views:

207

answers:

5

I am trying to digitally sign requests made by a mobile client running J2ME and want to verify the signature by the .Net Framework.

Does anyone know if the implementations

DSACryptoServiceProvider //.Net

and

Signature.getInstance("SHA1withDSA", "SUN") //Java

are compatible? Or does anyone have a better idea?


After some research I found this library which seems to have DSA APIs for both C# and Java with the same underlying implementations: http://www.bouncycastle.org

Does anyone have any experience with this?

A: 

I think they are not compatible.

liya
Thinking is not knowing!
Manu
A: 

As I understand it, DSA/SHA1 are standard algorithms (or RFCs, but never mind), so it's more than likely they are interchangeable.

Romain
+1  A: 

I had to deal with J2ME => .Net Web Service. And I had some problems with Encryption. I am not sure about DSA Java and .Net differs on encryption in DES and AES as far as I know.

This does not answer to your question but I guess it may help you.

There is a library named Bouncy Castle:

Releases for Java: http://www.bouncycastle.org/latest%5Freleases.html (pick J2ME one)

Releases for C# http://www.bouncycastle.org/csharp/

I used them without any headache. Documentation is not poor but is not good also. But Java and C# versions are compatible.

JCasso
+1  A: 

They must be compatible, otherwise Java and .NET web-services wouldn't be, and I know for sure that they are

RA
+1  A: 

.NET and Java encode the signatures in different ways. Otherwise they should be compatible. More details in another answer.

Rasmus Faber