Sunday, March 31, 2013

Re: Same text, different Signature with each execution

No idea. Only thing I would change is to explicitly use a Charset like UTF-8 in String.getBytes() and probably inside Base64Utils.toBase64(). As you only use JRE classes beside Base64Utils I would first double check Base64Utils if it works correctly.

The following JUnit 4 test works (it does not use Base64Utils, but feel free to modify it):

public class SignatureTest {      private KeyPair keyPair;    private Signature signer;      @Before    public void setUp() throws Exception {      keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();      initSigner();    }      @Test    public void testSign() throws Exception {      //3 signs of the same text. Reusing signer (JavaDoc: signer.sign() resets signer)      String signed1 = sign("Hello World!!!");      String signed2 = sign("Hello World!!!");      String signed3 = sign("Hello World!!!");        printFirstBytes(signed1);      printFirstBytes(signed2);      printFirstBytes(signed3);        Assert.assertEquals(signed1, signed2);      Assert.assertEquals(signed2, signed3);      Assert.assertEquals(signed1, signed3);        //3 signs of the same text. Re-instantiate/init signer each time manually      String signed4 = signWithNewSigner("Hello World!!!");      String signed5 = signWithNewSigner("Hello World!!!");      String signed6 = signWithNewSigner("Hello World!!!");        printFirstBytes(signed4);      printFirstBytes(signed5);      printFirstBytes(signed6);        Assert.assertEquals(signed4, signed5);      Assert.assertEquals(signed5, signed6);      Assert.assertEquals(signed4, signed6);      }      private String sign(String text) throws Exception {      signer.update(text.getBytes("UTF-8"));      return new String(signer.sign(), "UTF-8");    }      private String signWithNewSigner(String text) throws Exception {      initSigner();      return sign(text);    }      private void initSigner() throws Exception {      signer = Signature.getInstance("SHA1withRSA");      signer.initSign(keyPair.getPrivate());    }      private void printFirstBytes(String source) throws UnsupportedEncodingException {      byte[] bytes = source.getBytes("UTF-8");      for(int i = 0; i < bytes.length && i < 8; i++) {        System.out.print(bytes[i] + ", ");      }      System.out.println("");    }    }

-- J.

You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To post to this group, send email to
Visit this group at
For more options, visit

No comments:

Post a Comment