B
Brian
Hello All,
I have run into an issue in trying to verify a detached SignedCMS
digital signature on the Compact Framework.
On the Full Framework, I have successfully verified my data using the
following code:
byte[] signature = File.ReadAllBytes(@"D:\signature.dat");
byte[] content = File.ReadAllBytes(@"D:\signedData.dat");
System.Security.Cryptography.Pkcs.ContentInfo ci = new
ContentInfo(content);
System.Security.Cryptography.Pkcs.SignedCms cms = new
SignedCms(SubjectIdentifierType.IssuerAndSerialNumber, ci,
true);
cms.Decode(signature);
cms.CheckSignature(true);
This has confirmed to me that I have the correct input data.
Unfortunately, the Pkcs namespace, and the Signedms class, are not
available on the Compact Framework.
I have written code to manually parse out the X509 Signature from the
signature, as well as the message digest contained in the SignerInfo
block of the signature. In short, I know I have the correct public
key, as well as the encrypted data that I want to decrypt.
The data was signed using RSA-SHA12048.
I use the following code to declare my RSA object:
X509Certificate2 cert = new X509Certificate2(certData);
RSACryptoServiceProvider rsa =
(RSACryptoServiceProvider)cert.PublicKey.Key;
I then gather my inputs, where data is the signed message and
messageDigest is the 256 byte block parsed out of the SignedCMS
Object.
bool check = rsa.VerifyData(data, new SHA1CryptoServiceProvider(),
messageDigest);
This hopeful looking call ALWAYS returns false, and I'm at a bit of a
loss as to why.
I decided at this point to try and decrypt the messageDigest manually,
just to see what the result would be, using the following code:
byte[] decryptedData = rsa.Decrypt(messageDigest, false);
Which threw a CryptographicException "Bad Key."
I'm completely stumped by this one, as I know that the public key in
the cert is valid, and I already used it to verify the data using
the .NET SignedCMS class.
So there it is - does anyone know where I am going wrong? If not,
does anyone know of a third party signedcms class for the compact
framework? I'm at a loss here...
Thanks,
Brian
I have run into an issue in trying to verify a detached SignedCMS
digital signature on the Compact Framework.
On the Full Framework, I have successfully verified my data using the
following code:
byte[] signature = File.ReadAllBytes(@"D:\signature.dat");
byte[] content = File.ReadAllBytes(@"D:\signedData.dat");
System.Security.Cryptography.Pkcs.ContentInfo ci = new
ContentInfo(content);
System.Security.Cryptography.Pkcs.SignedCms cms = new
SignedCms(SubjectIdentifierType.IssuerAndSerialNumber, ci,
true);
cms.Decode(signature);
cms.CheckSignature(true);
This has confirmed to me that I have the correct input data.
Unfortunately, the Pkcs namespace, and the Signedms class, are not
available on the Compact Framework.
I have written code to manually parse out the X509 Signature from the
signature, as well as the message digest contained in the SignerInfo
block of the signature. In short, I know I have the correct public
key, as well as the encrypted data that I want to decrypt.
The data was signed using RSA-SHA12048.
I use the following code to declare my RSA object:
X509Certificate2 cert = new X509Certificate2(certData);
RSACryptoServiceProvider rsa =
(RSACryptoServiceProvider)cert.PublicKey.Key;
I then gather my inputs, where data is the signed message and
messageDigest is the 256 byte block parsed out of the SignedCMS
Object.
bool check = rsa.VerifyData(data, new SHA1CryptoServiceProvider(),
messageDigest);
This hopeful looking call ALWAYS returns false, and I'm at a bit of a
loss as to why.
I decided at this point to try and decrypt the messageDigest manually,
just to see what the result would be, using the following code:
byte[] decryptedData = rsa.Decrypt(messageDigest, false);
Which threw a CryptographicException "Bad Key."
I'm completely stumped by this one, as I know that the public key in
the cert is valid, and I already used it to verify the data using
the .NET SignedCMS class.
So there it is - does anyone know where I am going wrong? If not,
does anyone know of a third party signedcms class for the compact
framework? I'm at a loss here...
Thanks,
Brian