[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] PKCS#7 verification




  I'm trying to verify the encrypted digest in a Pkcs#7 signedData
object. But I have some problems with the format.
I am using the IAIK.JCE2.5 . http://jcewww.iaik.tu-graz.ac.at/
I don't understand why the ASN1object that I get from ASN1 is so small,
and later
when I try to use it I get an exception.

What I am doing wrong?


this is the code I have problems with

ASN1 asn1 = new ASN1(pkcs.getBytes());
out.println("asn1:"+asn1.toString());
 ASN1Object asn1_object = asn1.toASN1Object();
out.println("----------------------------------------------------");
out.println("asn1_object:"+asn1_object.toString());

AlgorithmID[] algIDs = { AlgorithmID.sha1, AlgorithmID.md5 };
 try {
 signed_data = new SignedData(message, algIDs);
      out.println("obtenemos el objeto SignedData");
  } catch (NoSuchAlgorithmException ex) {
      throw new PKCSException(ex.getMessage());
     }

    // get an InputStream for reading the signed content
    InputStream data = signed_data.getInputStream();
    ByteArrayOutputStream os = new ByteArrayOutputStream();
    StreamCopier sc = new StreamCopier(data, os);
    sc.copyStream();

      try {
      signed_data.decode(obj);
      } catch (PKCSParsingException pkcs) {
        out.println("PKCSParsingException"+pkcs.toString());
      }

And the output is:

asn1:SEQUENCE[C] = 2 elements
  OBJECT ID = PKCS#7 signedData
  CONTEXTSPECIFIC[C] = [0] EXPLICIT
    SEQUENCE[C] = 5 elements
      INTEGER = 1
      SET[C] = 1 elements
        SEQUENCE[C] = 2 elements
          OBJECT ID = SHA
          NULL = null
      SEQUENCE[C] = 1 elements
        OBJECT ID = PKCS#7 data
      CONTEXTSPECIFIC[C] = [0] EXPLICIT
        SEQUENCE[C] = 3 elements
          SEQUENCE[C] = 7 elements
            CONTEXTSPECIFIC[C] = [0] EXPLICIT
              INTEGER = 2
            INTEGER = 527
            SEQUENCE[C] = 2 elements
              OBJECT ID = md5WithRSAEncryption
              NULL = null
            SEQUENCE[C] = 5 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "ES"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = stateOrProvinceName
                  PrintableString = "Madrid"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationName
                  PrintableString = "ACE"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationalUnitName
                  PrintableString = "Clase 1"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "ACE Clientes1"
            SEQUENCE[C] = 2 elements
              UTCTime = 990121091651Z
              UTCTime = 000121051600Z
            SEQUENCE[C] = 7 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "es"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = stateOrProvinceName
                  PrintableString = "Valencia"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = localityName
                  PrintableString = "Valencia"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationName
                  PrintableString = "Tissat"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationalUnitName
                  PrintableString = "Infomarket"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "Maria Angeles"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = emailAddress
                  IA5String = "mangeles@tissat.es"
            SEQUENCE[C] = 2 elements
              SEQUENCE[C] = 2 elements
                OBJECT ID = rsaEncryption
                NULL = null
              BIT STRING = 74 byte(s); 0 bit(s) not valid
          SEQUENCE[C] = 2 elements
            OBJECT ID = md5WithRSAEncryption
            NULL = null
          BIT STRING = 128 byte(s); 0 bit(s) not valid
      SET[C] = 1 elements
        SEQUENCE[C] = 6 elements
          INTEGER = 1
          SEQUENCE[C] = 2 elements
            SEQUENCE[C] = 5 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "ES"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = stateOrProvinceName
                  PrintableString = "Madrid"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationName
                  PrintableString = "ACE"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationalUnitName
                  PrintableString = "Clase 1"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "ACE Clientes1"
            INTEGER = 527
          SEQUENCE[C] = 2 elements
            OBJECT ID = SHA
            NULL = null
          CONTEXTSPECIFIC[C] = [0] EXPLICIT
            SEQUENCE[C] = 2 elements
              OBJECT ID = contentType
              SET[C] = 1 elements
                OBJECT ID = PKCS#7 data
            SEQUENCE[C] = 2 elements
              OBJECT ID = signingTime
              SET[C] = 1 elements
                UTCTime = 990715091946Z
            SEQUENCE[C] = 2 elements
              OBJECT ID = symmetricCapabilities
              SET[C] = 1 elements
                SEQUENCE[C] = 1 elements
                  SEQUENCE[C] = 2 elements
                    OBJECT ID = RC2-CBC
                    INTEGER = 40
            SEQUENCE[C] = 2 elements
              OBJECT ID = messageDigest
              SET[C] = 1 elements
                OCTET STRING = 20 bytes: B1:66:50:B9:70...
          SEQUENCE[C] = 2 elements
            OBJECT ID = rsaEncryption
            NULL = null
          OCTET STRING = 64 bytes: BA:D1:1E:A3:16...

----------------------------------------------------
asn1_object:SEQUENCE[C] = 2 elements
PKCSParsingException: iaik.pkcs.PKCSParsingException: Next ASN.1 object
is no INTEGER!

--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-jce