[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-jce] Problem with verify-Method (InternalErrorException)



Hello,


> ContentInfo: {
>	ContentType: PKCS#7 data {
>	No content!
> }

From this ASN.1 dump you may see that the SignedData does not include the
content (explicit mode) and so the data (received by other means) has to be
supplied for hash calculation (please see demos demo.pkcs.PKCS7Stream and
demo.pkcs.TestContentInfo on how to do).


> ...
> signedData.setCertificates(certs);
> signedData.verify(0);
> ...
Please call the verify method only when parsing/verifying and existing
SignedData object (e.g. created from its DER encoding). If no certificates
are included you explicitly may specifiy the cert/key to be used for
verification by calling method verify(X509Certificate signerCertificate) or
method verify(PublicKey publicKey, int signerInfoIndex) (see demos mentioned
above).

Regards,
Dieter Bratko


-----Ursprüngliche Nachricht-----
Von: iaik-jce-owner@iaik.tu-graz.ac.at
[mailto:iaik-jce-owner@iaik.tu-graz.ac.at]Im Auftrag von Andreas
Siglreithmayr
Gesendet: Mittwoch, 2. August 2000 10:44
An: IAIK MailingList (E-mail)
Betreff: [iaik-jce] Problem with verify-Method (InternalErrorException)


Hello,

I have a problem verifying a SignedData-Object.
I create the SignedData-Object as follows:

BufferedInputStream in = new BufferedInputStream(socket.getInputStream());
...
ContentInfo conInfo = new ContentInfo(in);
SignedData signedData = (SignedData)conInfo.getContent();
...

Here are further Information about my SignedData-Object:
Version: 1
digestAlgorithms: SHA
ContentInfo: {
	ContentType: PKCS#7 data {
	No content!
}
signerInfo 1: {
	Version: 1
	SerialNumber: 2084
	Issuer: CN=CA, O=MyOrg, C=DE
	digest_algorithm: SHA
	digest_encryption_algorithm: dsa
	encrypted_digest: 46 Bytes [30:2C:02:14:31...]
	authenticated_attributes:
	contentType = OBJECT ID = PKCS#7 data
	signingTime = UTCTime = 000802075308Z
	messageDigest = OCTET STRING = 16 bytes: 64:01:F3:B9:7C...
}

if I call the verify-Method of SignedData as follows:
...
signedData.setCertificates(certs);
signedData.verify(0);
...

or like this:

...
signedData.verify(certs[0].getPublicKey(), 0);
...

an InternalErrorException is thrown:

iaik.utils.InternalErrorException: MessageDigest not initialized yet!
	at iaik.pkcs.pkcs7.b.a(Unknown Source)
	at iaik.pkcs.pkcs7.a.b(Unknown Source)
 	at iaik.pkcs.pkcs7.SignedDataStream.getMessageDigest(Unknown Source)
 	at iaik.pkcs.pkcs7.SignedDataStream.verify(Unknown Source)
 	at iaik.pkcs.pkcs7.SignedDataStream.verify(Unknown Source)

Any idea what is wrong or how I can avoid this Exception?
I have already written the SignedData-Object to a File(DER-Encoded) and
verified it successfully with a Tool.

Bye




> Andreas Siglreithmayr
> Development
>
> memIQ AG
Hans-Pinsel-Straße 9a/Erdgeschoß
D-85540 Haar
> Phone: +49.(0)89.4563.9325
> mailto:andreas.siglreithmayr@memIQ.com
>
>
>
--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-jce




smime.p7s