CMS Parsing Issue

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

CMS Parsing Issue

Smith, Bill (Tridium)
I have a CMS byte array (return value from a scep server: getcacert). I am
trying to walk through the structure using BC 1.54 and have the following
code:

    ASN1StreamParser streamParser = new
ASN1StreamParser(data.toByteArray());

    ContentInfoParser contentInfo = new
ContentInfoParser((ASN1SequenceParser) streamParser.readObject());
    ASN1ObjectIdentifier id = contentInfo.getContentType();
    System.err.println("  id : " + id.getId());
    SignedDataParser signedData =
SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
    System.err.println("  version : " + signedData.getVersion().toString());

    ContentInfoParser encContentInfo = signedData.getEncapContentInfo();

When I call getEncapContentInfo(), I get the exception below. Is this a BC
bug? How can I get around it?

Exception in thread "main" java.lang.ClassCastException:
org.bouncycastle.asn1.DERSetParser cannot be cast to
org.bouncycastle.asn1.ASN1SequenceParser
        at
org.bouncycastle.asn1.cms.SignedDataParser.getEncapContentInfo(Unknown
Source)
        at
com.tridiumx.example.scep.ScepClient.getCACert(ScepClient.java:88)
        at com.tridiumx.example.scep.ScepClient.main(ScepClient.java:36)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62
)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at
com.intellij.rt.execution.application.AppMain.main(AppMain.java:144)

Regards,

William B. Smith
Senior Software Engineer, CSSLP
Tridium, Inc.


smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: CMS Parsing Issue

David Hook

Hi Bill,

If it's the message I'm thinking of, I think it's what's called a
degenerate certificates-only CMS SignedData message (section 4.1.1.2 of
the current draft), so the encapsulated content info is omitted. You'll
find what you need in the certificate set (which I think is what the
parser is running into when it's trying to open the encapsulated content
info structure) - I think if you remove the getEncapContentInfo() and
get the certificates from the certificate set it will work correctly.

Regards,

David

On 12/08/16 23:46, Smith, Bill (Tridium) wrote:

> I have a CMS byte array (return value from a scep server: getcacert). I am
> trying to walk through the structure using BC 1.54 and have the following
> code:
>
>     ASN1StreamParser streamParser = new
> ASN1StreamParser(data.toByteArray());
>
>     ContentInfoParser contentInfo = new
> ContentInfoParser((ASN1SequenceParser) streamParser.readObject());
>     ASN1ObjectIdentifier id = contentInfo.getContentType();
>     System.err.println("  id : " + id.getId());
>     SignedDataParser signedData =
> SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
>     System.err.println("  version : " + signedData.getVersion().toString());
>
>     ContentInfoParser encContentInfo = signedData.getEncapContentInfo();
>
> When I call getEncapContentInfo(), I get the exception below. Is this a BC
> bug? How can I get around it?
>
> Exception in thread "main" java.lang.ClassCastException:
> org.bouncycastle.asn1.DERSetParser cannot be cast to
> org.bouncycastle.asn1.ASN1SequenceParser
> at
> org.bouncycastle.asn1.cms.SignedDataParser.getEncapContentInfo(Unknown
> Source)
> at
> com.tridiumx.example.scep.ScepClient.getCACert(ScepClient.java:88)
> at com.tridiumx.example.scep.ScepClient.main(ScepClient.java:36)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62
> )
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
> .java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> com.intellij.rt.execution.application.AppMain.main(AppMain.java:144)
>
> Regards,
>
> William B. Smith
> Senior Software Engineer, CSSLP
> Tridium, Inc.
>


Reply | Threaded
Open this post in threaded view
|

RE: CMS Parsing Issue

Smith, Bill (Tridium)
Thanks David.

One thing I changed was to switch to the cms classes (CMSSignedData, etc.)
in PKIX instead and things started to fall in place.

Bill

-----Original Message-----
From: David Hook [mailto:[hidden email]]
Sent: Friday, August 12, 2016 5:51 PM
To: Smith, Bill (Tridium) <[hidden email]>; [hidden email]
Subject: Re: [dev-crypto] CMS Parsing Issue


Hi Bill,

If it's the message I'm thinking of, I think it's what's called a degenerate
certificates-only CMS SignedData message (section 4.1.1.2 of the current
draft), so the encapsulated content info is omitted. You'll find what you
need in the certificate set (which I think is what the parser is running
into when it's trying to open the encapsulated content info structure) - I
think if you remove the getEncapContentInfo() and get the certificates from
the certificate set it will work correctly.

Regards,

David

On 12/08/16 23:46, Smith, Bill (Tridium) wrote:

> I have a CMS byte array (return value from a scep server: getcacert).
> I am trying to walk through the structure using BC 1.54 and have the
> following
> code:
>
>     ASN1StreamParser streamParser = new
> ASN1StreamParser(data.toByteArray());
>
>     ContentInfoParser contentInfo = new
> ContentInfoParser((ASN1SequenceParser) streamParser.readObject());
>     ASN1ObjectIdentifier id = contentInfo.getContentType();
>     System.err.println("  id : " + id.getId());
>     SignedDataParser signedData =
> SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
>     System.err.println("  version : " +
> signedData.getVersion().toString());
>
>     ContentInfoParser encContentInfo =
> signedData.getEncapContentInfo();
>
> When I call getEncapContentInfo(), I get the exception below. Is this
> a BC bug? How can I get around it?
>
> Exception in thread "main" java.lang.ClassCastException:
> org.bouncycastle.asn1.DERSetParser cannot be cast to
> org.bouncycastle.asn1.ASN1SequenceParser
> at
> org.bouncycastle.asn1.cms.SignedDataParser.getEncapContentInfo(Unknown
> Source)
> at
> com.tridiumx.example.scep.ScepClient.getCACert(ScepClient.java:88)
> at com.tridiumx.example.scep.ScepClient.main(ScepClient.java:36)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j
> ava:62
> )
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccess
> orImpl
> .java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> com.intellij.rt.execution.application.AppMain.main(AppMain.java:144)
>
> Regards,
>
> William B. Smith
> Senior Software Engineer, CSSLP
> Tridium, Inc.
>


smime.p7s (7K) Download Attachment