java - Verifying RSA SHA256 signature fails getting private key from certificate -
i'm trying verify data string , rsa-sha256 signature received webservice , i'm stuck loading private/public key certificate.
i have following code retrieve info cer file, think in der format because it's not in typical base64 encoded:
inputstream in = new fileinputstream(path1); certificatefactory factory = certificatefactory.getinstance("x.509"); x509certificate cert = (x509certificate) factory.generatecertificate(in); system.out.println(cert.tostring()); it outputs whole info of certificate:
version: v3 subject: emailaddress=... ... algorithm: [sha256withrsa] ... but if try load , retrieve private key following code:
keyfactory kf = keyfactory.getinstance("rsa"); x509encodedkeyspec bobpubkeyspec = new x509encodedkeyspec(encodedkey); keyfactory keyfactory = keyfactory.getinstance("rsa"); publickey bobpubkey = keyfactory.generatepublic(bobpubkeyspec); signature sig = signature.getinstance("sha256withrsa"); sig.initverify(bobpubkey); sig.update(data_received); sig.verify(signature_received); i following exception
java.security.spec.invalidkeyspecexception: java.security.invalidkeyexception: invalid key format in keyfactory.generatepublic method. same result if change generateprivate.
thanks james, following advise made following:
inputstream in = new fileinputstream(system.getproperty("user.dir") + "\\" + certificatename); certificatefactory factory = certificatefactory.getinstance("x.509"); x509certificate cert = (x509certificate) factory.generatecertificate(in); publickey pubkey = cert.getpublickey(); signature sig = signature.getinstance("sha256withrsa"); sig.initverify(pubkey); sig.update(xmlcontent); return sig.verify(headersignature);
Comments
Post a Comment