Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

RealWotan

Hi all,

 

i have a problem to verify a signature which created with elliptic curves algorithm (prime256v1, OID: 1.2.840.10045.3.1.7). The result of code below

 

CMSProcessableByteArray signedContentUserBA = new CMSProcessableByteArray(

                  signedContentUser.getBytes());

CMSSignedData signedDataUser = new CMSSignedData(signedContentUserBA,

                  signedData);

Store store = signedDataUser.getCertificates();

JcaCertStoreBuilder certsStorenew = new JcaCertStoreBuilder();

certsStorenew.addCertificates(store);

CertStore certificatesInSignedData = certsStorenew.build();

SignerInformationStore signers = signedDataUser.getSignerInfos();

for (Iterator<?> counter = signers.getSigners().iterator(); counter

                  .hasNext();) {

      SignerInformation signer = (SignerInformation) counter.next();

 

      SignerId signerid = signer.getSID();

 

      JcaX509CertSelectorConverter conv = new JcaX509CertSelectorConverter();

                       

X509CertificateHolderSelector sel = new X509CertificateHolderSelector(signerid.getIssuer(), signerid.getSerialNumber());

 

X509CertSelector signerSelector = conv.getCertSelector(sel); 

                       

Collection<? extends Certificate> certCollection = certificatesInSignedData

                                   .getCertificates(signerSelector);

                       

                       

if (certCollection.isEmpty())

{

            X509Certificate x509CertUser = X509CertificateUtils.generateCertificateFromB64String(certUserB64); //convert from Base64

 

if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(x509CertUser))) {

                  verified = true;

} else {

verified = false;

            }

}

}

 

is from (exception form signer.verify()):

 

Exception in thread "Thread-4" java.lang.IllegalArgumentException: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

                at org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.generate(Unknown Source)

                at org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.find(Unknown Source)

                at org.bouncycastle.cms.SignerInformationVerifier.getContentVerifier(Unknown Source)

                at org.bouncycastle.cms.SignerInformation.doVerify(Unknown Source)

                at org.bouncycastle.cms.SignerInformation.verify(Unknown Source)

 

 

I read they are elliptic curves are supported from BC. Does anyone know where I can find a solution for that?

 

Thanks in advance for yours reply,

Lars

Reply | Threaded
Open this post in threaded view
|

Re: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

David Hook

The SignedData is invalid - the OID is a curve identifier, it says nothing about the algorithm. From what you have described it's probably the case the sig should have:

1.2.840.10045.4.3.2

as the encryption algorithm.

Regards,

David

On 29/05/13 00:47, Lars Denkewitz wrote:

Hi all,

 

i have a problem to verify a signature which created with elliptic curves algorithm (prime256v1, OID: 1.2.840.10045.3.1.7). The result of code below

 

CMSProcessableByteArray signedContentUserBA = new CMSProcessableByteArray(

                  signedContentUser.getBytes());

CMSSignedData signedDataUser = new CMSSignedData(signedContentUserBA,

                  signedData);

Store store = signedDataUser.getCertificates();

JcaCertStoreBuilder certsStorenew = new JcaCertStoreBuilder();

certsStorenew.addCertificates(store);

CertStore certificatesInSignedData = certsStorenew.build();

SignerInformationStore signers = signedDataUser.getSignerInfos();

for (Iterator<?> counter = signers.getSigners().iterator(); counter

                  .hasNext();) {

      SignerInformation signer = (SignerInformation) counter.next();

 

      SignerId signerid = signer.getSID();

 

      JcaX509CertSelectorConverter conv = new JcaX509CertSelectorConverter();

                       

X509CertificateHolderSelector sel = new X509CertificateHolderSelector(signerid.getIssuer(), signerid.getSerialNumber());

 

X509CertSelector signerSelector = conv.getCertSelector(sel); 

                       

Collection<? extends Certificate> certCollection = certificatesInSignedData

                                   .getCertificates(signerSelector);

                       

                       

if (certCollection.isEmpty())

{

            X509Certificate x509CertUser = X509CertificateUtils.generateCertificateFromB64String(certUserB64); //convert from Base64

 

if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(x509CertUser))) {

                  verified = true;

} else {

verified = false;

            }

}

}

 

is from (exception form signer.verify()):

 

Exception in thread "Thread-4" java.lang.IllegalArgumentException: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

                at org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.generate(Unknown Source)

                at org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.find(Unknown Source)

                at org.bouncycastle.cms.SignerInformationVerifier.getContentVerifier(Unknown Source)

                at org.bouncycastle.cms.SignerInformation.doVerify(Unknown Source)

                at org.bouncycastle.cms.SignerInformation.verify(Unknown Source)

 

 

I read they are elliptic curves are supported from BC. Does anyone know where I can find a solution for that?

 

Thanks in advance for yours reply,

Lars


Reply | Threaded
Open this post in threaded view
|

Re: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

RealWotan
Hi David,

thanks for your answer. I sent your suggestion to our vendor yesterday, which programming the signer software. Today he sent me a patch and now will insert the new OID "1.2.840.10045.4.3.2" in SignedData. Here you can see the output of sysout(signer.getContentInfo().getContent());

[1, [[2.16.840.1.101.3.4.2.1, NULL]], [1.2.840.113549.1.7.1], [[1, [[[[2.5.4.6, DE]], [[2.5.4.10, TEST-PKI]], [[2.5.4.11, DOI]], [[2.5.4.3, DOI Test-CA 5]]], 177], [2.16.840.1.101.3.4.2.1, NULL], [0][[1.3.36.8.6.5, [C:\Test\TCOS3V2\test.txt]], [1.2.840.113549.1.9.3, [1.2.840.113549.1.7.1]], [1.2.840.113549.1.9.4, [#c9ecdf1160f464476eeb3591bf1cc90a3aa48839dab1518eb43cf0b06651ba5d]], [1.2.840.113549.1.9.5, [130529142530Z]]], [1.2.840.10045.4.3.2, NULL], #b3d48714ab94be6c973fa1a4a58f32489a651a045bf60ea1771388b6ffec1bc8bfb12a47e7e3da7ab4ed9732bf899323f9a47b0dd16ff20e883b5cf3f5001e47]]]

Now it will throwed an other exception:

Exception in thread "main" org.bouncycastle.operator.RuntimeOperatorException: exception obtaining signature: error decoding signature bytes.
       at org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder$SigVerifier.verify(JcaContentVerifierProviderBuilder.java:218)
       at org.bouncycastle.cms.SignerInformation.doVerify(SignerInformation.java:516)
       at org.bouncycastle.cms.SignerInformation.verify(SignerInformation.java:624)
       at SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B64Single.java:290)
Caused by: java.security.SignatureException: error decoding signature bytes.
       at org.bouncycastle.jce.provider.DSABase.engineVerify(DSABase.java:91)
       at java.security.Signature$Delegate.engineVerify(Unknown Source)
       at java.security.Signature.verify(Unknown Source)
       at org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder$SignatureOutputStream.verify(JcaContentVerifierProviderBuilder.java:302)
       at org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder$SigVerifier.verify(JcaContentVerifierProviderBuilder.java:214)
       ... 3 more

Btw: this exception will only throwed, when ContentData (original Data to compare) are not changed/manipulated (too, before vendor sent the patch with the old OID) . When i do input the ContentData manipulated, then i got the exception below:

org.bouncycastle.cms.CMSSignerDigestMismatchException: message-digest attribute value does not match calculated value

But this is fine!!!

Do you have an idea again, why i got "exception obtaining signature: error decoding signature bytes.", when the ContenData are not manipulated?

Thanks in advance!
Lars

Am 29.05.2013 02:39, schrieb David Hook:

The SignedData is invalid - the OID is a curve identifier, it says nothing about the algorithm. From what you have described it's probably the case the sig should have:

1.2.840.10045.4.3.2

as the encryption algorithm.

Regards,

David

On 29/05/13 00:47, Lars Denkewitz wrote:

Hi all,

 

i have a problem to verify a signature which created with elliptic curves algorithm (prime256v1, OID: 1.2.840.10045.3.1.7). The result of code below

 

CMSProcessableByteArray signedContentUserBA = new CMSProcessableByteArray(

                  signedContentUser.getBytes());

CMSSignedData signedDataUser = new CMSSignedData(signedContentUserBA,

                  signedData);

Store store = signedDataUser.getCertificates();

JcaCertStoreBuilder certsStorenew = new JcaCertStoreBuilder();

certsStorenew.addCertificates(store);

CertStore certificatesInSignedData = certsStorenew.build();

SignerInformationStore signers = signedDataUser.getSignerInfos();

for (Iterator<?> counter = signers.getSigners().iterator(); counter

                  .hasNext();) {

      SignerInformation signer = (SignerInformation) counter.next();

 

      SignerId signerid = signer.getSID();

 

      JcaX509CertSelectorConverter conv = new JcaX509CertSelectorConverter();

                       

X509CertificateHolderSelector sel = new X509CertificateHolderSelector(signerid.getIssuer(), signerid.getSerialNumber());

 

X509CertSelector signerSelector = conv.getCertSelector(sel); 

                       

Collection<? extends Certificate> certCollection = certificatesInSignedData

                                   .getCertificates(signerSelector);

                       

                       

if (certCollection.isEmpty())

{

            X509Certificate x509CertUser = X509CertificateUtils.generateCertificateFromB64String(certUserB64); //convert from Base64

 

if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(x509CertUser))) {

                  verified = true;

} else {

verified = false;

            }

}

}

 

is from (exception form signer.verify()):

 

Exception in thread "Thread-4" java.lang.IllegalArgumentException: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

                at org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.generate(Unknown Source)

                at org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.find(Unknown Source)

                at org.bouncycastle.cms.SignerInformationVerifier.getContentVerifier(Unknown Source)

                at org.bouncycastle.cms.SignerInformation.doVerify(Unknown Source)

                at org.bouncycastle.cms.SignerInformation.verify(Unknown Source)

 

 

I read they are elliptic curves are supported from BC. Does anyone know where I can find a solution for that?

 

Thanks in advance for yours reply,

Lars



Reply | Threaded
Open this post in threaded view
|

Re: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

David Hook

Hmmm. I think in this case I'd check they've encoded the signature correctly:

Try the following on it:

            ASN1Sequence s = (ASN1Sequence)ASN1Primitive.fromByteArray(signature);
            BigInteger[] sig = new BigInteger[2];

            sig[0] = ASN1Integer.getInstance(s.getObjectAt(0)).getValue();
            sig[1] = ASN1Integer.getInstance(s.getObjectAt(1)).getValue();

A common error here is that people forget that ASN.1 INTEGER is not unsigned so forget to add a zero byte at the start
where the actual number has the high bit set in it's unsigned representation, or they don't forget, but assume the numbers will always be the same length and inadvertently overwrite one of the headers.

Regards,

David

On 30/05/13 05:19, Lars Denkewitz wrote:
Hi David,

thanks for your answer. I sent your suggestion to our vendor yesterday, which programming the signer software. Today he sent me a patch and now will insert the new OID "1.2.840.10045.4.3.2" in SignedData. Here you can see the output of sysout(signer.getContentInfo().getContent());

[1, [[2.16.840.1.101.3.4.2.1, NULL]], [1.2.840.113549.1.7.1], [[1, [[[[2.5.4.6, DE]], [[2.5.4.10, TEST-PKI]], [[2.5.4.11, DOI]], [[2.5.4.3, DOI Test-CA 5]]], 177], [2.16.840.1.101.3.4.2.1, NULL], [0][[1.3.36.8.6.5, [C:\Test\TCOS3V2\test.txt]], [1.2.840.113549.1.9.3, [1.2.840.113549.1.7.1]], [1.2.840.113549.1.9.4, [#c9ecdf1160f464476eeb3591bf1cc90a3aa48839dab1518eb43cf0b06651ba5d]], [1.2.840.113549.1.9.5, [130529142530Z]]], [1.2.840.10045.4.3.2, NULL], #b3d48714ab94be6c973fa1a4a58f32489a651a045bf60ea1771388b6ffec1bc8bfb12a47e7e3da7ab4ed9732bf899323f9a47b0dd16ff20e883b5cf3f5001e47]]]

Now it will throwed an other exception:

Exception in thread "main" org.bouncycastle.operator.RuntimeOperatorException: exception obtaining signature: error decoding signature bytes.
       at org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder$SigVerifier.verify(JcaContentVerifierProviderBuilder.java:218)
       at org.bouncycastle.cms.SignerInformation.doVerify(SignerInformation.java:516)
       at org.bouncycastle.cms.SignerInformation.verify(SignerInformation.java:624)
       at SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B64Single.java:290)
Caused by: java.security.SignatureException: error decoding signature bytes.
       at org.bouncycastle.jce.provider.DSABase.engineVerify(DSABase.java:91)
       at java.security.Signature$Delegate.engineVerify(Unknown Source)
       at java.security.Signature.verify(Unknown Source)
       at org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder$SignatureOutputStream.verify(JcaContentVerifierProviderBuilder.java:302)
       at org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder$SigVerifier.verify(JcaContentVerifierProviderBuilder.java:214)
       ... 3 more

Btw: this exception will only throwed, when ContentData (original Data to compare) are not changed/manipulated (too, before vendor sent the patch with the old OID) . When i do input the ContentData manipulated, then i got the exception below:

org.bouncycastle.cms.CMSSignerDigestMismatchException: message-digest attribute value does not match calculated value

But this is fine!!!

Do you have an idea again, why i got "exception obtaining signature: error decoding signature bytes.", when the ContenData are not manipulated?

Thanks in advance!
Lars

Am 29.05.2013 02:39, schrieb David Hook:

The SignedData is invalid - the OID is a curve identifier, it says nothing about the algorithm. From what you have described it's probably the case the sig should have:

1.2.840.10045.4.3.2

as the encryption algorithm.

Regards,

David

On 29/05/13 00:47, Lars Denkewitz wrote:

Hi all,

 

i have a problem to verify a signature which created with elliptic curves algorithm (prime256v1, OID: 1.2.840.10045.3.1.7). The result of code below

 

CMSProcessableByteArray signedContentUserBA = new CMSProcessableByteArray(

                  signedContentUser.getBytes());

CMSSignedData signedDataUser = new CMSSignedData(signedContentUserBA,

                  signedData);

Store store = signedDataUser.getCertificates();

JcaCertStoreBuilder certsStorenew = new JcaCertStoreBuilder();

certsStorenew.addCertificates(store);

CertStore certificatesInSignedData = certsStorenew.build();

SignerInformationStore signers = signedDataUser.getSignerInfos();

for (Iterator<?> counter = signers.getSigners().iterator(); counter

                  .hasNext();) {

      SignerInformation signer = (SignerInformation) counter.next();

 

      SignerId signerid = signer.getSID();

 

      JcaX509CertSelectorConverter conv = new JcaX509CertSelectorConverter();

                       

X509CertificateHolderSelector sel = new X509CertificateHolderSelector(signerid.getIssuer(), signerid.getSerialNumber());

 

X509CertSelector signerSelector = conv.getCertSelector(sel); 

                       

Collection<? extends Certificate> certCollection = certificatesInSignedData

                                   .getCertificates(signerSelector);

                       

                       

if (certCollection.isEmpty())

{

            X509Certificate x509CertUser = X509CertificateUtils.generateCertificateFromB64String(certUserB64); //convert from Base64

 

if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(x509CertUser))) {

                  verified = true;

} else {

verified = false;

            }

}

}

 

is from (exception form signer.verify()):

 

Exception in thread "Thread-4" java.lang.IllegalArgumentException: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

                at org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.generate(Unknown Source)

                at org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.find(Unknown Source)

                at org.bouncycastle.cms.SignerInformationVerifier.getContentVerifier(Unknown Source)

                at org.bouncycastle.cms.SignerInformation.doVerify(Unknown Source)

                at org.bouncycastle.cms.SignerInformation.verify(Unknown Source)

 

 

I read they are elliptic curves are supported from BC. Does anyone know where I can find a solution for that?

 

Thanks in advance for yours reply,

Lars




Reply | Threaded
Open this post in threaded view
|

AW: [dev-crypto] Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

RealWotan
Hi David,

I am not sure…is variable „signature” in your code the return value of
“signer.getSignature()” in my code (marked with “Davids Code to check vendor
encoded the signature correctly”? See code below please:

                    CMSProcessableByteArray sDataToCompareForTest = new
CMSProcessableByteArray(
                                  sDataForCompare.getBytes());

                    CMSSignedData signatureOrg = new
CMSSignedData(signatureData);

                    System.out.println("BC parsed: "
                                  +
signatureOrg.getContentInfo().getContent());

                    if (null != signatureOrg.getSignedContent()
                                  && null !=
signatureOrg.getSignedContent().getContent()) {
                           String toBeSigned1 = new String((byte[])
signatureOrg
                                        .getSignedContent().getContent());
                           System.out.println(new String(toBeSigned1));
                    } else {
                           System.out.println("data not encapsulated in
signature");
                    }

                    CMSSignedData signatureWithPushedsDataToCompare = new
CMSSignedData(sDataToCompareForTest,
                                  signatureData);

                    Store store =
signatureWithPushedsDataToCompare.getCertificates();
                    JcaCertStoreBuilder certsStorenew = new
JcaCertStoreBuilder();
                    certsStorenew.addCertificates(store);
                    CertStore certs = certsStorenew.build();
                    SignerInformationStore signers =
signatureWithPushedsDataToCompare.getSignerInfos();

                    for (Iterator<?> iterator =
signers.getSigners().iterator(); iterator
                                  .hasNext();) {
                           SignerInformation signer = (SignerInformation)
iterator.next();
                           Collection<? extends Certificate> certCollection
= certs
                                        .getCertificates(signer.getSID());
                           if (certCollection.isEmpty()) {
                                  // certifikat not included

                                  //Davids Code to check vendor encoded the
signature correctly
                                  ASN1Sequence s = (ASN1Sequence)
ASN1Primitive.fromByteArray(signer.getSignature());
                                  BigInteger[] sig = new BigInteger[2];

                                  sig[0] =
ASN1Integer.getInstance(s.getObjectAt(0))
                                               .getValue();
                                  sig[1] =
ASN1Integer.getInstance(s.getObjectAt(1))
                                               .getValue();

                                  if (signer.verify(new
JcaSimpleSignerInfoVerifierBuilder()
                                              
.setProvider("BC").build(x509CertUser))) {
                                        verified = true;
                                  }

                           }
                    }

                    if (!verified) {

                           String toBeSigned = new String((byte[])
signatureWithPushedsDataToCompare
                                        .getSignedContent().getContent());

                           System.out.println(new String(toBeSigned));
                    }

When its ok (but I don’t believe it ;-)), then output with exception is:

java.io.IOException: DER length more than 4 bytes: 84
       at
org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:333)
       at
org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:104)
       at
org.bouncycastle.asn1.ASN1InputStream.readObject(ASN1InputStream.java:223)
       at
org.bouncycastle.asn1.ASN1Primitive.fromByteArray(ASN1Primitive.java:27)
       at
SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B64Sing
le.java:184)

Thanks in advance!
Lars

Von: David Hook [mailto:[hidden email]]
Gesendet: Mittwoch, 29. Mai 2013 21:58
An: [hidden email]
Betreff: Re: [dev-crypto] Unknown signature type requested:
SHA256WITH1.2.840.10045.3.1.7


Hmmm. I think in this case I'd check they've encoded the signature
correctly:

Try the following on it:

            ASN1Sequence s =
(ASN1Sequence)ASN1Primitive.fromByteArray(signature);
            BigInteger[] sig = new BigInteger[2];

            sig[0] = ASN1Integer.getInstance(s.getObjectAt(0)).getValue();
            sig[1] = ASN1Integer.getInstance(s.getObjectAt(1)).getValue();

A common error here is that people forget that ASN.1 INTEGER is not unsigned
so forget to add a zero byte at the start
where the actual number has the high bit set in it's unsigned
representation, or they don't forget, but assume the numbers will always be
the same length and inadvertently overwrite one of the headers.

Regards,

David


Reply | Threaded
Open this post in threaded view
|

Re: AW: [dev-crypto] Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

David Hook

Yep, it's getSignature(). I think you might want to have a word to them
about this! (At least if it's really supposed to ECDSA).

Regards,

David

On 30/05/13 20:33, Lars Denkewitz wrote:

> Hi David,
>
> I am not sure…is variable „signature” in your code the return value of
> “signer.getSignature()” in my code (marked with “Davids Code to check vendor
> encoded the signature correctly”? See code below please:
>
>                      CMSProcessableByteArray sDataToCompareForTest = new
> CMSProcessableByteArray(
>                                    sDataForCompare.getBytes());
>
>                      CMSSignedData signatureOrg = new
> CMSSignedData(signatureData);
>
>                      System.out.println("BC parsed: "
>                                    +
> signatureOrg.getContentInfo().getContent());
>
>                      if (null != signatureOrg.getSignedContent()
>                                    && null !=
> signatureOrg.getSignedContent().getContent()) {
>                             String toBeSigned1 = new String((byte[])
> signatureOrg
>                                          .getSignedContent().getContent());
>                             System.out.println(new String(toBeSigned1));
>                      } else {
>                             System.out.println("data not encapsulated in
> signature");
>                      }
>
>                      CMSSignedData signatureWithPushedsDataToCompare = new
> CMSSignedData(sDataToCompareForTest,
>                                    signatureData);
>
>                      Store store =
> signatureWithPushedsDataToCompare.getCertificates();
>                      JcaCertStoreBuilder certsStorenew = new
> JcaCertStoreBuilder();
>                      certsStorenew.addCertificates(store);
>                      CertStore certs = certsStorenew.build();
>                      SignerInformationStore signers =
> signatureWithPushedsDataToCompare.getSignerInfos();
>
>                      for (Iterator<?> iterator =
> signers.getSigners().iterator(); iterator
>                                    .hasNext();) {
>                             SignerInformation signer = (SignerInformation)
> iterator.next();
>                             Collection<? extends Certificate> certCollection
> = certs
>                                          .getCertificates(signer.getSID());
>                             if (certCollection.isEmpty()) {
>                                    // certifikat not included
>
>                                    //Davids Code to check vendor encoded the
> signature correctly
>                                    ASN1Sequence s = (ASN1Sequence)
> ASN1Primitive.fromByteArray(signer.getSignature());
>                                    BigInteger[] sig = new BigInteger[2];
>
>                                    sig[0] =
> ASN1Integer.getInstance(s.getObjectAt(0))
>                                                 .getValue();
>                                    sig[1] =
> ASN1Integer.getInstance(s.getObjectAt(1))
>                                                 .getValue();
>
>                                    if (signer.verify(new
> JcaSimpleSignerInfoVerifierBuilder()
>                                                
> .setProvider("BC").build(x509CertUser))) {
>                                          verified = true;
>                                    }
>
>                             }
>                      }
>
>                      if (!verified) {
>
>                             String toBeSigned = new String((byte[])
> signatureWithPushedsDataToCompare
>                                          .getSignedContent().getContent());
>
>                             System.out.println(new String(toBeSigned));
>                      }
>
> When its ok (but I don’t believe it ;-)), then output with exception is:
>
> java.io.IOException: DER length more than 4 bytes: 84
>         at
> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:333)
>         at
> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:104)
>         at
> org.bouncycastle.asn1.ASN1InputStream.readObject(ASN1InputStream.java:223)
>         at
> org.bouncycastle.asn1.ASN1Primitive.fromByteArray(ASN1Primitive.java:27)
>         at
> SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B64Sing
> le.java:184)
>
> Thanks in advance!
> Lars
>
> Von: David Hook [mailto:[hidden email]]
> Gesendet: Mittwoch, 29. Mai 2013 21:58
> An: [hidden email]
> Betreff: Re: [dev-crypto] Unknown signature type requested:
> SHA256WITH1.2.840.10045.3.1.7
>
>
> Hmmm. I think in this case I'd check they've encoded the signature
> correctly:
>
> Try the following on it:
>
>              ASN1Sequence s =
> (ASN1Sequence)ASN1Primitive.fromByteArray(signature);
>              BigInteger[] sig = new BigInteger[2];
>
>              sig[0] = ASN1Integer.getInstance(s.getObjectAt(0)).getValue();
>              sig[1] = ASN1Integer.getInstance(s.getObjectAt(1)).getValue();
>
> A common error here is that people forget that ASN.1 INTEGER is not unsigned
> so forget to add a zero byte at the start
> where the actual number has the high bit set in it's unsigned
> representation, or they don't forget, but assume the numbers will always be
> the same length and inadvertently overwrite one of the headers.
>
> Regards,
>
> David
>
>


Reply | Threaded
Open this post in threaded view
|

AW: AW: [dev-crypto] Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

RealWotan
Hi David,

ok, thanks. One question before I will do it: did you see the exception
after my code ("DER length more than 4 bytes: 84")? Which result do you
excpect (to tell them)?

java.io.IOException: DER length more than 4 bytes: 84
at
org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:333)
at
org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:104)
at
org.bouncycastle.asn1.ASN1InputStream.readObject(ASN1InputStream.java:223)
at org.bouncycastle.asn1.ASN1Primitive.fromByteArray(ASN1Primitive.java:27)
at
SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B64Sing
le.java:184)

regards.
Lars

-----Ursprüngliche Nachricht-----
Von: David Hook [mailto:[hidden email]]
Gesendet: Donnerstag, 30. Mai 2013 13:43
An: [hidden email]
Betreff: Re: AW: [dev-crypto] Unknown signature type requested:
SHA256WITH1.2.840.10045.3.1.7


Yep, it's getSignature(). I think you might want to have a word to them
about this! (At least if it's really supposed to ECDSA).

Regards,

David

On 30/05/13 20:33, Lars Denkewitz wrote:

> Hi David,
>
> I am not sure…is variable „signature” in your code the return value of
> “signer.getSignature()” in my code (marked with “Davids Code to check
> vendor encoded the signature correctly”? See code below please:
>
>                      CMSProcessableByteArray sDataToCompareForTest =
> new CMSProcessableByteArray(
>                                    sDataForCompare.getBytes());
>
>                      CMSSignedData signatureOrg = new
> CMSSignedData(signatureData);
>
>                      System.out.println("BC parsed: "
>                                    +
> signatureOrg.getContentInfo().getContent());
>
>                      if (null != signatureOrg.getSignedContent()
>                                    && null !=
> signatureOrg.getSignedContent().getContent()) {
>                             String toBeSigned1 = new String((byte[])
> signatureOrg
>
.getSignedContent().getContent());

>                             System.out.println(new String(toBeSigned1));
>                      } else {
>                             System.out.println("data not encapsulated
> in signature");
>                      }
>
>                      CMSSignedData signatureWithPushedsDataToCompare =
> new CMSSignedData(sDataToCompareForTest,
>                                    signatureData);
>
>                      Store store =
> signatureWithPushedsDataToCompare.getCertificates();
>                      JcaCertStoreBuilder certsStorenew = new
> JcaCertStoreBuilder();
>                      certsStorenew.addCertificates(store);
>                      CertStore certs = certsStorenew.build();
>                      SignerInformationStore signers =
> signatureWithPushedsDataToCompare.getSignerInfos();
>
>                      for (Iterator<?> iterator =
> signers.getSigners().iterator(); iterator
>                                    .hasNext();) {
>                             SignerInformation signer =
> (SignerInformation) iterator.next();
>                             Collection<? extends Certificate>
> certCollection = certs
>
.getCertificates(signer.getSID());

>                             if (certCollection.isEmpty()) {
>                                    // certifikat not included
>
>                                    //Davids Code to check vendor
> encoded the signature correctly
>                                    ASN1Sequence s = (ASN1Sequence)
> ASN1Primitive.fromByteArray(signer.getSignature());
>                                    BigInteger[] sig = new
> BigInteger[2];
>
>                                    sig[0] =
> ASN1Integer.getInstance(s.getObjectAt(0))
>                                                 .getValue();
>                                    sig[1] =
> ASN1Integer.getInstance(s.getObjectAt(1))
>                                                 .getValue();
>
>                                    if (signer.verify(new
> JcaSimpleSignerInfoVerifierBuilder()
>                                                
> .setProvider("BC").build(x509CertUser))) {
>                                          verified = true;
>                                    }
>
>                             }
>                      }
>
>                      if (!verified) {
>
>                             String toBeSigned = new String((byte[])
> signatureWithPushedsDataToCompare
>                                          
> .getSignedContent().getContent());
>
>                             System.out.println(new String(toBeSigned));
>                      }
>
> When its ok (but I don’t believe it ;-)), then output with exception is:
>
> java.io.IOException: DER length more than 4 bytes: 84
>         at
> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:333)
>         at
> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:104)
>         at
> org.bouncycastle.asn1.ASN1InputStream.readObject(ASN1InputStream.java:223)
>         at
> org.bouncycastle.asn1.ASN1Primitive.fromByteArray(ASN1Primitive.java:27)
>         at
> SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B
> 64Sing
> le.java:184)
>
> Thanks in advance!
> Lars
>
> Von: David Hook [mailto:[hidden email]]
> Gesendet: Mittwoch, 29. Mai 2013 21:58
> An: [hidden email]
> Betreff: Re: [dev-crypto] Unknown signature type requested:
> SHA256WITH1.2.840.10045.3.1.7
>
>
> Hmmm. I think in this case I'd check they've encoded the signature
> correctly:
>
> Try the following on it:
>
>              ASN1Sequence s =
> (ASN1Sequence)ASN1Primitive.fromByteArray(signature);
>              BigInteger[] sig = new BigInteger[2];
>
>              sig[0] =
ASN1Integer.getInstance(s.getObjectAt(0)).getValue();

>              sig[1] =
> ASN1Integer.getInstance(s.getObjectAt(1)).getValue();
>
> A common error here is that people forget that ASN.1 INTEGER is not
> unsigned so forget to add a zero byte at the start where the actual
> number has the high bit set in it's unsigned representation, or they
> don't forget, but assume the numbers will always be the same length
> and inadvertently overwrite one of the headers.
>
> Regards,
>
> David
>
>




Reply | Threaded
Open this post in threaded view
|

Re: AW: [dev-crypto] Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

Matthew Hall
In reply to this post by David Hook
The dumpasn1 utility or openssl asn1parse might reveal the exact encoding error present in comparison with the appropriate RFCs and attached ASN.1 grammar at the end of each said RFC.
--
Sent from my mobile device.

David Hook <[hidden email]> wrote:

>
>Yep, it's getSignature(). I think you might want to have a word to them
>
>about this! (At least if it's really supposed to ECDSA).
>
>Regards,
>
>David
>
>On 30/05/13 20:33, Lars Denkewitz wrote:
>> Hi David,
>>
>> I am not sure…is variable „signature” in your code the return value
>of
>> “signer.getSignature()” in my code (marked with “Davids Code to check
>vendor
>> encoded the signature correctly”? See code below please:
>>
>>                      CMSProcessableByteArray sDataToCompareForTest =
>new
>> CMSProcessableByteArray(
>>                                    sDataForCompare.getBytes());
>>
>>                      CMSSignedData signatureOrg = new
>> CMSSignedData(signatureData);
>>
>>                      System.out.println("BC parsed: "
>>                                    +
>> signatureOrg.getContentInfo().getContent());
>>
>>                      if (null != signatureOrg.getSignedContent()
>>                                    && null !=
>> signatureOrg.getSignedContent().getContent()) {
>>                             String toBeSigned1 = new String((byte[])
>> signatureOrg
>>                                        
>.getSignedContent().getContent());
>>                             System.out.println(new
>String(toBeSigned1));
>>                      } else {
>>                             System.out.println("data not encapsulated
>in
>> signature");
>>                      }
>>
>>                      CMSSignedData signatureWithPushedsDataToCompare
>= new
>> CMSSignedData(sDataToCompareForTest,
>>                                    signatureData);
>>
>>                      Store store =
>> signatureWithPushedsDataToCompare.getCertificates();
>>                      JcaCertStoreBuilder certsStorenew = new
>> JcaCertStoreBuilder();
>>                      certsStorenew.addCertificates(store);
>>                      CertStore certs = certsStorenew.build();
>>                      SignerInformationStore signers =
>> signatureWithPushedsDataToCompare.getSignerInfos();
>>
>>                      for (Iterator<?> iterator =
>> signers.getSigners().iterator(); iterator
>>                                    .hasNext();) {
>>                             SignerInformation signer =
>(SignerInformation)
>> iterator.next();
>>                             Collection<? extends Certificate>
>certCollection
>> = certs
>>                                        
>.getCertificates(signer.getSID());
>>                             if (certCollection.isEmpty()) {
>>                                    // certifikat not included
>>
>>                                    //Davids Code to check vendor
>encoded the
>> signature correctly
>>                                    ASN1Sequence s = (ASN1Sequence)
>> ASN1Primitive.fromByteArray(signer.getSignature());
>>                                    BigInteger[] sig = new
>BigInteger[2];
>>
>>                                    sig[0] =
>> ASN1Integer.getInstance(s.getObjectAt(0))
>>                                                 .getValue();
>>                                    sig[1] =
>> ASN1Integer.getInstance(s.getObjectAt(1))
>>                                                 .getValue();
>>
>>                                    if (signer.verify(new
>> JcaSimpleSignerInfoVerifierBuilder()
>>                                                
>> .setProvider("BC").build(x509CertUser))) {
>>                                          verified = true;
>>                                    }
>>
>>                             }
>>                      }
>>
>>                      if (!verified) {
>>
>>                             String toBeSigned = new String((byte[])
>> signatureWithPushedsDataToCompare
>>                                        
>.getSignedContent().getContent());
>>
>>                             System.out.println(new
>String(toBeSigned));
>>                      }
>>
>> When its ok (but I don’t believe it ;-)), then output with exception
>is:
>>
>> java.io.IOException: DER length more than 4 bytes: 84
>>         at
>>
>org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:333)
>>         at
>>
>org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:104)
>>         at
>>
>org.bouncycastle.asn1.ASN1InputStream.readObject(ASN1InputStream.java:223)
>>         at
>>
>org.bouncycastle.asn1.ASN1Primitive.fromByteArray(ASN1Primitive.java:27)
>>         at
>>
>SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B64Sing
>> le.java:184)
>>
>> Thanks in advance!
>> Lars
>>
>> Von: David Hook [mailto:[hidden email]]
>> Gesendet: Mittwoch, 29. Mai 2013 21:58
>> An: [hidden email]
>> Betreff: Re: [dev-crypto] Unknown signature type requested:
>> SHA256WITH1.2.840.10045.3.1.7
>>
>>
>> Hmmm. I think in this case I'd check they've encoded the signature
>> correctly:
>>
>> Try the following on it:
>>
>>              ASN1Sequence s =
>> (ASN1Sequence)ASN1Primitive.fromByteArray(signature);
>>              BigInteger[] sig = new BigInteger[2];
>>
>>              sig[0] =
>ASN1Integer.getInstance(s.getObjectAt(0)).getValue();
>>              sig[1] =
>ASN1Integer.getInstance(s.getObjectAt(1)).getValue();
>>
>> A common error here is that people forget that ASN.1 INTEGER is not
>unsigned
>> so forget to add a zero byte at the start
>> where the actual number has the high bit set in it's unsigned
>> representation, or they don't forget, but assume the numbers will
>always be
>> the same length and inadvertently overwrite one of the headers.
>>
>> Regards,
>>
>> David
>>
>>


Reply | Threaded
Open this post in threaded view
|

Re: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

RealWotan
Very interesting tool, i tested the critical signature with Gui Version
of dumpasn1 from
http://geminisecurity.com/features-downloads/tools/guidumpasn/. The
program has no problems to read the signature and says at status line: 0
warnings, 0 errors. :-/

Am 30.05.2013 18:16, schrieb Matthew Hall:
> The dumpasn1 utility or openssl asn1parse might reveal the exact encoding error present in comparison with the appropriate RFCs and attached ASN.1 grammar at the end of each said RFC.


Reply | Threaded
Open this post in threaded view
|

Re: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

Matthew Hall
dumpasn1 has options, at least in the CLI version, which let you dump out the bytes and length and type flags of the various values. These can be compared between the exception from the BC library, and the ECC specs, and the ASN.1 encoding specs, to find what item is not encoded as expected and why, so it can be corrected.
--
Sent from my mobile device.

Lars Denkewitz <[hidden email]> wrote:

>Very interesting tool, i tested the critical signature with Gui Version
>
>of dumpasn1 from
>http://geminisecurity.com/features-downloads/tools/guidumpasn/. The
>program has no problems to read the signature and says at status line:
>0
>warnings, 0 errors. :-/
>
>Am 30.05.2013 18:16, schrieb Matthew Hall:
>> The dumpasn1 utility or openssl asn1parse might reveal the exact
>encoding error present in comparison with the appropriate RFCs and
>attached ASN.1 grammar at the end of each said RFC.


Reply | Threaded
Open this post in threaded view
|

Re: Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

Matthew Hall
Note: It is surely possible for the vendor to encode the wrong series of ASN.1 types, with 100% correct encoding, that dumpasn1 will not reject, which no implementation or only few implementations of the actual ECC protocol will be able to read. ASN.1 is an abstract grammar for many datatypes, so people often get confused and plug in the wrong ones.
--
Sent from my mobile device.

Matthew Hall <[hidden email]> wrote:

>dumpasn1 has options, at least in the CLI version, which let you dump
>out the bytes and length and type flags of the various values. These
>can be compared between the exception from the BC library, and the ECC
>specs, and the ASN.1 encoding specs, to find what item is not encoded
>as expected and why, so it can be corrected.


Reply | Threaded
Open this post in threaded view
|

Re: AW: AW: [dev-crypto] Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

David Hook
In reply to this post by RealWotan

I'd be asking the vendor to explain how it is possible that this would
happen. It doesn't look like the signature even represents a valid stream.

