Digital signature: sample code for verification and for extracting certification information

java .net digital-signature digital-certificate
11,477

Solution 1

To extract detail from certificate:

  1. Make a string which keeps certificate data. Just ensure it has -----BEGIN CERTIFICATE----- in starting and -----END CERTIFICATE----- in end.
  2. Now use the following code in Java to extract certificate detail.

InputStream inStream = new ByteArrayInputStream(certString.toString().getBytes("UTF-8"));
BufferedInputStream bis = new BufferedInputStream(inStream);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(bis);
X509Certificate xCert = (X509Certificate)cert;

System.out.println("Certificate Type: "+cert.getType());
System.out.println("Public Key: \n"+cert.getPublicKey());
try{
      System.out.println("Signature Algorithm"+xCert.getSigAlgName());
      System.out.println("IssuerDN : "+xCert.getIssuerDN());
      System.out.println("Serial Number : "+xCert.getSerialNumber());
      System.out.println("SubjectDN : "+xCert.getSubjectDN());
}catch(Exception exp){
      :
}

Solution 2

If you are having the PFX file, then that may contain the public key certificate which will be required to verify the signature.

Alternatively, if your signature is a PKCS#7 signature, then the signature itself will hold the data, signature and the certificate. Assuming PKCS#7 is not detached.

You need to ask your signer, how is he transferring his certificate for validation.

Share:
11,477
Amit Kumar Gupta
Author by

Amit Kumar Gupta

I am Research Enthusiast working as a full time opensource developer. I used to develop general and generic applications which can give better performance with fewer resources. I am a greedy programmer who likes creative things.

Updated on August 07, 2022

Comments

  • Amit Kumar Gupta
    Amit Kumar Gupta over 1 year

    I use a third party tool to verify signature and to get certificate detail(like serial number, CA etc..) from signature. The problem with this utility is it is licensed and works on certain machines only.

    Can i validate the signature against the data using simple java or .net code?(instead of using paid application). I dont have private key to extract certificate information from signed data.

    Or if someone can suggest sample code in java or .net to extract certificate detail if i have pfx file. Of from signed data.

    Data is signed with asymmetric encryption.

  • Amit Kumar Gupta
    Amit Kumar Gupta almost 13 years
    your code seems realy helpful. But i have only signature and data. I dont have certificate. Is certificate come along with signature? If so, can you tell me how can i extract certificate from signature?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to implement digital signature with my existing web project
google calendar api server application
XML validation with XMLDSIG using XadES-BES algorithm
how to do verify using java.security.Signature
Count Instances of Class
Implementing RSA-SHA1 signature algorithm in Java (creating a private key for use with OAuth RSA-SHA1 signature)
What's the detail in "SHA1withRSA"?
How to Digitally Sign a Dynamically Created PDF Document Using PDFBox?
How to check if X seconds has passed in Java?
Reading a pfx file from usb token with java