Signature Verification Fails - No Supported Key Formats Exception (.NET Integration)

osdeniz · April 14, 2025, 1:51pm

Issue Summary:
I’m trying to verify the Fireblocks webhook signature in a .NET (C#) application using the public key provided in the production environment. However, I encounter the following error when using rsa.ImportFromPem():

Steps Taken:

Retrieved the public key from the documentation (starting with -----BEGIN PUBLIC KEY-----).
Tried using rsa.ImportFromPem() with this key, passed as a string.
Confirmed that the key is correctly formatted and includes line breaks (\n).

Code Snippet:


var publicKey = _settings.CurrentValue.PublicKey.Replace("\\n", "\n");
using var rsa = RSA.Create();
rsa.ImportFromPem(publicKey); // Fails here

using var sha512 = SHA512.Create();
byte[] hash = sha512.ComputeHash(Encoding.UTF8.GetBytes(requestBody));
bool isValid = rsa.VerifyHash(hash, receivedSignature, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1);

Questions:

Is the public key provided in the documentation fully compatible with .NET RSA format?

Are there any encoding or formatting requirements (e.g., line endings, base64 padding)?

Do you have an officially supported example for .NET/C# signature verification?

Thanks in advance for your support!

uwes_lamprecht · April 16, 2025, 8:48am

This worked for us in a DotNet Core APIL

public async Task<IActionResult> TransactionWebhookAsync([FromBody] object notificationBody, [FromHeader(Name = "Fireblocks-Signature")] string signature)

fireblocksWebhookValidator.ValidateWebhook(JsonSerializer.Serialize(notificationBody), signature)

try
{
    using (var rsa = RSA.Create())
    {
        rsa.ImportFromPem(_fireblocksPublicKey);

        byte[] signatureBytes = Convert.FromBase64String(signature);
        byte[] messageBytes = Encoding.UTF8.GetBytes(notificationBody);
        byte[] hash = SHA512.HashData(messageBytes);
        return rsa.VerifyHash(hash, signatureBytes, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1);
    }
}
catch (Exception ex)
{
    logger.Error("Signature verification failed", ex);
    return false;
}

Topic		Replies	Views
Can't verify the webhook signature in sandbox Developer Discussion	14	459	February 19, 2025
Webhook validation in Java Developer Discussion help-center	1	508	August 31, 2023
Fireblock API integration in Java Support	0	88	July 4, 2024
Create transaction error using C# authentication examples from fireblock's github Support	2	185	June 5, 2024
Webhook ['fireblocks-signature'] issue (sandbox) Developer Discussion	2	248	May 16, 2024

Signature Verification Fails - No Supported Key Formats Exception (.NET Integration)

Related topics