Win a copy of High Performance Python for Data Analytics this week in the Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Bear Bibeault
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Jj Roberts
  • Carey Brown
Bartenders:
  • salvin francis
  • Frits Walraven
  • Piet Souris

Java Crypto - Sign and Verify Failure

 
Marshal
Posts: 3355
492
Android Eclipse IDE TypeScript Redhat MicroProfile Quarkus Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am attempting to sign and then verify a message using a secp256r1 key pair, but I am getting an exception during the verify operation.  I have a feeling that it may be related to the particular curve that I am using.

Any clues where I can look to troubleshoot this problem?

 
Ron McLeod
Marshal
Posts: 3355
492
Android Eclipse IDE TypeScript Redhat MicroProfile Quarkus Java Linux
  • Likes 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Doh - I was trying to verify against the message itself and not the signature

The message Invalid encoding for signature should have been enough of a clue.


This: should be:
 
Saloon Keeper
Posts: 12628
273
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
One other thing: There is a reason that KeyStore.load() accepts the password as a char[] and not as a String. After you've loaded the key store, you should clear the password.

You're using Quarkus right? Instead of injecting the password using @ConfigProperty, try if this works:

If this doesn't work it's no disaster, because presumably you're running this code on a protected server (where the password is available in a configuration file anyway).
 
I got this tall by not having enough crisco in my diet as a kid. This ad looks like it had plenty of shortening:
the value of filler advertising in 2020
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic