Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Signature failed to verify

843811May 22 2007 — edited May 23 2007
Hi there,

I'm having a problem verify a signature using my public key. I get the following error when I run call the method verifies from Signature object:

Verifies = false

My code below any help is much appreciated:

public static void main(String[] args) throws Exception {
	
		FileInputStream fis = new FileInputStream("C:\\test.txt");
		String strTXT = doLookup("123._cisco.com");
		String strPublicKey = strTXT.replaceAll("(?s)^.*p\\=([^;]*);?.*\"$", "$1").replaceAll("(?s)\\s","");
		System.out.println("strTxt: " + strTXT);
		System.out.println("strPublicKey is: " + strPublicKey);
		byte [] publicKey = Base64.decode(strPublicKey);
		byte [] signature = Base64.decode("dXj0ycQM1ekdhlfO0GfhSXZQsfG0S7jrTv6s0aCFLQLduPW4CwC8UNYnHN6fE5pZU3MPpiYYmmJabR7yg3MQb7AM5HQzm0q+HrJFX86V/SB9Zuhkl37DJegPK8TPMZ0Bsynrp=");
		
		
		KeyFactory keyFactory = KeyFactory.getInstance("RSA");
		X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKey);
		PublicKey specPublicKey = keyFactory.generatePublic(publicKeySpec);
		
		System.out.println("public key is: " + specPublicKey.getFormat());
		System.out.println("pub key algorithm is: " + specPublicKey.getAlgorithm());
		
		//Need to create a Signature object that uses the same signature algorithm to generate
		//the signature.
		Signature rsa = Signature.getInstance("SHA1WITHRSA");
		
		
		//initialize the Signature object.
		rsa.initVerify(specPublicKey);
		System.out.println("publicKey is: " + specPublicKey.toString());
		System.out.println("Calling rsa.verify");
		
		/*Supply the Signature Object With the Data to be Verified*/
		
		BufferedInputStream bufins = new BufferedInputStream(fis);
		
		byte[] buffer = new byte[1024];
		int len;
		while(bufins.available() !=0) {
			len = bufins.read(buffer);
			rsa.update(buffer, 0, len);
		};
		bufins.close();	
		
		boolean verifies = rsa.verify(signature);
		System.out.println("Verifies = " + Boolean.toString(verifies));
Code output:

strTxt: TXT: "g=*; k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCg8yo6rDhsNiwUfVR37HgF4bWqoG13Nd9XLT+Z0VLzCkWJZOdzGNQnnm7ujoQ8gbxeDvIo9RG5I3eZteBwD91Nf6P/E9lvJQDL2Qnz4EXH/CVW9DeEfvY1UJN9kc6q6KkYEPWssvVvlDOp2slbEKZCJtaPvVuGCAqfaps8J0FjOQIDAQAB"
strPublicKey is: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCg8yo6rDhsNiwUfVR37HgF4bWqoG13Nd9XLT+Z0VLzCkWJZOdzGNQnnm7ujoQ8gbxeDvIo9RG5I3eZteBwD91Nf6P/E9lvJQDL2Qnz4EXH/CVW9DeEfvY1UJN9kc6q6KkYEPWssvVvlDOp2slbEKZCJtaPvVuGCAqfaps8J0FjOQIDAQAB
public key is: X.509
pub key algorithm is: RSA
publicKey is: Sun RSA public key, 1024 bits
Calling rsa.verify
Verifies = false
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jun 20 2007
Added on May 22 2007
#cryptography
4 comments
573 views