[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] ContentInfo construction/parsing

Hello Dieter,

I'm the same guy that was having the ASN1 parsing
problems, that's somewhat solved, but the main problem
is still not solved.

My CRS requests are still not working.  VeriSign
claims there's a signature error when they try to
parse the request.  I think this might have something
to do with IAIK_JCE.

They sent me a CRS request, constructed for me with my
own cert and key.  And this request does work, I can
send it and get a valid reply.  This reply is a
ContentInfo object and I can parse it.  

I cannot, however, parse the request they sent me. 
When I try to contruct a ContentInfo with it, I get a
PKCSParsingException, "SignedData only for content
type Data at this time!" message.  What does this
mean?  Also, in the java doc for SignedData, there's a
bold section of text:

"At this point it is important to note that currently
IAIK-JCE only supports SignedData structures to be
used for signing content values of the PKCS#7 Data
content type!"  
Can you explain a little more what this means?

I'm afraid if I cannot parse a correct CRS request
that's constructed by VeriSign, then I probably can't
create one like it either.  I've attached the CRS

I've taken two approaches in creating my own
ContentInfo CRS request.  One is by creating a
SignedData(IMPLICIT), instantiating the SignerInfo
object with a private key and inserting a set of
AuthenticatedAttributes.  Then adding the SignerInfo
to the SignedData and finally creating the

Also, I've tried to create the SignerInfo piece by
piece.  Starting with a SEQUENCE, adding certs,
attributes, calculating my own message digest and
creating the PKCS1 signature.  Both methods fail when
they arrive at VeriSign.

Any suggestions or help would be greatly appreciated. 
Thanks in advance.

Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.