Hi,
I have to send a Certificate Signing Request (CSR) to an Certificate Authority(CA).
To confirm it's me sending it they ask for an "fingerprint" by postal mail, so they can compare it with the fingerprint they generate from the CSR.
The fingerprint I get from my generated X509-Certificate seems not to be the correct one.
As stated in their specifications:
To calculate the fingerprint from a PCS10 we
use exclusievely the public key
However the 1024-bits RSA public key contains 128 bytes, the MD5 fingerprint is calculated from the
ASN.1 blob which contains 140 bytes.
I tried to read the keytool generated CSR file back and digest it as is(see code) but the outcome wasn't right.
I have the fingerprint result they want from me , so I can compare it for correctness.
How can I read a PKSC10 back into some kind of certificate to get the 140 bytes of ASN.1 blob, like they do?
Thanks,
Tricae
BTW they use a C++ program
public static void main(String[] args) throws Exception{
FileInputStream fis = new FileInputStream( "Encryptie.req" );
DataInputStream dis = new DataInputStream(fis);
byte[] bytes = new byte[dis.available()];
dis.readFully(bytes);
MessageDigest messagedigest = MessageDigest.getInstance("MD5");
byte abyte1[] = messagedigest.digest(abyte0);
System.out.println("digest"+new String( abyte1 ));
return toHexString(abyte1);
}
private static String toHexString(byte abyte0[])
{
StringBuffer stringbuffer = new StringBuffer();
int i = abyte0.length;
for(int j = 0; j < i; j++)
{
byte2hex(abyte0[j], stringbuffer);
if(j < i - 1)
stringbuffer.append(":");
}
return stringbuffer.toString();
}
private static void byte2hex(byte byte0, StringBuffer stringbuffer){
char ac[] = {
'0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
'A', 'B', 'C', 'D', 'E', 'F'
};
int i = (byte0 & 0xf0) >> 4;
int j = byte0 & 0xf;
stringbuffer.append(ac);
stringbuffer.append(ac[j]);
}