Hello all.

I have this problem when validating signatures. Here is the source code I use:

public void Sign(string filename)
{
//read bytes of the file to be signed
byte[] data = File.ReadAllBytes(filename);
nRes = session.SignInit(Mechanism.SHA1_RSA_PKCS, privateKey);
byte[] signature = session.Sign(data);
int i = filename.Length;
do
   i--;
while (filename[i] != (char)46);
filename = filename.Substring(0, i) + ".sig";
//write the signature bytes into a file that has the same filename with a .sig extension
File.WriteAllBytes(filename, signature);
}

public bool Verify(string filename)
{
//read bytes of the file to be verified
byte[] data = File.ReadAllBytes(filename);
int i = filename.Length;
do
   i--;
while (filename[i] != (char)46);
filename = filename.Substring(0, i) + ".sig";
//read bytes of its signature file
byte[] signature = File.ReadAllBytes(filename);
nRes = session.VerifyInit(Mechanism.SHA1_RSA_PKCS, publicKey);
nRes = session.Verify(data, signature);
//return the result of verification
if (nRes == 0)
   return true;
else
   return false;
}

Pretty simplistic. Still, there is a fatal problem somewhere.

When I run these 2 functions directly one after another - the verification process is a success. 

But when for example I sign a file, then close the program, open it again and try to verify - it fails (I didn't touch the created signature file or the file being verified of course). I noticed that it has some connection to the session it's currently working in. If both functions are executed in the same session, verifying the file succeeds. But if not, it always fails. 

Does anyone have an idea how to fix this? I kinda need it to finish my thesis project ...