Remote Java App it fails.

How can I achieve this interoperability? Is my SignMessage method signing the string correctly?

Any help would be appreciatted,

Luis Pedro Ferreira





Responses
Author: a_20             
Posted Date: October 16, 2012     Points: 20   

I am currently facing the same issue.
Have you found a solution for your problem? If so can you please share it :)
Thanks.



Post Reply

You must Sign In To post reply
 
 
Find more Forum Questions on C#, ASP.Net, Vb.Net, SQL Server and more Here
Quick Links For Forum Categories:
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  OOPs  SilverlightIISJQuery
JavaScript/VBScriptBiztalkWPFPatten/PracticesWCFOthers
www.DotNetSpark.comUnAnsweredAll

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend