This is the shortened version of RSA string signature. Receiving data accompanied with a signature requires a verification of the signature. For the verification the Public Key of the signer is used.
One note about the key management in my programs: usually the keys are (securely) stored in files or a keystore and have additional password protection. Both scenarios are unhandy in demonstration programs running in an online compiler. That's why I'm using static, hard-coded keys in my programs - please do not do this in production environment! Never ever store a Private Key in the source! The minimum is to load the keys from secured files.
The program follows the usual sequence:
- Receive a message ("data to sign"), a signature and a RSA public key
- convert the data to sign into a binary format (e.g. a byte array)
- load the public key
- start the verification process
- Base64 decoding of the signature
- set the verification parameters (same as used for signing)
- verify the signature against the "data to sign" and show the result.
If you like to see the RSA string encryption full see my separate article RSA signature string.
This is a serious warning regarding the security of the programs shown in these article series. Always keep in mind my disclaimer regarding my programs: All programs are for educational purposes and are not intended to use in production or any other programs where a secure solution is needed. The programs do not have proper exceptional/error handling and in some cases they use insecure key lengths or other methods that are insecure. Never ever use the programs in real life unless checked by a qualified professional cryptographer.
The following links provide the solutions in code and an online compile that runs the code.
| Language | available | Online-compiler |
|---|---|---|
| Java | ✅ | repl.it CpcJavaRsaSignatureStringVerificationOnly |
| PHP | ✅ | repl.it CpcPhpRsaSignatureStringVerificationOnly |
| C# | ✅ | repl.it CpcCsharpRsaSignatureStringVerificationOnly |
| Javascript CryptoJs | ❌ | the signature functionality is not available in CryptoJs |
| NodeJS Crypto | ✅ | repl.it CpcNodeJsCryptoRsaSignatureStringVerificationOnly |
| NodeJS forge | ✅ | repl.it CpcNodeJsRsaSignatureStringVerificationOnly |
| Webcrypto verify only | ✅ | your browser WebcryptoRsaVerifyString.html |
| Python *1) | ❌ | see full version |
*1) you need the external library pycryptodome, version 3.9.9 This is an output:
RSA signature string verification only
dataToSign: The quick brown fox jumps over the lazy dog
* * * verify the signature against the plaintext with the RSA public key * * *
used public key:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EmWJUZ/Osz4vXtUU2S+
0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9
iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT
/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe8
01/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLB
ishaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2g
QwIDAQAB
-----END PUBLIC KEY-----
signature (Base64) verified: true
Last update: Feb. 02nd 2021
Back to the main page: readme.md