phil8258
asked on
Java Security Signature Exception problem
Hi,
I'm having some problems with a piece of code that i'm trying to write where it throws a SignatureException - invalid encoding for signature.
- I declare the Signature as a 'global' variable.
- Before signing the message, I do the following:
sig = Signature.getInstance("DSA ");
sig.initSign(PrivateKey);
- When I want to verify the signature, first I do this:
sig.initVerify(PublicKey);
The error is thrown right at the end when I come to the verification:
if (!sig.verify(sig))
System.out.print("Signatur e NOT");
System.out.print("Verified ");
Anyone understand why I get an invalid coding message and what I should do to fix this?
Cheers,
Phil.
I'm having some problems with a piece of code that i'm trying to write where it throws a SignatureException - invalid encoding for signature.
- I declare the Signature as a 'global' variable.
- Before signing the message, I do the following:
sig = Signature.getInstance("DSA
sig.initSign(PrivateKey);
- When I want to verify the signature, first I do this:
sig.initVerify(PublicKey);
The error is thrown right at the end when I come to the verification:
if (!sig.verify(sig))
System.out.print("Signatur
System.out.print("Verified
Anyone understand why I get an invalid coding message and what I should do to fix this?
Cheers,
Phil.
where r you're key vars coming from?
ASKER
Some code below:
// Declared in the main class:
public static PrivateKey PrivateKey = null;
public static PublicKey PublicKey = null;
public static Signature sig = null;
//A bit of code from a method that creates the keys:
KeyPair keys = keypair.generateKeyPair();
PrivateKey = keys.getPrivate();
PublicKey = keys.getPublic();
//A bit of code from the method that signs the message:
sig = Signature.getInstance("DSA");
sig.initSign(PrivateKey);
//All of the above seems to work ok. Then...
//A bit of code from the method that verifies the signature:
sig.initVerify(PublicKey);
File f = new File("Input.txt"); //Open signed file
DataInputStream f = new DataInputStream(new FileInputStream(f));
byte[] sigTemp = new byte[SignedFile.read()]; //Read signed file into byte array
f.read(sigTemp, 0, f.read());
int length = (int) f.length();
byte[] Input = new byte[length];
f.read(Input, 0, length);
f.close();
sig.update(Input);
if (!sig.verify(sig))
System.out.print("Signature NOT");
System.out.print("Verified");
}
ASKER
Error occurs at line 33 in the above code
byte[] sigTemp = new byte[SignedFile.read()]; //Read signed file into byte array
f.read(sigTemp, 0, f.read());
whats that meant to be doing.
does not look like it would even compile
f.read(sigTemp, 0, f.read());
whats that meant to be doing.
does not look like it would even compile
ASKER
Good question!
I removed it, and the first thing that went wrong (or right) was that line 33 could no longer refer to sig
I changed line 33 to if (!sig.verify(Input))
and exception gone :O)
Only problem now is that its always reporting Signature Not Verified...
Changing to:
if (!signature.verify(Input)) {
System.out.println("Signat ure not verified");
}
else {
System.out.println("Signat ure verified sucessfully");
}
and it still says "Signature not Verified"
I removed it, and the first thing that went wrong (or right) was that line 33 could no longer refer to sig
I changed line 33 to if (!sig.verify(Input))
and exception gone :O)
Only problem now is that its always reporting Signature Not Verified...
Changing to:
if (!signature.verify(Input))
System.out.println("Signat
}
else {
System.out.println("Signat
}
and it still says "Signature not Verified"
> if (!signature.verify(Input)) {
the verify method expects the bytes of a signature, is that what Input contains?
the verify method expects the bytes of a signature, is that what Input contains?
ASKER
Input contains:
0,ljaØÄaÉ"¼]~ÆSNxMQ k[ªhzDÞ/mR yÒ¬!î=ïhÜ Hello World!
0,ljaØÄaÉ"¼]~ÆSNxMQ
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.