i need to sign a string using RSA-SHA1 signature and a private key from .PFX certificate. Here's my code:
String rawString = "1234567890";
byte[] signed = null;
FileInputStream cert = new FileInputStream("/sdcard/cert.pfx");
KeyStore keyStore = KeyStore.getInstance("pkcs12");
keyStore.load(cert, "cert_password".toCharArray());
String alias = keyStore.aliases().nextElement();
PrivateKey privateKey = (PrivateKey)keyStore.getKey(alias, "cert_password".toCharArray());
Signature instance = Signature.getInstance("SHA1withRSA");
instance.initSign((PrivateKey)privateKey);
instance.update(rawString.getBytes());
signed = instance.sign();
TextView mTextView = (TextView) findViewById(R.id.signed_message);
mTextView.setText(md5(bytes2String(signed)));
and i do get a nice looking MD5, but, i am doing the same thing in PHP also and the result i get with PHP is different than the one in Android. I know the PHP one is correct... so what's wrong with the Android version?
I've noticed that the Android result differs if i use new String(signed)
instead of bytes2String(signed)
or even if i use signed.toString()
i use this for MD5: https://stackoverflow.com/a/4846511/1176497
and bytes2String from (Using SHA1 and RSA with java.security.Signature vs. MessageDigest and Cipher):
private static String bytes2String(byte[] bytes) {
StringBuilder string = new StringBuilder();
for (byte b : bytes) {
String hexString = Integer.toHexString(0x00FF & b);
string.append(hexString.length() == 1 ? "0" + hexString : hexString);
}
return string.toString();
}
I've figured it out....
the md5 function I'm using requires a string, but coverts it to byte[]... since i already have byte[] there's no need to covert it!
now i get the same result as in PHP :)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With