Thank you for your repy, but still no luck.
This is a piece of my c# test-code, can you verify if i understand you correctly?
/// <summary>
/// GetSignature, get signature of the bytesToSign
/// </summary>
/// <param name="bytesToSign"></param>
/// <returns></returns>
private byte[] GetSignature(byte[] bytesToSign)
{
byte[] signature = _certificate.GetRSAPrivateKey().SignData(bytesToSign, 0, bytesToSign.Length, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
// verify
bool succes = false;
using (RSA rsa = _certificate.GetRSAPublicKey())
{
succes = rsa.VerifyData(
bytesToSign,
signature,
HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1);
Debug.Assert(succes);
}
return signature;
}
// The value for "client_public_key_signature" is the Base64 encoded signature of the public key provided during installation
// and with the installation token appended as a nonce.Signed with the private key belonging to the QSEAL certificate.
private string GetClientPublicKeySignature()
{
string publicKey = SecurityUtils.GetPublicKeyFormattedString(_certificate.GetRSAPublicKey()); // publickey as provided during installation
byte[] bytesToSign = Encoding.UTF8.GetBytes(Convert.ToBase64String(GetSignature(Encoding.UTF8.GetBytes(publicKey))) +
_bunqClient.SessionToken /* installation token */);
return Convert.ToBase64String(GetSignature(bytesToSign));
}
...