SMime verification returns false - why and what does that exactly mean?

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

SMime verification returns false - why and what does that exactly mean?

info
Hello,

I want to replace our current security solution (/nSoftware components) by bouncy castle.
During testing there are approx. 0.2% of the message which return "false" during SignerInformation.verify().
I already tried to initialize SMIMESigned with different encodings but it doesn't work at all.

Java version: 1.8. BouncyCastle version: 1.56.
File is attached. It was encrypted, I have successfully decrypted it. Signature includes public certificate.
It works with /nSoftware SMIME components.

What exactly does it mean, when verify() returns false? If I change just one bit of the message, an exception will raise because the content has been changed and the hashes differ. But what, if no exception occurs but verify() still returns false? Can I ignore it, since the hashes match?

I can't see any common parameters in the messages where verify() fails. It's mostly SHA1, but I also encountered that problem with messages using SHA-256.

Thanks in advance!
Daniel

 

cannotverify.txt (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: SMime verification returns false - why and what does that exactly mean?

David Hook-3

It's almost certainly going to be that some of the messages are not correctly calculating the signature over the DER encoding of the signed attributes, but are just using the signed attributes as is.

Try the trick used in NewSignedDataTest.testSignerInformationExtension() on one of them (see MyRightSignerInformation) and see how you go.

Regards,

David

On 11/05/17 17:19, [hidden email] wrote:
Hello,

I want to replace our current security solution (/nSoftware components) by bouncy castle.
During testing there are approx. 0.2% of the message which return "false" during SignerInformation.verify().
I already tried to initialize SMIMESigned with different encodings but it doesn't work at all.

Java version: 1.8. BouncyCastle version: 1.56.
File is attached. It was encrypted, I have successfully decrypted it. Signature includes public certificate.
It works with /nSoftware SMIME components.

What exactly does it mean, when verify() returns false? If I change just one bit of the message, an exception will raise because the content has been changed and the hashes differ. But what, if no exception occurs but verify() still returns false? Can I ignore it, since the hashes match?

I can't see any common parameters in the messages where verify() fails. It's mostly SHA1, but I also encountered that problem with messages using SHA-256.

Thanks in advance!
Daniel

 


Reply | Threaded
Open this post in threaded view
|

Re: SMime verification returns false - why and what does that exactly mean?

martijn.list
On 05/11/2017 10:16 AM, David Hook wrote:
>
> It's almost certainly going to be that some of the messages are not
> correctly calculating the signature over the DER encoding of the signed
> attributes, but are just using the signed attributes as is.
>
> Try the trick used in NewSignedDataTest.testSignerInformationExtension()
> on one of them (see MyRightSignerInformation) and see how you go.

That was my initial thinking as well. However verification succeeds with
OpenSSL. With my own tool, verification succeeds if using BC 1.51 but
fails when using 1.56 so there seems to be a problem with recent BC
versions.

Kind regards,

Martijn Brinkers


> On 11/05/17 17:19, [hidden email] wrote:
>> Hello,
>>
>> I want to replace our current security solution (/nSoftware
>> components) by bouncy castle.
>> During testing there are approx. 0.2% of the message which return
>> "false" during SignerInformation.verify().
>> I already tried to initialize SMIMESigned with different encodings but
>> it doesn't work at all.
>>
>> Java version: 1.8. BouncyCastle version: 1.56.
>> File is attached. It was encrypted, I have successfully decrypted it.
>> Signature includes public certificate.
>> It works with /nSoftware SMIME components.
>>
>> What exactly does it mean, when verify() returns false? If I change
>> just one bit of the message, an exception will raise because the
>> content has been changed and the hashes differ. But what, if no
>> exception occurs but verify() still returns false? Can I ignore it,
>> since the hashes match?
>>
>> I can't see any common parameters in the messages where verify()
>> fails. It's mostly SHA1, but I also encountered that problem with
>> messages using SHA-256.
>>
>> Thanks in advance!
>> Daniel
>>
>>  
>
>


--
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail

Reply | Threaded
Open this post in threaded view
|

Re: SMime verification returns false - why and what does that exactly mean?

David Hook-3

Just following up on this - we've confirmed using the
MyRightSignerInformation class allows the signature to verify.

Be careful how you use this one, technically needing it means the
signature is really invalid.

Regards,

David


On 11/05/17 18:52, martijn.list wrote:

> On 05/11/2017 10:16 AM, David Hook wrote:
>> It's almost certainly going to be that some of the messages are not
>> correctly calculating the signature over the DER encoding of the signed
>> attributes, but are just using the signed attributes as is.
>>
>> Try the trick used in NewSignedDataTest.testSignerInformationExtension()
>> on one of them (see MyRightSignerInformation) and see how you go.
> That was my initial thinking as well. However verification succeeds with
> OpenSSL. With my own tool, verification succeeds if using BC 1.51 but
> fails when using 1.56 so there seems to be a problem with recent BC
> versions.
>
> Kind regards,
>
> Martijn Brinkers
>
>
>> On 11/05/17 17:19, [hidden email] wrote:
>>> Hello,
>>>
>>> I want to replace our current security solution (/nSoftware
>>> components) by bouncy castle.
>>> During testing there are approx. 0.2% of the message which return
>>> "false" during SignerInformation.verify().
>>> I already tried to initialize SMIMESigned with different encodings but
>>> it doesn't work at all.
>>>
>>> Java version: 1.8. BouncyCastle version: 1.56.
>>> File is attached. It was encrypted, I have successfully decrypted it.
>>> Signature includes public certificate.
>>> It works with /nSoftware SMIME components.
>>>
>>> What exactly does it mean, when verify() returns false? If I change
>>> just one bit of the message, an exception will raise because the
>>> content has been changed and the hashes differ. But what, if no
>>> exception occurs but verify() still returns false? Can I ignore it,
>>> since the hashes match?
>>>
>>> I can't see any common parameters in the messages where verify()
>>> fails. It's mostly SHA1, but I also encountered that problem with
>>> messages using SHA-256.
>>>
>>> Thanks in advance!
>>> Daniel
>>>
>>>  
>>
>