Problem verifying signature of new eID in Java
jj69...@gmail.com
Hello,
We have al small client application, written in Java, that reads some data from the belgium eID.
This worked fine in the past, but now we have an issue with the new eID's.
When verifying the signature of the eID using the java.security.Signature class as follows :
Signature.getInstance("SHA1withRSA");
// Fetch public key of correct certificate
PublicKey pk = this.getNationalRegisterCertificate().getX509Certificate().getPublicKey();
// Verify signature and return results
sig.initVerify(pk);
sig.update(data, 0, data.length); // data read from the eid
sig.verify(signature); // signature read from the eid, this is where it goes wrong
Where signature is the a byte array containing the signature read from the eid.
Following error is generated :
Caused by: java.security.SignatureException: Signature encoding error
at sun.security.rsa.RSASignature.engineVerify(Unknown Source)
at java.security.Signature$Delegate.engineVerify(Unknown Source)
at java.security.Signature.verify(Unknown Source)
at be.test.belgium.eid.eidlib.BeID.verifyRNSignature(BeID.java:754)
at be.test.belgium.eid.eidlib.BeID.getIDData(BeID.java:185)
... 3 more
Caused by: java.io.IOException: ObjectIdentifier mismatch: 2.16.840.1.101.3.4.2.1
at sun.security.rsa.RSASignature.decodeSignature(Unknown Source)
I checked on following page : http://eid.belgium.be/en/nieuws/news_eid_veranderingen
But apart from the larger key length, I don't see much information there.
Can you redirect us to some document or site where we can see the difference between the new and old eid's ?
The eID that causes problems was handed out 3 weeks ago.
tnx,
Frederik Vernelen
--
You received this message because you are subscribed to the Google Groups "eID Middleware Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to eid-middleware-dev+unsub...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.