[codenameone-discussions] Checking RSA signature with Bouncycastle

[Matej Kral]

Hi,

I'm working on a project which involves JWT tokens signed via RSA SHA256.
After some tinkering I came up with code which should work, but
the verification came out negative. 

I've created a simplified example - in with a plain text 12345 is
signed by the private RSA key using SHA256. The public key is 
created via modulus and exponent and the signature is a BASE65
encoded string. So the example code works as it is.

The problem is, that in standard Java 8 environment this example works and
verifies the signature, but it fails in codenameone environment. Is there 
something
I'm missing here?

public void test() {
       String smod = 
"00967ddfd775d5b3e85cba1a94d92b207667920240813f91439afa33e0ef1d66ccebce78edc6327481cb8db94210afe0bc989d7e0512ded7812fd68b0e544c77fecb2346f6b09440f162fccf927c01e539a5f168d51d1992f890f8e341658ddb9ee719849562f60397512f90365098c33fb523cc1cefcd201f4e371869c55c8d052e0eb3f8386b3900ebd92321b70f403a6b98c1ad39f9e471793a4275b6fdd40929b60e9ee053eaef54228a1ca91d0d0de0481422866b5b215af2d7312db0244cfc97999738cc0040ac87c31dc0bda1247969c4def4edfdd60e5dbf6fbce17a971361ad9af9cd63b69d2cc33b65fb8cd33a34733d7584cce05da383d9b5ced7ad";

        BigInteger modulus = new BigInteger(smod, 16);
        BigInteger exponent = BigInteger.valueOf(65537);

        String data = "12345";
        String sig = 
"iaklDCcd+CjxdDMM/IKOJluTLIk3pN5zQ3nYdyVya3DjWFOsyJTkw7ofkt15Ly2+yOR0Z6+fIFgCLEuZZTvdYssVubAk6srwClav2OlxpK5zmqgJ7NqYKBFRo7YSyvFFAIwlhiL4dxl76BhCTSJTIFYAGCQFCOAVl8AoJ0pip/yeRCNC8+lv0gb0D6VQ/jm7uKJaddkc/7NxfaH4g80NggOYYifi6Rdc1Aj+WeituKr/b2qjwBictix/zA7N/0LlLA5mro9RfgBOwp3Prenwe0XGLVg4XRyvhRHYYvs+mO//hWzfM82FqwEGNmIxY0HxaQRg8uWDwxgN8ZUO0EwihQ==";

        byte[] sigDecode = Base64.decode(sig);

        RSADigestSigner signer = new RSADigestSigner(new SHA256Digest());
        signer.init(false, new RSAKeyParameters(false, modulus, exponent));
        
        try {
            signer.update(data.getBytes("UTF-8"), 0, 
data.getBytes("UTF-8").length);
        } catch (UnsupportedEncodingException ex) {
            Log.e(ex);
        }

        boolean verified = signer.verifySignature(sigDecode);

        Log.p("Signature verified: "+verified, Log.INFO);
    }

Regards

-- 
You received this message because you are subscribed to the Google Groups 
"CodenameOne Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to codenameone-discussions+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/codenameone-discussions/8a8dfd5c-c6f5-476d-8cbc-0f28019cf12dn%40googlegroups.com.