I'm aware of this problem being mentioned in the docs, but I still haven't figured out where the problem in my system is. I am trying to sign requests from an Android device, but it still returns "The request signature is invalid", I have done /installation before this and used the token inside the X-Bunq-Client-Authentication.
This is the data I am trying to sign:
POST /v1/device-server
Cache-Control: no-cache
User-Agent: fwdpay-android/0.0.1
X-Bunq-Client-Authentication: a13355b995c5a51d9b6680c9af1a44c7f7475e12aee716add087a59fc6554f72
X-Bunq-Client-Request-Id: fwdpay821969
X-Bunq-Geolocation: 0 0 0 0 NL
X-Bunq-Language: en_US
X-Bunq-Region: en_US
{'description': 'fwdpay-android','secret': 'c404d4b6fe17fa05a450194e06b55dcfa5db1edbc92d3b0ded05578385f8d7cf','permitted_ips': []}
And this is the code I use to sign it with (it's in Java btw):
private String encrypt(String key, String data) throws Exception {
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decode(key, Base64.DEFAULT));
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey mKey = keyFactory.generatePrivate(keySpec);
Signature sign = Signature.getInstance("SHA256withRSA");
sign.initSign(mKey);
sign.update(data.getBytes());
byte[] signed = sign.sign();
return java.util.Base64.getEncoder().encodeToString(signed);
}
So my question is, what am I doing wrong?