[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Parsing of BER encoded Octet Stings in a PKCS#7 messages



We are using IAIK version 2.6 and want to decode and verify
S/MIME messages with the IAIK-S/MIME package. The S/MIME
message comes from a plugin in an E-Mail program.

The PKCS#7 part of the S/MIME message contains plain data
which is decoded as 'definite constructed' Octet String,
i.e. tag 0x24 with the length of byts at beginning and
blocks of certain length like in the following sample:

 SEQUENCE length = 2246 {
     OBJECT IDENTIFIER 1.2.840.113549.1.7.data(1)
     [0] (constructed) length = 2231 {
         OCTET STRING (constructed) length = 2227 {
             OCTET STRING length = 1000
             OCTET STRING length = 1000
             OCTET STRING length = 216
         }
     }
 }

0x24 0x82 <length bytes>
     0x04 ...
     0x04 ...

IAIK-JCE doesn't recognize this encoding correctly. The
constructed manner is ignored, i.e. the tags for the
primitive Octet String encoding remain in the decoded
message. Thus verifying the signature fails.

I know the following proposed ASN.1 encodings for
Octet Strings:

      Tag   Length-spec       Encoding
DER   0x04  definite          primitive
BER   0x24  indefinite        constructed

My question is whether a combination of both is allowed:

      Tag   Length-spec       Encoding
BER   0x24  definite         constructed

and if this encoding will be supported by IAIK software.

Thanks
Robert

--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce