[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Problem with verifing SignedData



Hello,

I have a problem verifying the following SignedData-Object:

SEQUENCE[C][I] = 4 elements
  INTEGER = 1
  SET[C] = 1 elements
    SEQUENCE[C] = 2 elements
      OBJECT ID = SHA
      NULL = null
  SEQUENCE[C][I] = 1 elements
    OBJECT ID = PKCS#7 data
  SET[C] = 1 elements
    SEQUENCE[C] = 6 elements
      INTEGER = 1
      SEQUENCE[C] = 2 elements
        SEQUENCE[C] = 3 elements
          SET[C] = 1 elements
            SEQUENCE[C] = 2 elements
              OBJECT ID = countryName
              PrintableString = "DE"
          SET[C] = 1 elements
            SEQUENCE[C] = 2 elements
              OBJECT ID = organizationName
              PrintableString = "IXOS"
          SET[C] = 1 elements
            SEQUENCE[C] = 2 elements
              OBJECT ID = commonName
              PrintableString = "CA"
        INTEGER = 2084
      SEQUENCE[C] = 2 elements
        OBJECT ID = SHA
        NULL = null
      CONTEXTSPECIFIC[C] = [0] IMPLICIT
        SET[C] = 3 elements
          SEQUENCE[C] = 2 elements
            OBJECT ID = contentType
            SET[C] = 1 elements
              OBJECT ID = PKCS#7 data
          SEQUENCE[C] = 2 elements
            OBJECT ID = signingTime
            SET[C] = 1 elements
              UTCTime = 000915103719Z
          SEQUENCE[C] = 2 elements
            OBJECT ID = messageDigest
            SET[C] = 1 elements
              OCTET STRING = 20 bytes: B1:97:09:A4:5E...
      SEQUENCE[C] = 2 elements
        OBJECT ID = dsa
        NULL = null
      OCTET STRING = null



I verify SignedData sd like follows:

AlgorithmID[] algIDs = sd.getDigestAlgorithms(); 
SignedData verifySD = new SignedData(bytes, algIDs);
verifySD.decode(sd.toASN1Object());
verifySD.verify(certs[0].getPublicKey(), 0);

Information about cert[0]:

Version: 3
Serial number: 2084
Signature algorithm: 1.2.840.10040.4.3
Issuer: CN=CA, O=IXOS, C=DE
Valid not before: Tue Aug 24 15:59:10 GMT+02:00 1999
      not after: Mon Aug 24 15:59:10 GMT+02:00 2009
Subject: CN=TS00, OU=TSS, O=IXOS, C=DE
This PublicKeyInfo contains a dsa key.
Certificate Fingerprint: F8:AA:49:AD:44:BB:53:FD:E7:33:FF:A9:D4:1F:65:DC


As I try the following Exception is thrown:


java.security.SignatureException: java.security.InvalidKeyException: No
PublicKeyInfo: java.security.InvalidKeyException: No RSA Public Key:
iaik.asn1.CodingException: ASN1: INTEGER does not support
getComponentAt(int)!

	at iaik.pkcs.pkcs7.SignerInfo.getDigest(Unknown Source)

	at iaik.pkcs.pkcs7.SignedDataStream.verify(Unknown Source)

	at dox.timestamp.test.TSSRequest.main(TSSRequest.java, Compiled
Code)


But as you see above the public key was made with dsa.
Do you know what is wrong?

Andreas Siglreithmayr 
Developer

memIQ AG
Hans-Pinsel-Strasse 9a 
D-85540 Haar 
Tel.: +49 (0)89 45639.325  
http://www.memIQ.com
andreas.siglreithmayr@memIQ.de


--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce