[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] How to put/get file type information in PKCS7?

I have tried to put file type information in PKCS7 with attributes:
SignerInfo signerInfo;
IssuerAndSerialNumber issuer = new IssuerAndSerialNumber (cert);
signerInfo = new SignerInfo (issuer, AlgorithmID.sha1, AlgorithmID.rsaEncryption, null);
String oidStr = "8.8.8888.8";
String name = "objectIDDocType";
ObjectID oid = null;
if (ObjectID.hasRegisteredName (oidStr))
    return null;
oid = new ObjectID (oidStr, name);
Attribute[] attributes = new Attribute [1];

ASN1Object [] docType = {new PrintableString ("html")};
attributes [0] = new Attribute (oid, docType);
signerInfo.setAuthenticatedAttributes (attributes);

signerInfo.setEncryptedDigest (contP7.mSignature);
I use the function setEncryptedDigest, because the private key is on SmartCard. Without Aittributes i can the PKCS7 Object verify. But with Attributes i get the Exception:
java.security.SignatureException: Signature verification error: authenticated attributes!
Code for verify
SignedDataStream signedData = new SignedDataStream (new ByteArrayInputStream (contP7.mRowData));
InputStream isData = signedData.getInputStream ();

byte[] buf = new byte [1024];
int r;
while ((r = isData.read (buf)) > 0)
// get the signer infos
SignerInfo [] signerInfos = signedData.getSignerInfos ();
// verify the signatures
for (int i=0; i < signerInfos.length; i++)
    // verify the signature for SignerInfo at index i
    X509Certificate signerCert = signedData.verify (i);

What is the problem with my attribute?
Istvan Parti
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce