This discussion is archived
1 2 Previous Next 20 Replies Latest reply: Jun 27, 2012 2:12 AM by 813524 RSS

I can verify a digital signature with an incorrect cert

813524 Newbie
Currently Being Moderated
Hello,

I am writing some code to digitally sign and then verify data.
The code I have written allows me to verify data using a certificate that does not correspond to the private key.

This is the code i have written for signing:

               /**
               * Get the private key
               */
               PrivateKey key = KeyStoreUtil.getPrivateKey(keyStoreName, keyStoreType, keyStorePassword, keyAlias);

               /**
               * Encrypt the data,
               */
               Signature signatureAlgoithm = Signature.getInstance(getAlgorithm());
               signatureAlgoithm.initSign(key);
               signatureAlgoithm.update(data.getBytes());
               signature = signatureAlgoithm.sign();

and this is the code I have writen for verification:

               /**
               * Get the cert that will be used to
               * verifiy the data and signature
               */
               Certificate cert = KeyStoreUtil.getCertificate(keyStoreName, keyStoreType, keyStorePassword, certAlias);

               /**
               * Initialise signature algorithm,
               * supply the data to be verified
               * and verify with signature
               */
               Signature signatureAlgoithm = Signature.getInstance(getAlgorithm());
               signatureAlgoithm.initVerify(cert);
               signatureAlgoithm.update(data.getBytes());
               result = signatureAlgoithm.verify(signature);

Can someone please tell me, if I'm missing something here? The KeyStoreUtil code used above to get the private key and cert is shown below and the algorithm I am using is SHA1withRSA.

Thanks





package aero.sita.ir.security.util;

import java.io.BufferedInputStream;
import java.io.Closeable;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;

import org.apache.log4j.Logger;

/**
* The Class KeyStoreUtil.
*/
public class KeyStoreUtil {

     // ===========================================
     // Public Members
     // ===========================================

     // ===========================================
     // Private Members
     // ===========================================

     /** The Constant LOGGER. */
     private static final Logger LOGGER = Logger.getLogger(KeyStoreUtil.class);

     // ===========================================
     // Static initialisers
     // ===========================================

     // ===========================================
     // Constructors
     // ===========================================

     /**
     * Instantiates a new key store util.
     */
     public KeyStoreUtil() {
     }

     // ===========================================
     // Public Methods
     // ===========================================

     public static Certificate getCertificate(String keyStoreName, String keyStoreType, String keyStorePassword, String certAlias) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {

          /**
          * Get a handle on the keystore
          */
          KeyStore ks = loadKeyStore(keyStoreName, keyStoreType, keyStorePassword);

          /**
          * Return the requested cert
          */
          return ks.getCertificate(certAlias);

     }

     public static PrivateKey getPrivateKey(String keyStoreName, String keyStoreType, String keyStorePassword, String keyAlias) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {

          /**
          * Get a handle on the keystore
          */
          KeyStore ks = loadKeyStore(keyStoreName, keyStoreType, keyStorePassword);

          /**
          * Return the requested key
          */
          return (PrivateKey) ks.getKey(keyAlias,keyStorePassword.toCharArray());
     }

     // ===========================================
     // Protected Methods
     // ===========================================

     // ===========================================
     // Private Methods
     // ===========================================

     /**
     * Load key store.
     *
     * @param keyStoreName the key store name
     * @param keyStoreType the key store type
     * @param keyStorePassword the key store password
     * @return the key store
     * @throws KeyStoreException
     * @throws IOException
     * @throws CertificateException
     * @throws NoSuchAlgorithmException
     */
     private static final KeyStore loadKeyStore(String keyStoreName, String keyStoreType, String keyStorePassword) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {

          /**
          * The keystore to return
          */
          KeyStore ks = null;

          /**
          * Input stream used to read keystore
          */
          BufferedInputStream ksbufin = null;

          try {

               /**
               * Initilise input stream
               */
               ksbufin = new BufferedInputStream(new FileInputStream(keyStoreName));

               /**
               * Get keystore instance
               */
               ks = KeyStore.getInstance(keyStoreType);

               /**
               * Load up the keystore
               */
               ks.load(ksbufin, keyStorePassword.toCharArray());

          } finally {
               close(ksbufin);
          }

          /**
          * Return the keystore
          */
          return ks;
     }

     /**
     * Close.
     *
     * @param closeable
     * the closeable
     */
     private static final void close(Closeable closeable) {
          if (closeable != null) {
               try {
                    closeable.close();
               } catch (IOException e) {
                    LOGGER.error("Error closing file or stream. " + e.getMessage());
               }
          }
     }
}
  • 1. Re: I can verify a digital signature with an incorrect cert
    EJP Guru
    Currently Being Moderated
    Really? Doesn't sound likely, does it? What are the values of the public key associated with the private key, and the public key of the certificate?
  • 2. Re: I can verify a digital signature with an incorrect cert
    sabre150 Expert
    Currently Being Moderated
    My standard test example for signing using SHA1withRSA first signs and verifies with a corresponding (PrivateKey,Certificate) pair and then tries to verify with a different certificate. I have just run it using JDK1.7.0_04 and it runs correctly. It has always run correctly. The basic code is similar to your code but without the superfluous and sometimes misleading/erroneous comment.
  • 3. Re: I can verify a digital signature with an incorrect cert
    813524 Newbie
    Currently Being Moderated
    Im going to resist the temptation to answer to the comment about superfluous comments etc, I think that says more about the ego of the respondent.

    I do however have this problem and I'd be happy to share my code, superfluous comments included.
  • 4. Re: I can verify a digital signature with an incorrect cert
    sabre150 Expert
    Currently Being Moderated
    810521 wrote:
    Im going to resist the temptation to answer to the comment about superfluous comments etc, I think that says more about the ego of the respondent.
    So you didn't resist!

    Example of a superfluous comment -
    /**
    * Get keystore instance
    */
    ks = KeyStore.getInstance(keyStoreType);
    Example of an erroneous comment -
    /**
    * Encrypt the data,
    */
    Signature signatureAlgoithm = Signature.getInstance(getAlgorithm());
    signatureAlgoithm.initSign(key);
    signatureAlgoithm.update(data.getBytes());
    signature = signatureAlgoithm.sign();
    >
    I do however have this problem and I'd be happy to share my code, superfluous comments included.
    Why would I want to share your code since you say it does not work? I already have code that actually does work.

    Bye
  • 5. Re: I can verify a digital signature with an incorrect cert
    EJP Guru
    Currently Being Moderated
    I'd be happy to share my code
    You've already shared your code. How about sharing the answers to the questions you were asked?
  • 6. Re: I can verify a digital signature with an incorrect cert
    813524 Newbie
    Currently Being Moderated
    vaules of the public key associated with the private key, and the public key of the certificate?

    The cert associated with the private key that was used to sign the data:

    Owner: CN=TUE 1-TUE 1 ADMIN-187413
    Issuer: CN=Test CA, OU=For Test Purposes Only, O=A Ltd, C=IE
    Serial number: 3d43ebb325f79c6d6ce475f8514fc626
    Valid from: Wed May 02 01:00:00 BST 2012 until: Thu May 31 00:59:59 BST 2012
    Certificate fingerprints:
         MD5: 98:96:99:A0:1C:26:41:4D:5A:99:68:CC:3D:A4:6D:77
         SHA1: 91:BB:E1:F5:A5:3E:F7:A7:05:14:CC:8C:D4:CE:3F:0E:5C:25:40:D4
         Signature algorithm name: SHA1withRSA
         Version: 3

    Extensions:

    #1: ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
    DigitalSignature
    Non_repudiation
    ]

    #2: ObjectId: 2.5.29.37 Criticality=true
    ExtendedKeyUsages [
    clientAuth
    ]

    #3: ObjectId: 2.5.29.31 Criticality=false
    CRLDistributionPoints [
    [DistributionPoint:
    [URIName: http://pilotonsitecrl.verisign.com/ACA/LatestCRL.crl]
    ]]

    #4: ObjectId: 2.5.29.19 Criticality=false
    BasicConstraints:[
    CA:false
    PathLen: undefined
    ]


    The cert used to verify (incorrectlyl) the signature:

    Owner: CN=PUE 1-PUE 1 Admin-294937
    Issuer: CN=Test CA, OU=For Test Purposes Only, O=A Ltd, C=IE
    Serial number: 1bf9f63394d41471538a4bbc25deff3
    Valid from: Wed Jun 13 01:00:00 BST 2012 until: Thu Jul 12 00:59:59 BST 2012
    Certificate fingerprints:
         MD5: 35:96:D5:32:DE:48:A9:AB:FE:8F:D8:7E:BA:14:37:23
         SHA1: D9:FE:C1:C8:6C:F6:5E:EF:23:59:98:B5:CD:DE:66:04:C3:F3:37:75
         Signature algorithm name: SHA1withRSA
         Version: 3

    Extensions:

    #1: ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
    DigitalSignature
    Non_repudiation
    ]

    #2: ObjectId: 2.5.29.37 Criticality=true
    ExtendedKeyUsages [
    clientAuth
    ]

    #3: ObjectId: 2.5.29.31 Criticality=false
    CRLDistributionPoints [
    [DistributionPoint:
    [URIName: http://pilotonsitecrl.verisign.com/ACA/LatestCRL.crl]
    ]]

    #4: ObjectId: 2.5.29.19 Criticality=false
    BasicConstraints:[
    CA:false
    PathLen: undefined
    ]
  • 7. Re: I can verify a digital signature with an incorrect cert
    813524 Newbie
    Currently Being Moderated
    Here's the code that I'm using for testing. Perhaps I have done something wrong here:

                   String data = "Yeehaw";

                   byte[] signature = signtureService.sign(data,"myKeystore.jks","JKS","Password1","cert-tue 1-tue 1 admin-187413");

                   LOGGER.info("Checking data with correct cert, result should = true");
                   boolean result = signtureService.verify(data,signature,"myKeystore.jks","JKS","Password1","cert-tue 1-tue 1 admin-187413");
                   LOGGER.info("Result = [" + result + "]");

                   LOGGER.info("Checking data with incorrect cert, result should = false");
                   result = signtureService.verify(data,signature,"myKeystore.jks","JKS","Password1","cert-pue 1-pue 1 admin-294937");
                   LOGGER.info("Result = [" + result + "]");

                   LOGGER.info("Modify data and check with correct cert, result should = false");
                   result = signtureService.verify("Yeeha",signature,"myKeystore.jks","JKS","Password1","cert-tue 1-tue 1 admin-187413");
                   LOGGER.info("Result = [" + result + "]");

    and here is the output:

    Signature = [[B@8e32e7]
    Checking data with correct cert, result should = true
    Result = [true]
    Checking data with incorrect cert, result should = false
    Result = [true]
    Modify data and check with correct cert, result should = false
    Result = [false]
  • 8. Re: I can verify a digital signature with an incorrect cert
    sabre150 Expert
    Currently Being Moderated
    Since I am pretty sure that the Oracle JCE provider signature code is correct the only things I can think of are :-

    a) that you have generated two CSR from the same (private/public) key pair and processed them both through Verisign,

    or

    b) that your generation of the (private/public) key pair resulted in the same key for both.

    You could extract the two public key from the certificates and compare their moduli and exponents.
  • 9. Re: I can verify a digital signature with an incorrect cert
    EJP Guru
    Currently Being Moderated
    vaules of the public key associated with the private key, and the public key of the certificate?
    That's what I asked for.
    The cert associated with the private key that was used to sign the data:
    That's not what I asked for.
    The cert used to verify (incorrectlyl) the signature:
    Nor is that.

    Those are certificates. I asked for public keys.
  • 10. Re: I can verify a digital signature with an incorrect cert
    813524 Newbie
    Currently Being Moderated
    Ok is this what you are looking for? I'm not sure i've done this right. But then if I knew what I was doing I wouldn't be asking questions on forums.

    Private key:

    Bag Attributes
    friendlyName: cert-tue 1-tue 1 admin-187413
    localKeyID: 54 69 6D 65 20 31 33 34 30 36 36 32 35 37 31 33 35 39
    Key Attributes: <No Attributes>
    -----BEGIN ENCRYPTED PRIVATE KEY-----
    MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIWQcKzRnZnTECAggA
    MBQGCCqGSIb3DQMHBAhC3rzoe1dxNQSCAoDseh0qTk2XzSs+Pz+rA97I3lrAVvAU
    1VGf1IW2XkO0EVNn01VcBVX4wkT1kq9m9lUQqIwd+aEgaEuFX7tQqnW7j+1nF2Rh
    0DV1XuqjOm/5vnDYPdjbgHmtNwrY4b+4aOPPhmMZn/8+E8xOEdHtDZhbX1dZ8w59
    7RR7Num8Z0eTX4Vc2D59MCyYmp7uZVSQvkSVwhTs0wfWDlpzuK/Sbj6UZ8nwaR3X
    /KDqqFd3FR0lFPVG4nMS1qdiTJVAK3aiPqyfeK5A6PAYAahS+P4JQ4Kx3DZroSIZ
    k+JaTCm9VIkMAF8Gy6ysu3Lel1sIiHMik5CfRFD9A+4zmW9XK6spryxGz2jb4P96
    glNqVDj+tnNHplzvgw3uJOZjuaOvL1mOypq580c/rtjpfwLalJOB3ys3IbpFyP7f
    zMMJfek781VarB8aJ+HWsVUvAq/1ri0PWhZM3RoaNDLMQ8Oq0sW24GS5trZ72HE3
    t1xN9cReRC6T3K6IWGm4MI2VY37basokUAA3CET1m9eqlu26XeIwzLUanjF+w1nC
    5ylN1juNbDpoojyq78BSJydZv+N8ebRHUdGm4GhccTkDKTlX2EUoPezPPnJAGq4m
    51R9fcer9L6l8JB2b6lNZwOSFw4SMKbGGUpEBTsJVlC0ej7eZJhbnuyWaZe12qe6
    RXJjYPCCLr+ynrYKRxEIL9aaFoHWY1xyI0AT7LswUPzy9DPPoU9YxfJPss8BTvEx
    Krom0VfA8Yx62FCh1/gUOYR00pJpe30Rr6bdnWixDocOmItHgGKgpw0r2YhJ5o0v
    fxztBKSL+Aml0Tjkqdu9eEDrRoW+7+Zm7yYTzQueoQI0F/waH3Y4w0sv
    -----END ENCRYPTED PRIVATE KEY-----

    Public-Key: (1024 bit)
    Modulus:
    00:81:ad:0f:c2:59:3b:c2:41:a6:10:17:17:0d:79:
    f6:3b:74:8f:42:a0:72:e5:fa:1f:90:22:50:02:fb:
    49:82:29:34:28:24:a3:b0:17:e0:b5:09:fe:27:07:
    c3:a6:57:67:05:82:09:8e:7a:3a:bb:ed:ed:a0:26:
    45:ff:91:1f:e9:db:af:00:f2:bb:4f:f7:f8:7e:82:
    7c:6c:6c:19:03:c7:5c:4c:9e:e7:62:25:49:2f:dd:
    39:ca:b0:8a:88:b5:40:da:e7:89:d1:b5:cb:88:b6:
    56:25:b2:6b:85:0e:89:96:ed:e6:bc:d2:28:26:ce:
    4a:9a:d5:c0:0e:65:37:cd:8f
    Exponent: 65537 (0x10001)
    -----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCBrQ/CWTvCQaYQFxcNefY7dI9C
    oHLl+h+QIlAC+0mCKTQoJKOwF+C1Cf4nB8OmV2cFggmOejq77e2gJkX/kR/p268A
    8rtP9/h+gnxsbBkDx1xMnudiJUkv3TnKsIqItUDa54nRtcuItlYlsmuFDomW7ea8
    0igmzkqa1cAOZTfNjwIDAQAB
    -----END PUBLIC KEY-----
  • 11. Re: I can verify a digital signature with an incorrect cert
    sabre150 Expert
    Currently Being Moderated
    You have now compromised your private key so that the whole world has access to it. It is now useless.

    What we wanted were the two public keys; not the private key.
  • 12. Re: I can verify a digital signature with an incorrect cert
    EJP Guru
    Currently Being Moderated
    Blimey. I ask for a public key and i get first two certificates and now a private key, which you should never disclose to anybody and which you must now destroy and regenerate.

    However, if this is the complete answer to what we asked for, it proves there is only one key pair, which is what we have been telling you all along.
  • 13. Re: I can verify a digital signature with an incorrect cert
    813524 Newbie
    Currently Being Moderated
    Apologies, i did realise what I had done :) but I haven't had time to post the public key associated with the private key. The private key is used for testing only and isn't used on any live site.

    This is the key you asked for, I think:


    Public-Key: (1024 bit)
    Modulus:
    00:81:ad:0f:c2:59:3b:c2:41:a6:10:17:17:0d:79:
    f6:3b:74:8f:42:a0:72:e5:fa:1f:90:22:50:02:fb:
    49:82:29:34:28:24:a3:b0:17:e0:b5:09:fe:27:07:
    c3:a6:57:67:05:82:09:8e:7a:3a:bb:ed:ed:a0:26:
    45:ff:91:1f:e9:db:af:00:f2:bb:4f:f7:f8:7e:82:
    7c:6c:6c:19:03:c7:5c:4c:9e:e7:62:25:49:2f:dd:
    39:ca:b0:8a:88:b5:40:da:e7:89:d1:b5:cb:88:b6:
    56:25:b2:6b:85:0e:89:96:ed:e6:bc:d2:28:26:ce:
    4a:9a:d5:c0:0e:65:37:cd:8f
    Exponent: 65537 (0x10001)
  • 14. Re: I can verify a digital signature with an incorrect cert
    813524 Newbie
    Currently Being Moderated
    I can see now that they are the same
1 2 Previous Next

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points