search

earvinjamesmarzo / eid-quick-key-toolset

Automatically exported from code.google.com/p/eid-quick-key-toolset
0 stars 0 forks source link

Cannot verify authentication signature #2

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
I have loaded the cap onto a SmartCard with no problem. I also manage to 
extract certificates. But i cannot verify an authentication signature. I wonder 
why :

The pseudo code:
belpic.readFullEid();

            trace("Set PIN");
            belpic.setPin("1234");

            trace("Authentication Signature generation");
            MessageDigest digest = MessageDigest.getInstance("SHA-1");
            byte [] data_to_sign = "Iop".getBytes();
            byte[] hashMsg = digest.digest(data_to_sign);
            byte response []= belpic.generateAuthenticationSignature(hashMsg);

            trace("read authentication certificate");
            byte [] bytes_auth_certif = belpic.readAuthCertificateBytes();
            X509Certificate authCert = X509Utils.deriveCertificateFrom(bytes_auth_certif);
            trace("DN : " + authCert.getSubjectDN());

            {
                Signature RSASign = Signature.getInstance("SHA1withRSA");
                  PublicKey pk = authCert.getPublicKey();
                RSASign.initVerify(pk);
                RSASign.update(data_to_sign,0,data_to_sign.length);
                trace("Sign Verififcation : " + RSASign.verify(response));
            }

If you know why thanks.

Original issue reported on code.google.com by cauchies...@gmail.com on 10 Jan 2012 at 8:16

GoogleCodeExporter commented 9 years ago 
>> i have added
response = belpic.retrieveSignatureBytes();
but still it does not work.

Original comment by cauchies...@gmail.com on 10 Jan 2012 at 8:41