Thanks Nikolay. The tests with .net confirm that BouncyCastle signature
process is OK. I will try to sign SignedInfo
--
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.c
On Fri, Jan 18, 2013 at 1:22 AM, mbarbiero wrote:
> Hi Nikolay...
>
> In the XMLs that I post the DigestValue (SHA1) is the same of the
> DigestValue of canonicalized .net.
I thing you might be missing the point that what gets hashed and ultimately
signed is the whole element. You need to get th
Hi..
The text that I sign is too sample:
abc
Without tabs, cr or especial chars.
mBarbiero
Em quinta-feira, 17 de janeiro de 2013 15h19min06s UTC-2, Kostya Vasilyev
escreveu:
>
> Windows (dot net) and Unix (android) default to different ways to
> represent line breaks.
>
> Are line breaks in
Windows (dot net) and Unix (android) default to different ways to represent
line breaks.
Are line breaks in the xml you're signing encoded the same way on both
sides?
17.01.2013 20:24 пользователь "mbarbiero"
написал:
> Hi Nikolay...
>
> In the XMLs that I post the DigestValue (SHA1) is the sam
Hi Nikolay...
In the XMLs that I post the DigestValue (SHA1) is the same of the
DigestValue of canonicalized .net.
I will try to create a program in Java pure to test if problem is in
Android implementation. What you think about?
Em quinta-feira, 17 de janeiro de 2013 13h25min25s UTC-2, Nikola
On Thu, Jan 17, 2013 at 11:11 PM, mbarbiero wrote:
> Hi...
> I tested the canonical form and Sha1 hash code using a .net code to confirm
> the values. A strig format of is OK.
Not too clear what you are saying here. Is the SHA1 of the canonical form of
the two 's the same in both Java and C#? XM
Hi...
I tested the canonical form and Sha1 hash code using a .net code to confirm
the values. A strig format of is OK.
Considering that PrivateKey is OK too, my suspects are, now, the byte code
send to sign and the convertion to base64 of the results. Maybe
little-endian x big-endian can explai
Em quarta-feira, 16 de janeiro de 2013 10h06min13s UTC-2, Nikolay Elenkov
escreveu:
>
>
> On Jan 16, 2013 9:01 PM, "mbarbiero" >
> wrote:
> >
> > Nikolay...
> >
> > One more question: If the private key used to sign is incorrect, the
> command "$ openssl rsautl -verify -in s2.bin -pubin -inke
On Jan 16, 2013 9:01 PM, "mbarbiero" wrote:
>
> Nikolay...
>
> One more question: If the private key used to sign is incorrect, the
command "$ openssl rsautl -verify -in s2.bin -pubin -inkey pub1.pem -raw
-hexdump" result in error or in incorrect message?
>
It will result in garbage, not proper
Nikolay...
One more question: If the private key used to sign is incorrect, the
command "$ openssl rsautl -verify -in s2.bin -pubin -inkey pub1.pem -raw
-hexdump" result in error or in incorrect message?
I need confirm if used privatekey is correct.
Thanks and, please, escuse my ignorance!
On Wed, Jan 16, 2013 at 1:12 AM, Nikolay Elenkov
wrote:
>
> On Jan 16, 2013 12:45 AM, "mbarbiero" wrote:
>>
>> My ideia was that the header is in signature, not in Base64.
>>
>>
>
> OK, my bad (again...). The signature is just the padded hash encrypted with
> the private key. You have the same ha
Anybody know about Santuario Apache in Android?
Is a JSR105 implementation. I tried install but recieved a error:
"Conversion to Dalvik format failed with error 1 Santuario Unknown Android
Packaging Problem"
Em terça-feira, 15 de janeiro de 2013 15h39min43s UTC-2, jason_gates
escreveu:
>
> Hi,
Hi,
No problem. Sorry I couldn't provide more help :)
You've got a challenge that requires a lot of patience :) Hang in there.
It's not you, it's just a big challenge. It happens to all of us.
I found an additional link, might
help:http://msdn.microsoft.com/en-us/library/ms996502.aspx
You'll
Nikolay, Bob and Jason ...
Thank for your attention.
This problem XMLDSIG seems simple, but is now driving me crazy.
The root of the problem is that I need to develop for Android. If it were
in JAVA 6 the documentation is very complete:
http://docs.oracle.com/javase/6/docs/technotes/guides/sec
On Jan 16, 2013 12:45 AM, "mbarbiero" wrote:
>
> My ideia was that the header is in signature, not in Base64.
