I read the certificate form a .pfx file and extract keys:
PUBLICKEY
cert = ks.getCertificate(alias);
X509Certificate X509 = (X509Certificate) cert;
publicKey = cert.getPublicKey();
PRIVATEKEY
key = ks.getKey(alias, senha.toCharArray());
if (key instanceof PrivateKey) {
privateKey = (PrivateKey) key;
}
I know that the publicKey is correct because they match with dotNET file.
In the new version of my app i verify the privateKey using the code below.
Signature signer = null;
signer = Signature.getInstance("SHA1withRSA");
signer.initSign( privateKey );
signer.update(msg.getBytes("UTF-8"));
byte[] theSignature = null;
theSignature = signer.sign();
Log.d("theSignature ---> ", theSignature.toString());
Signature sig = null;
sig = Signature.getInstance("SHA1withRSA");
sig.initVerify(publicKey);
sig.update(msg.getBytes("UTF-8"));
boolean verifies = false;
verifies = sig.verify(theSignature);
if(verifies){
Log.d("SIGNATURE OK","SIGNATURE OK");
Log.d("Signature ",Base64.encodeToString(theSignature,
Base64.NO_PADDING));
}else{
Log.d("SIGNATURE NÃO OK","SIGNATURE NÃO OK");
The message in Log is "SIGNATURE OK", then I presume that privateKey is OK
too.
If this is right, then the error must be in format of theSignature. Maybe
the signature have a header or footer like public key (-----BEGIN
CERTIFICATE-----) that interfer in the Base64.encodeToString.
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
