[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Problem parsing PKCS #7 SignedData from Netscape




Hello,

I have a problem parsing a PKCS #7 signedData object.
It looks like the object is a valid ASN.1 object (I can parse it as ASN.1
object), but fails to be parsed as a PKCS #7 object.

This PKCS #7 object was actually created using Netscape javascript signText
function (see http://docs.iplanet.com/docs/manuals/security/sgntxt/index.htm
for an exact description of what's in there)

I use IAIK-JCE2.61, and JDK 1.3 .

In attachment is the object, as a DER-encoded file (signeddata.der) and as
ASN.1 formatted text (signeddata.asn1), and the java test class that fails to
parse it. That class does the following :

    String filename = "signeddata.der";
    FileInputStream in = new FileInputStream(filename);
    SignedData signedData = new SignedData(in);

and yields this stack trace :

>java.io.IOException: Next ASN.1 object is no INTEGER!
>        at iaik.asn1.DerInputStream.readInteger(Unknown Source)
>        at iaik.pkcs.pkcs7.SignedData.decode(Unknown Source)
>        at iaik.pkcs.pkcs7.SignedDataStream.<init>(Unknown Source)
>        at iaik.pkcs.pkcs7.SignedData.<init>(Unknown Source)
>        at Test.main(Test.java:12)

I also tried to parse it assuming it was in explicit mode (i.e. first
initializing the SignedData with the original rawData, and then decoding), but
i got the exact same exception.

Any help welcome.

Thx,

P.
SEQUENCE[C] = 2 elements
  OBJECT ID = PKCS#7 signedData
  CONTEXTSPECIFIC[C] = [0] EXPLICIT
    SEQUENCE[C] = 5 elements
      INTEGER = 1
      SET[C] = 1 elements
        SEQUENCE[C] = 2 elements
          OBJECT ID = 1.3.14.3.2.26
          NULL = null
      SEQUENCE[C] = 1 elements
        OBJECT ID = PKCS#7 data
      CONTEXTSPECIFIC[C] = [0] EXPLICIT
        SEQUENCE[C] = 3 elements
          SEQUENCE[C] = 8 elements
            CONTEXTSPECIFIC[C] = [0] EXPLICIT
              INTEGER = 2
            INTEGER = 1208925819615595157295413
            SEQUENCE[C] = 2 elements
              OBJECT ID = 1.2.840.113549.1.1.4
              NULL = null
            SEQUENCE[C] = 4 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "BE"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationName
                  PrintableString = "GlobalSign nv-sa"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationalUnitName
                  PrintableString = "Class 2 CA"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "GlobalSign Class 2 CA"
            SEQUENCE[C] = 2 elements
              UTCTime = 000811082949Z
              UTCTime = 010811082949Z
            SEQUENCE[C] = 3 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "be"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "philippe duchesne"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = emailAddress
                  IA5String = "philippe.duchesne@ubizen.com"
            SEQUENCE[C] = 2 elements
              SEQUENCE[C] = 2 elements
                OBJECT ID = 1.2.840.113549.1.1.1
                NULL = null
              BIT STRING = 140 byte(s); 0 bit(s) not valid
            CONTEXTSPECIFIC[C] = [3] EXPLICIT
              SEQUENCE[C] = 3 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = 2.16.840.1.113730.1.1
                  OCTET STRING = 4 bytes: 03:02:05:A0
                SEQUENCE[C] = 3 elements
                  OBJECT ID = 2.5.29.15
                  BOOLEAN = true
                  OCTET STRING = 4 bytes: 03:02:04:F0
                SEQUENCE[C] = 2 elements
                  OBJECT ID = 2.5.29.35
                  OCTET STRING = 24 bytes: 30:16:80:14:11...
          SEQUENCE[C] = 2 elements
            OBJECT ID = 1.2.840.113549.1.1.4
            NULL = null
          BIT STRING = 128 byte(s); 0 bit(s) not valid
        SEQUENCE[C] = 3 elements
          SEQUENCE[C] = 8 elements
            CONTEXTSPECIFIC[C] = [0] EXPLICIT
              INTEGER = 2
            INTEGER = 2417851639230179497911014
            SEQUENCE[C] = 2 elements
              OBJECT ID = 1.2.840.113549.1.1.4
              NULL = null
            SEQUENCE[C] = 4 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "BE"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationName
                  PrintableString = "GlobalSign nv-sa"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationalUnitName
                  PrintableString = "Primary Class 2 CA"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "GlobalSign Primary Class 2 CA"
            SEQUENCE[C] = 2 elements
              UTCTime = 990128120001Z
              UTCTime = 040128120000Z
            SEQUENCE[C] = 4 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "BE"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationName
                  PrintableString = "GlobalSign nv-sa"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationalUnitName
                  PrintableString = "Class 2 CA"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "GlobalSign Class 2 CA"
            SEQUENCE[C] = 2 elements
              SEQUENCE[C] = 2 elements
                OBJECT ID = 1.2.840.113549.1.1.1
                NULL = null
              BIT STRING = 140 byte(s); 0 bit(s) not valid
            CONTEXTSPECIFIC[C] = [3] EXPLICIT
              SEQUENCE[C] = 5 elements
                SEQUENCE[C] = 3 elements
                  OBJECT ID = 2.5.29.15
                  BOOLEAN = true
                  OCTET STRING = 4 bytes: 03:02:00:06
                SEQUENCE[C] = 2 elements
                  OBJECT ID = 2.5.29.14
                  OCTET STRING = 22 bytes: 04:14:11:6E:D7...
                SEQUENCE[C] = 2 elements
                  OBJECT ID = 2.5.29.35
                  OCTET STRING = 24 bytes: 30:16:80:14:7C...
                SEQUENCE[C] = 2 elements
                  OBJECT ID = 2.16.840.1.113730.1.1
                  OCTET STRING = 4 bytes: 03:02:00:06
                SEQUENCE[C] = 3 elements
                  OBJECT ID = 2.5.29.19
                  BOOLEAN = true
                  OCTET STRING = 8 bytes: 30:06:01:01:FF...
          SEQUENCE[C] = 2 elements
            OBJECT ID = 1.2.840.113549.1.1.4
            NULL = null
          BIT STRING = 256 byte(s); 0 bit(s) not valid
        SEQUENCE[C] = 3 elements
          SEQUENCE[C] = 8 elements
            CONTEXTSPECIFIC[C] = [0] EXPLICIT
              INTEGER = 2
            INTEGER = 2417851639230179497774477
            SEQUENCE[C] = 2 elements
              OBJECT ID = 1.2.840.113549.1.1.4
              NULL = null
            SEQUENCE[C] = 4 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "BE"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationName
                  PrintableString = "GlobalSign nv-sa"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationalUnitName
                  PrintableString = "Root CA"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "GlobalSign Root CA"
            SEQUENCE[C] = 2 elements
              UTCTime = 990128120000Z
              UTCTime = 090128120000Z
            SEQUENCE[C] = 4 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "BE"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationName
                  PrintableString = "GlobalSign nv-sa"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationalUnitName
                  PrintableString = "Primary Class 2 CA"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "GlobalSign Primary Class 2 CA"
            SEQUENCE[C] = 2 elements
              SEQUENCE[C] = 2 elements
                OBJECT ID = 1.2.840.113549.1.1.1
                NULL = null
              BIT STRING = 270 byte(s); 0 bit(s) not valid
            CONTEXTSPECIFIC[C] = [3] EXPLICIT
              SEQUENCE[C] = 4 elements
                SEQUENCE[C] = 3 elements
                  OBJECT ID = 2.5.29.15
                  BOOLEAN = true
                  OCTET STRING = 4 bytes: 03:02:00:06
                SEQUENCE[C] = 2 elements
                  OBJECT ID = 2.5.29.14
                  OCTET STRING = 22 bytes: 04:14:7C:E7:B2...
                SEQUENCE[C] = 2 elements
                  OBJECT ID = 2.5.29.35
                  OCTET STRING = 24 bytes: 30:16:80:14:60...
                SEQUENCE[C] = 3 elements
                  OBJECT ID = 2.5.29.19
                  BOOLEAN = true
                  OCTET STRING = 5 bytes: 30:03:01:01:FF
          SEQUENCE[C] = 2 elements
            OBJECT ID = 1.2.840.113549.1.1.4
            NULL = null
          BIT STRING = 256 byte(s); 0 bit(s) not valid
      SET[C] = 1 elements
        SEQUENCE[C] = 6 elements
          INTEGER = 1
          SEQUENCE[C] = 2 elements
            SEQUENCE[C] = 4 elements
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = countryName
                  PrintableString = "BE"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationName
                  PrintableString = "GlobalSign nv-sa"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = organizationalUnitName
                  PrintableString = "Class 2 CA"
              SET[C] = 1 elements
                SEQUENCE[C] = 2 elements
                  OBJECT ID = commonName
                  PrintableString = "GlobalSign Class 2 CA"
            INTEGER = 1208925819615595157295413
          SEQUENCE[C] = 2 elements
            OBJECT ID = 1.3.14.3.2.26
            NULL = null
          CONTEXTSPECIFIC[C] = [0] EXPLICIT
            SEQUENCE[C] = 2 elements
              OBJECT ID = contentType
              SET[C] = 1 elements
                OBJECT ID = PKCS#7 data
            SEQUENCE[C] = 2 elements
              OBJECT ID = signingTime
              SET[C] = 1 elements
                UTCTime = 010212150752Z
            SEQUENCE[C] = 2 elements
              OBJECT ID = symmetricCapabilities
              SET[C] = 1 elements
                SEQUENCE[C] = 1 elements
                  SEQUENCE[C] = 2 elements
                    OBJECT ID = 1.2.840.113549.3.2
                    INTEGER = 40
            SEQUENCE[C] = 2 elements
              OBJECT ID = messageDigest
              SET[C] = 1 elements
                OCTET STRING = 20 bytes: 5F:4B:2D:D6:B9...
          SEQUENCE[C] = 2 elements
            OBJECT ID = 1.2.840.113549.1.1.1
            NULL = null
          OCTET STRING = 128 bytes: 00:07:81:D8:57...



import java.io.*;

import iaik.pkcs.pkcs7.*;

public class Test
{
    public static void main(String[] args)
    {
        try {
            String filename = "signeddata.der";
            FileInputStream in = new FileInputStream(filename);
            
            SignedData signedData = new SignedData(in);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}


signeddata.der