>
>
OK, my bad (again...). The signature is just the padded hash encrypted with
the private key. You have the same hash, so either the padding is wrong
(unlikely) or the key (more likely)
My ideia was that the header is in signature, not in Base64.
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-deve
On Wed, Jan 16, 2013 at 12:17 AM, bob wrote:
> Base64 does not convert "3 chars per byte".
>
>
> It uses 4 characters per 3 bytes for a roughly 33% size increase.
You are, of course, absolutely right. At least I got the number 3 right :)
The main point still stands though -- it doesn't add header
Base64 does not convert "3 chars per byte".
It uses 4 characters per 3 bytes for a roughly 33% size increase.
On Tuesday, January 15, 2013 8:57:23 AM UTC-6, Nikolay Elenkov wrote:
>
> On Tue, Jan 15, 2013 at 11:14 PM, mbarbiero
> >
> wrote:
> > I read the certificate form a .pfx file and
On Tue, Jan 15, 2013 at 11:14 PM, mbarbiero wrote:
> I read the certificate form a .pfx file and extract keys:
>
> PUBLICKEY
> cert = ks.getCertificate(alias);
> X509Certificate X509 = (X509Certificate) cert;
> publicKey = cert.getPublicKey();
>
> PRIVATEKEY
> key = ks.getKey(alias
I read the certificate form a .pfx file and extract keys:
PUBLICKEY
cert = ks.getCertificate(alias);
X509Certificate X509 = (X509Certificate) cert;
publicKey = cert.getPublicKey();
PRIVATEKEY
key = ks.getKey(alias, senha.toCharArray());
if (key instanceof PrivateKey) {
On Mon, Jan 14, 2013 at 10:39 PM, mbarbiero wrote:
>
> * does the raw (byte array) signature match?
> - I'm not sure about this, but the digestvalues in dotNet and BoucyCastle
> are identical.
For Java you would get the return value of signer.sign() and convert to
hex to compare. Don't remember
Hi Nikolay and Jason...
Your summary is correct Nikolay: I sign with privatekey to verify the
sender.
* did you normalize properly?
- Yes... I use a very simple plain text, without especial characters, CR,
TAB or LF.
* does the raw (byte array) signature match?
- I'm not sure about this,
On Mon, Jan 14, 2013 at 9:12 AM, jason_gates wrote:
> Hi,
> I am not an expert on cryptography, thus take this with a grain of salt :)
>
> I thought the purpose of a private key is for you to de-crypt messages
> encrypted with your public key. If my logic is correct, then wouldn't the
> remote ser
Hi,
I am not an expert on cryptography, thus take this with a grain of salt :)
I thought the purpose of a private key is for you to de-crypt messages
encrypted with your public key. If my logic is correct, then wouldn't the
remote service give you their public key to encrypt the message (sent fr
Em domingo, 13 de janeiro de 2013 18h17min29s UTC-2, jason_gates escreveu:
>
> Hi,
> Thank you for the response :) So, the private key is not part of the
> issue, right? Wouldn't your private key only be used to decode a message
> sent from the web service to you? Per your message, that's not y
Hi,
Thank you for the response :) So, the private key is not part of the issue,
right? Wouldn't your private key only be used to decode a message sent from
the web service to you? Per your message, that's not your issue.
Your saying the remote web service is rejecting the message you are
sendin
Hi Jason...
Thanks for your contact.
Firstly, please excuse my poor english... my first language is portuguese.
I sent a XML Dsig packet with message + DigestValue + SignatureValue +
PublicKey to a government's webservice. The SignatureValue is generated
using BouncyCastle and SHA1withRSA. The re
Em domingo, 13 de janeiro de 2013 10h22min21s UTC-2, mbarbiero escreveu:
>
> Hi...
> I have a problem in SHA1withRSA signature using BouncyCastle on Android:
> BouncyCastle signature value does not match with dotNET signature value.
> I tryed to use many algorithms like "SHA1withRSA", "SHA1withR
Hi,
Can you go back a step and explain what the issue is :)
In other words, you've stated you are required to send a message to a "web
service". But I can't tell from you post what (if any) the exception is? Is
the web service rejecting the message you sent? Are you receiving an
unexpected res
29 matches
Mail list logo