I am trying to create digital signature of the hash (created using HMACSHA256) in Java using SHA256 algorithm & Pkcs1 RSA signature padding but it is not producing the same signature as implemented in .net by vendor.
My Java code :
String secretKey = "1n6pobYP5+BZHgEdFCtNibcb1eykysLMbWMV2fJD0OwfmY3TbtRlUaRWu8A7Fp0dt8O+TCIl3LABlUrW48FFUg==";
private String hmacSha256(String data, String key) throws Exception {
Mac mac = Mac.getInstance("HmacSHA256");
SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "HmacSHA256");
mac.init(secretKeySpec);
byte[] hmacSha256Bytes = mac.doFinal(data.getBytes("UTF-8"));
return Base64.getEncoder().encodeToString(hmacSha256Bytes);
}
private String signHash(String hash, PrivateKey privateKey) throws Exception {
Signature signature = Signature.getInstance("SHA256withRSA", "BC");
signature.initSign(privateKey);
signature.update(Base64.getDecoder().decode(hash));
byte[] signedBytes = signature.sign();
return Base64.getEncoder().encodeToString(signedBytes);
}
private String signMessage(String hashedMsg, PrivateKey privateKey) throws Exception {
Signature signature = Signature.getInstance("SHA256withRSA", "BC");
signature.initSign(privateKey);
signature.update(hashedMsg.getBytes("UTF-8"));
byte[] signedBytes = signature.sign();
return Base64.getEncoder().encodeToString(signedBytes);
}
SignHash is adding signature to a already hashed message whereas SignMessage is adding hash again to already hashed message and then adding signature. SignMessage is making the correct signature as per the vendor but SignHash is creating different.
Dotnet code implementation for SignHash function by vendor :
String secretKey = "1n6pobYP5+BZHgEdFCtNibcb1eykysLMbWMV2fJD0OwfmY3TbtRlUaRWu8A7Fp0dt8O+TCIl3LABlUrW48FFUg==";
public static string HashInstruction(string message, string key)
{
using HMACSHA256 hMACSHA = new HMACSHA256(Encoding.UTF8.GetBytes(key));
return Convert.ToBase64String(hMACSHA.ComputeHash(Encoding.UTF8.GetBytes(message)));
}
public static string SignHashWithFile(string message, string privateKeyFile)
{
byte[] array = ReadPrivateFile(privateKeyFile);
RSA rSA = RSA.Create();
rSA.ImportRSAPrivateKey(array, out var _);
byte[] hash = Convert.FromBase64String(message);
byte[] inArray = rSA.SignHash(hash, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
return Convert.ToBase64String(inArray);
}
public static string SignDataWithFile(string message, string privateKeyFile)
{
byte[] array = ReadPrivateFile(privateKeyFile);
RSA rSA = RSA.Create();
rSA.ImportRSAPrivateKey(array, out var _);
byte[] data = Encoding.ASCII.GetBytes(message);
byte[] inArray = rSA.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
return Convert.ToBase64String(inArray);
}
SignDataWithFile() is generating same signature as signMessage() but signHash() and SignHashWithFile() are generating different signatures.
Sample values for .NET:
Data before hash: '512|PUB55442201|3555101122526|20000'
Data after hash: 'vGEWCW/XP7NPFIrY4sOo+jE4Q713RfVlKV/VV8ZQG6I='
signature(signhash): 'm3CHGVvBy90CVVnPzzFYQAekN6oy/isfz+fAVyXsJ/COTZ/fCMemANy0Q+yWlh/WUkSGbS7SQrc/33m+Wy69XrctOYSZcWMZpGFGBwBrCkg+wmscBfYItBqKlqmbQr2W0CIxOJlj5fLTeWYQ0MLCrMoBB9g1sB93eECYy9G5MzNfrRQaHVVzQrvBdyphABf8GsIuOzfjTOca5jGCZq6+0i/Xnb49jpkr3bPG3JP2+HbwKbyeqzB59pQaQ1+ye1pE7w85b0Sd3WDSfyjmYDBcNUooaMzekROaR8GPvlerhr1LbXwzvhoDON3ZJhFjerSikcrrM1JeL+s0DOCSQdvsBg=='
signature(signData): 'wLDprhCgUVG3V0pgU6DCZDQyoHf3VSQ7PMs9T6Ns3OM/lIz2cvACSVFJIs5W5sR7NN/jcp8k6yjQreq9SuSi9EPJsHFNlsqDjfqt78KOkqVD41PlFKRguPi9caMskRSKF/Ja1npXEweQw0MLgxGhs1sOffEzgk7Tqq4N3p2LN4mxgBtxoK3S+HfybPbHKpeSqx6Y0dVfz+Axa3v0/ChNU1+ZHA68H7+j7opdtaXTsx4dzodMvzdpfmFOpC9ye+mhmbJWBfhHDUd+AtIgLSCUZ0v+YhTLFlFY7hUEYRMqk3/tAxLw6dshXla9TSyzkJe3lijJabWGaMGqDgGC+/0puw=='
Sample values for Java :
Data before hash: '512|PUB55442201|3555101122526|20000'
Data after hash: 'vGEWCW/XP7NPFIrY4sOo+jE4Q713RfVlKV/VV8ZQG6I='
signature(signhash): 'W1U84sux5el9Tij8Dd9Tu2VbcXC2/BUwZFn5qeYh9M1D/ym6WjahyseTqUb6QFLuy1I9AAQN7p71NvYm1XpKKSGlJMl97cyHPijH3vj/+ydceLWm6Z4cIcJHrZsRld9EYNfYIW7e3h7UVQRwexZaNs+PjcWDAtuUWZevCGnQNzu20D3dIhdJdcZUp/J0rRO0rrWl9njXWDshiZz9mnVYx2wnoOJC6+2j2UBQOezupBzA5ZcvWaTrJhnes0l8aKhgwcdfb59ifuwhvcrFKBTxLkFVI7eMJslluHcFe2BYVjhmOQkqVfbkTYXgBqEsiQjCNdHlYsY15ZSbVDNpt9fthA=='
signature(signData): 'wLDprhCgUVG3V0pgU6DCZDQyoHf3VSQ7PMs9T6Ns3OM/lIz2cvACSVFJIs5W5sR7NN/jcp8k6yjQreq9SuSi9EPJsHFNlsqDjfqt78KOkqVD41PlFKRguPi9caMskRSKF/Ja1npXEweQw0MLgxGhs1sOffEzgk7Tqq4N3p2LN4mxgBtxoK3S+HfybPbHKpeSqx6Y0dVfz+Axa3v0/ChNU1+ZHA68H7+j7opdtaXTsx4dzodMvzdpfmFOpC9ye+mhmbJWBfhHDUd+AtIgLSCUZ0v+YhTLFlFY7hUEYRMqk3/tAxLw6dshXla9TSyzkJe3lijJabWGaMGqDgGC+/0puw=='
messageis a Base64 encoded SHA256 hash (i.e.hashis a SHA256 hash), on the Java sidehashmust be completed to the DER encoding of the DigestInfo value (see RFC8017) and as digestNoneWithRSAmust be applied.