问题
I want to verify my signature . my signature is a byte array. I use spongy castle I get error "org.spongycastle.cms.CMSException: Malformed content." this is my code:
String base64 = Base64.toBase64String(signedchallenge);
CMSSignedData cms = new CMSSignedData(Base64.decode(base64));
Store store = cms.getCertificates();
SignerInformationStore signers = cms.getSignerInfos();
Collection c = signers.getSigners();
I get error in line " CMSSignedData cms = new CMSSignedData(Base64.decode(base64));"
also I used this method for signed challenge generation. It did in smart cart
Signature signature=Signature.getInstance(Signature.ALG_RSA_SHA_PKCS1,false);
signature.init(thePrivateKey,Signature.MODE_SIGN);
signLength=signature.sign(buffer,(short)(ISO7816.OFFSET_CDATA & 0xFF), inputlength, buffer, (short)(0));
apdu.setOutgoingAndSend((short)0,signLength);
回答1:
According to javacard documentation
ALG_RSA_SHA_PKCS1generates a 20-byte SHA digest, pads the digest according to the PKCS#1 (v1.5) scheme, and encrypts it using RSA
To verify the signature in Android side use this code
Signature sig = Signature.getInstance("SHA1withRSA");
sig.initVerify(publicKey);
sig.update(challenge);
boolean verifies = sig.verify(signedchallenge);
Where signedchallenge is the signature available on buffer from (short)(ISO7816.OFFSET_CDATA & 0xFF) to signLength and challenge is the original data to sign
来源:https://stackoverflow.com/questions/40725518/error-malformed-content-in-signature-verification