Getting all the certificates from a signature

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Getting all the certificates from a signature

lripoll
Hi,

I'm using the bouncycastle 1.2.9 libs

When I'm signing a file, I'm adding the signer certificate and the issuer
certificate in the signature. There are 2 certificates in the certList
parameter
  CertStore certs = CertStore.getInstance("Collection",new
  CollectionCertStoreParameters(certList),"BC");
  CMSSignedDataGenerator signGen = new CMSSignedDataGenerator();
  signGen.addSigner(pk,signerCert,CMSSignedDataGenerator.DIGEST_SHA256);
  signGen.addCertificatesAndCRLs(certs);
  CMSProcessable content = new CMSProcessableByteArray(fileToSign);
  CMSSignedData signedData = signGen.generate(content, true,
  Constant.CMS_PROVIDER);
  byte[] signeddata = signedData.getEncoded();

However when I'm trying to verify the signature, I just get the signer
certificate and not the issuer certificate from the signature
  final CMSSignedData signedData = new CMSSignedData(signature);
  final SignerInformation signer =
         (SignerInformation)signedData.getSignerInfos().
                                   getSigners().iterator().next();
  CertStore cs = signedData.getCertificatesAndCRLs("Collection", "BC");
  Collection certCollection = cs.getCertificates(signer.getSID());

there is only one certificate in the collection. Is it possible to get the
two certificates ?

thanks
laurent

Reply | Threaded
Open this post in threaded view
|

Re: Getting all the certificates from a signature

David Hook-4

Passing  null to getCertificates() will return all the certificates in
the CertStore.

Regards,

David

On Mon, 2005-09-05 at 15:51 +0200, [hidden email] wrote:

> Hi,
>
> I'm using the bouncycastle 1.2.9 libs
>
> When I'm signing a file, I'm adding the signer certificate and the issuer
> certificate in the signature. There are 2 certificates in the certList
> parameter
>   CertStore certs = CertStore.getInstance("Collection",new
>   CollectionCertStoreParameters(certList),"BC");
>   CMSSignedDataGenerator signGen = new CMSSignedDataGenerator();
>   signGen.addSigner(pk,signerCert,CMSSignedDataGenerator.DIGEST_SHA256);
>   signGen.addCertificatesAndCRLs(certs);
>   CMSProcessable content = new CMSProcessableByteArray(fileToSign);
>   CMSSignedData signedData = signGen.generate(content, true,
>   Constant.CMS_PROVIDER);
>   byte[] signeddata = signedData.getEncoded();
>
> However when I'm trying to verify the signature, I just get the signer
> certificate and not the issuer certificate from the signature
>   final CMSSignedData signedData = new CMSSignedData(signature);
>   final SignerInformation signer =
>          (SignerInformation)signedData.getSignerInfos().
>                                    getSigners().iterator().next();
>   CertStore cs = signedData.getCertificatesAndCRLs("Collection", "BC");
>   Collection certCollection = cs.getCertificates(signer.getSID());
>
> there is only one certificate in the collection. Is it possible to get the
> two certificates ?
>
> thanks
> laurent
>