I'm trying to replicate a third-party NodeJS algorithm in .Net Core to verify a RSA payload and signature. The algorithm is used by a mobile app to verify biometric data. This is the thir-party NodeJS code:
import NodeRSA from "node-rsa";
export const verifySignature = (
base64Signature: string,
payload: string,
publicKey: string
): boolean => {
const key = new NodeRSA();
const publicKeyBuffer = Buffer.from(publicKey, "base64");
const signer = key.importKey(publicKeyBuffer, "pkcs8-public-der");
return key.verify(Buffer.from(payload), base64Signature, "utf8", "base64");
};
The publicKey is a base64 string coming from a database, base64signature and payload come from the body on an API call. I asked to the third-party developer some base64signature and payload which works on his code, but I can't make them work with my .Net function:
using System.Security.Cryptography;
private bool VerifySignature(string base64Signature, string payload, string publicKey)
{
RSA rsa = new RSACryptoServiceProvider();
rsa.ImportSubjectPublicKeyInfo(Convert.FromBase64String(publicKey), out _);
return rsa.VerifyData(Encoding.UTF8.GetBytes(payload), Convert.FromBase64String(base64Signature), HashAlgorithmName.MD5, RSASignaturePadding.Pkcs1);
}
I have no idea where is the error, maybe the HashAlgorithmName.MD5 or the RSASignaturePadding.Pkcs1 parameters? I have no access to the mobile app code, so I don't know which paramters to use.
Any suggestion?
Thank you, Sebasthian
From the documentation of Node-RSA:
signingScheme— scheme used for signing and verifying. Can be'pkcs1'or'pss'or'scheme-hash'format string (eg'pss-sha1'). Default'pkcs1-sha256', or, if chosen pss:'pss-sha1'.