PS256 Signature verification Android using Kotlin using BouncyCaslte throws not such algorithm found

Question

I am trying to implement PS256 verification in android over Kotlin using BouncyCastle. I have read the documentation of BouncyCastle where they list SHA256withRSAandMGF1 as an available algorithm in their library but when running, I am getting not such algorithm found exception. Can someone help with this?

fun verifySignedContent(cert: String, jwtS: String): Boolean {
        val certFactory: CertificateFactory = CertificateFactory.getInstance("X.509")
        val bytes = ByteArrayInputStream(cert.toByteArray())

        Security.addProvider(BouncyCastleProvider())

        val signedJWT = SignedJWT.parse(jwtS)

        val signature = signedJWT.signature

        val sig = Signature.getInstance("SHA256withRSAandMGF1", "BC")
        println("Signature: " + signature.toJSONString())

        sig.initVerify(certFactory.generateCertificate(bytes))
        sig.update(signature.decode())

        val flagSig = sig.verify(signedJWT.signature.decode())
        println("Signature is valid: $flagSig")
        return flagSig
    }

I have added the following dependencies in my Build.gradle

implementation 'org.bouncycastle:bcprov-jdk18on:1.71'
implementation 'org.bouncycastle:bcpkix-jdk18on:1.71'

Try to remove a possibly pre-installed BC version, s. https://stackoverflow.com/a/63586653/9014097 — Topaco, Jun 26 '23 at 08:09
[Here is the list of signature algorithms](https://developer.android.com/reference/java/security/Signature) and the minimum android version that accepts them. — President James K. Polk, Jun 26 '23 at 12:58

PS256 Signature verification Android using Kotlin using BouncyCaslte throws not such algorithm found

0 Answers0