[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-jce] Parsing of BER encoded Octet Stings in a PKCS#7 messages



Hello,

the DerCoder utility is able to handle constructed definite encoded OCTET
STRINGs. However, you may be right, the DerInputStream utility used by the
PKCS#7 implementation might be not able to do so. Please, may you send me
the PKCS#7 object containing the constructed definite encoded data so that
we can test against it.
Although it might be an unusual practice to encode a constrcuted OCTET
STRING definite (if definite, why not whole the OCTET_STRING thereby
avoiding the tag-lengh-field overhead of the inner primitive octet
strings?), we should fix this problem.

Regards,
Dieter Bratko

-----Ursprüngliche Nachricht-----
Von: iaik-jce-owner@iaik.tu-graz.ac.at
[mailto:iaik-jce-owner@iaik.tu-graz.ac.at]Im Auftrag von Robert Stegmann
Gesendet: Mittwoch, 7. Februar 2001 13:45
An: iaik-jce@iaik.at
Betreff: [iaik-jce] Parsing of BER encoded Octet Stings in a PKCS#7
messages


We are using IAIK version 2.6 and want to decode and verify
S/MIME messages with the IAIK-S/MIME package. The S/MIME
message comes from a plugin in an E-Mail program.

The PKCS#7 part of the S/MIME message contains plain data
which is decoded as 'definite constructed' Octet String,
i.e. tag 0x24 with the length of byts at beginning and
blocks of certain length like in the following sample:

 SEQUENCE length = 2246 {
     OBJECT IDENTIFIER 1.2.840.113549.1.7.data(1)
     [0] (constructed) length = 2231 {
         OCTET STRING (constructed) length = 2227 {
             OCTET STRING length = 1000
             OCTET STRING length = 1000
             OCTET STRING length = 216
         }
     }
 }

0x24 0x82 <length bytes>
     0x04 ...
     0x04 ...

IAIK-JCE doesn't recognize this encoding correctly. The
constructed manner is ignored, i.e. the tags for the
primitive Octet String encoding remain in the decoded
message. Thus verifying the signature fails.

I know the following proposed ASN.1 encodings for
Octet Strings:

      Tag   Length-spec       Encoding
DER   0x04  definite          primitive
BER   0x24  indefinite        constructed

My question is whether a combination of both is allowed:

      Tag   Length-spec       Encoding
BER   0x24  definite         constructed

and if this encoding will be supported by IAIK software.

Thanks
Robert

--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-jce




smime.p7s