[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Extracting the data of a PKCS#7 blob



Hello,

I've generated a PKCS#7 Blob with Microsoft's CryptoAPI's CrytpSignMessage()
and I am able to extract information on the signer from the Certificate, but
have been unsuccessful at getting the original message (the string that I've
signed) back from the blob on the Java side.  I have included code fragments
for both the Java side and the C++ side which generated the blob. Any help
would be very appreciated.

Thank you,
Daniel

Java Code:
	public static void test()
	{
		try
			{
			// the raw data received by other means, supplied by
a byte array:
			byte[] message = getMsgBytes("c:\\temp\\msg.blob");
			// the hash algorithms (e.g. parsed from the headers
of a S/MIME multipart/signed entity):
			AlgorithmID[] algIDs = {
AlgorithmID.sha1,AlgorithmID.md5 };
			// the DER encoded content info, supplied from an
input stream:
			InputStream encoded_stream = new
FileInputStream("c:\\temp\\msg.blob");
			// create a SignedData object from raw data and hash
algorithms:
			SignedData signed_data = new
SignedData(message,algIDs);
			// create a ContentInfo from the DER encoding:
			ContentInfo ci = new ContentInfo(encoded_stream);
			System.out.println("Content: " +
ci.getContent().toString());
			System.out.println("ContentInfo: " + ci.toString());

			//????how do I get the original message back...????
It's the string "CryptoAPI is a good way to handle security"
			//see C++ code snippet below
		}
		catch (Exception e)
		{
			e.printStackTrace();
			System.out.println(e.getMessage());
		}
	}

OUTPUT:
The Content and ContentInfo tell me the following so I know that it sees the
data blob in there:
Content: Version: 1
digestAlgorithms: MD5
ContentInfo: {
ContentType: PKCS#7 data {
PKCS#7 Data: 43 bytes
}
}
certificates: 1
signerInfos: 1

ContentInfo: ContentType: PKCS#7 signedData {
Version: 1
digestAlgorithms: MD5
ContentInfo: {
ContentType: PKCS#7 data {
PKCS#7 Data: 43 bytes
}
}
certificates: 1
signerInfos: 1


The C++ code fragment looks like this:
//--------------------------------------------------------------------
// The message to be signed

BYTE* pbMessage =
    (BYTE*)"CryptoAPI is a good way to handle security";
<-----------------------------I want to get this back from the Java code
//--------------------------------------------------------------------
// Initialize the signature structure.

SigParams.cbSize = sizeof(CRYPT_SIGN_MESSAGE_PARA);
SigParams.dwMsgEncodingType = MY_TYPE;
SigParams.pSigningCert = pSignerCert;
SigParams.HashAlgorithm.pszObjId = szOID_RSA_MD5;
SigParams.HashAlgorithm.Parameters.cbData = NULL;
SigParams.cMsgCert = 1;
SigParams.rgpMsgCert = &pSignerCert;
SigParams.cAuthAttr = 0;
SigParams.dwInnerContentType = 0;
SigParams.cMsgCrl = 0;
SigParams.cUnauthAttr = 0;
SigParams.dwFlags = 0;
SigParams.pvHashAuxInfo = NULL;
SigParams.rgAuthAttr = NULL;

//--------------------------------------------------------------------
// With two calls to CryptSignMessage, sign the message.
// First, get the size of the output signed blob.

if(CryptSignMessage(
    &SigParams,            // Signature parameters
    FALSE,                 // Not detached
    1,                     // Number of messages
    MessageArray,          // Messages to be signed
    MessageSizeArray,      // Size of messages
    NULL,                  // Buffer for signed message
    &cbSignedMessageBlob)) // Size of buffer
{
    printf("The size of the blob is %d.\n",cbSignedMessageBlob);
}
else
{
    HandleError("Getting signed blob size failed");
}

//--------------------------------------------------------------------
// Allocate memory for the signed blob.

if(!(pbSignedMessageBlob =
   (BYTE*)malloc(cbSignedMessageBlob)))
{
    HandleError("Memory allocation error while signing.");
}

//--------------------------------------------------------------------
// Get the SignedMessageBlob.

if(CryptSignMessage(
      &SigParams,            // Signature parameters
      FALSE,                 // Not detached
      1,                     // Number of messages
      MessageArray,          // Messages to be signed
      MessageSizeArray,      // Size of messages
      pbSignedMessageBlob,   // Buffer for signed message
      &cbSignedMessageBlob)) // Size of buffer
{
    printf("The message was signed successfully. \n");
    writeBlob(cbSignedMessageBlob, pbSignedMessageBlob);
}
else
{
    HandleError("Error getting signed blob");
}

//--------------------------------------------------------------------
// pbSignedMessageBlob points to the signed blob.
// write the blob to a file. for now, hardcoded to write to c:\temp\msg.blob
void writeBlob(DWORD cbSignedMessageBlob, BYTE  *pbSignedMessageBlob)
{
	FILE *fp = fopen("c:\\temp\\msg.blob", "wb");
	fwrite(pbSignedMessageBlob, sizeof( BYTE ), cbSignedMessageBlob,fp);
}
--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-jce