• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4193
  • Last Modified:

Java Security Signature Exception problem

Hi,
I'm having some problems with a piece of code that i'm trying to write where it throws a SignatureException - invalid encoding for signature.

- I declare the Signature as a 'global' variable.

- Before signing the message, I do the following:
 sig = Signature.getInstance("DSA");
 sig.initSign(PrivateKey);      

- When I want to verify the signature, first I do this:
sig.initVerify(PublicKey);

The error is thrown right at the end when I come to the verification:
if (!sig.verify(sig))
              System.out.print("Signature NOT");
              System.out.print("Verified");

Anyone understand why I get an invalid coding message and what I should do to fix this?

Cheers,

Phil.

0
phil8258
Asked:
phil8258
  • 4
  • 4
1 Solution
 
objectsCommented:
where r you're key vars coming from?
0
 
phil8258Author Commented:
Some code below:
// Declared in the main class:
public static PrivateKey PrivateKey = null;
public static PublicKey PublicKey = null;	
public static Signature sig = null;
 
//A bit of code from a method that creates the keys:
KeyPair keys = keypair.generateKeyPair();
PrivateKey = keys.getPrivate();
PublicKey = keys.getPublic();
 
//A bit of code from the method that signs the message:
sig = Signature.getInstance("DSA");
sig.initSign(PrivateKey);
 
//All of the above seems to work ok. Then...
 
//A bit of code from the method that verifies the signature:
sig.initVerify(PublicKey);
 
File f = new File("Input.txt");   //Open signed file
DataInputStream f = new DataInputStream(new FileInputStream(f));
 
byte[] sigTemp = new byte[SignedFile.read()];	//Read signed file into byte array
f.read(sigTemp, 0, f.read());
 
int length = (int) f.length();
byte[] Input = new byte[length];
f.read(Input, 0, length);
f.close();
 
sig.update(Input);
       
if (!sig.verify(sig))
              System.out.print("Signature NOT");
              System.out.print("Verified");
	}

Open in new window

0
 
phil8258Author Commented:
Error occurs at line 33 in the above code
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
objectsCommented:
byte[] sigTemp = new byte[SignedFile.read()];   //Read signed file into byte array
f.read(sigTemp, 0, f.read());

whats that meant to be doing.
does not look like it would even compile
0
 
phil8258Author Commented:
Good question!
I removed it, and the first thing that went wrong (or right) was that line 33 could no longer refer to sig
I changed line 33 to if (!sig.verify(Input))
and exception gone :O)

Only problem now is that its always reporting Signature Not Verified...
Changing to:

        if (!signature.verify(Input)){
              System.out.println("Signature not verified");
        }
        else {
              System.out.println("Signature verified sucessfully");
        }

and it still says "Signature not Verified"
0
 
objectsCommented:
>         if (!signature.verify(Input)){

the verify method expects the bytes of a signature, is that what Input contains?
0
 
phil8258Author Commented:
Input contains:
0,ljaØÄaÉ"¼]~ÆSNxMQk[ªhzDÞ/mRyÒ¬!î=ïhÜHello World!
0
 
objectsCommented:
u sure thats a signature? seems to also include data.
how was it created?

there an example here to sign and verify

http://www.java2s.com/Code/Java/Security/Testthesignature.htm
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now