Regards,

David

On 30/05/13 22:38, Lars Denkewitz wrote:

> Hi David,
>
> ok, thanks. One question before I will do it: did you see the exception
> after my code ("DER length more than 4 bytes: 84")? Which result do you
> excpect (to tell them)?
>
> java.io.IOException: DER length more than 4 bytes: 84
> at
> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:333)
> at
> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:104)
> at
> org.bouncycastle.asn1.ASN1InputStream.readObject(ASN1InputStream.java:223)
> at org.bouncycastle.asn1.ASN1Primitive.fromByteArray(ASN1Primitive.java:27)
> at
> SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B64Sing
> le.java:184)
>
> regards.
> Lars
>
> -----Ursprüngliche Nachricht-----
> Von: David Hook [mailto:[hidden email]]
> Gesendet: Donnerstag, 30. Mai 2013 13:43
> An: [hidden email]
> Betreff: Re: AW: [dev-crypto] Unknown signature type requested:
> SHA256WITH1.2.840.10045.3.1.7
>
>
> Yep, it's getSignature(). I think you might want to have a word to them
> about this! (At least if it's really supposed to ECDSA).
>
> Regards,
>
> David
>
> On 30/05/13 20:33, Lars Denkewitz wrote:
>> Hi David,
>>
>> I am not sure…is variable „signature” in your code the return value of
>> “signer.getSignature()” in my code (marked with “Davids Code to check
>> vendor encoded the signature correctly”? See code below please:
>>
>>                       CMSProcessableByteArray sDataToCompareForTest =
>> new CMSProcessableByteArray(
>>                                     sDataForCompare.getBytes());
>>
>>                       CMSSignedData signatureOrg = new
>> CMSSignedData(signatureData);
>>
>>                       System.out.println("BC parsed: "
>>                                     +
>> signatureOrg.getContentInfo().getContent());
>>
>>                       if (null != signatureOrg.getSignedContent()
>>                                     && null !=
>> signatureOrg.getSignedContent().getContent()) {
>>                              String toBeSigned1 = new String((byte[])
>> signatureOrg
>>
> .getSignedContent().getContent());
>>                              System.out.println(new String(toBeSigned1));
>>                       } else {
>>                              System.out.println("data not encapsulated
>> in signature");
>>                       }
>>
>>                       CMSSignedData signatureWithPushedsDataToCompare =
>> new CMSSignedData(sDataToCompareForTest,
>>                                     signatureData);
>>
>>                       Store store =
>> signatureWithPushedsDataToCompare.getCertificates();
>>                       JcaCertStoreBuilder certsStorenew = new
>> JcaCertStoreBuilder();
>>                       certsStorenew.addCertificates(store);
>>                       CertStore certs = certsStorenew.build();
>>                       SignerInformationStore signers =
>> signatureWithPushedsDataToCompare.getSignerInfos();
>>
>>                       for (Iterator<?> iterator =
>> signers.getSigners().iterator(); iterator
>>                                     .hasNext();) {
>>                              SignerInformation signer =
>> (SignerInformation) iterator.next();
>>                              Collection<? extends Certificate>
>> certCollection = certs
>>
> .getCertificates(signer.getSID());
>>                              if (certCollection.isEmpty()) {
>>                                     // certifikat not included
>>
>>                                     //Davids Code to check vendor
>> encoded the signature correctly
>>                                     ASN1Sequence s = (ASN1Sequence)
>> ASN1Primitive.fromByteArray(signer.getSignature());
>>                                     BigInteger[] sig = new
>> BigInteger[2];
>>
>>                                     sig[0] =
>> ASN1Integer.getInstance(s.getObjectAt(0))
>>                                                  .getValue();
>>                                     sig[1] =
>> ASN1Integer.getInstance(s.getObjectAt(1))
>>                                                  .getValue();
>>
>>                                     if (signer.verify(new
>> JcaSimpleSignerInfoVerifierBuilder()
>>                                                
>> .setProvider("BC").build(x509CertUser))) {
>>                                           verified = true;
>>                                     }
>>
>>                              }
>>                       }
>>
>>                       if (!verified) {
>>
>>                              String toBeSigned = new String((byte[])
>> signatureWithPushedsDataToCompare
>>                                          
>> .getSignedContent().getContent());
>>
>>                              System.out.println(new String(toBeSigned));
>>                       }
>>
>> When its ok (but I don’t believe it ;-)), then output with exception is:
>>
>> java.io.IOException: DER length more than 4 bytes: 84
>>          at
>> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:333)
>>          at
>> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:104)
>>          at
>> org.bouncycastle.asn1.ASN1InputStream.readObject(ASN1InputStream.java:223)
>>          at
>> org.bouncycastle.asn1.ASN1Primitive.fromByteArray(ASN1Primitive.java:27)
>>          at
>> SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B
>> 64Sing
>> le.java:184)
>>
>> Thanks in advance!
>> Lars
>>
>> Von: David Hook [mailto:[hidden email]]
>> Gesendet: Mittwoch, 29. Mai 2013 21:58
>> An: [hidden email]
>> Betreff: Re: [dev-crypto] Unknown signature type requested:
>> SHA256WITH1.2.840.10045.3.1.7
>>
>>
>> Hmmm. I think in this case I'd check they've encoded the signature
>> correctly:
>>
>> Try the following on it:
>>
>>               ASN1Sequence s =
>> (ASN1Sequence)ASN1Primitive.fromByteArray(signature);
>>               BigInteger[] sig = new BigInteger[2];
>>
>>               sig[0] =
> ASN1Integer.getInstance(s.getObjectAt(0)).getValue();
>>               sig[1] =
>> ASN1Integer.getInstance(s.getObjectAt(1)).getValue();
>>
>> A common error here is that people forget that ASN.1 INTEGER is not
>> unsigned so forget to add a zero byte at the start where the actual
>> number has the high bit set in it's unsigned representation, or they
>> don't forget, but assume the numbers will always be the same length
>> and inadvertently overwrite one of the headers.
>>
>> Regards,
>>
>> David
>>
>>
>
>
>


Reply | Threaded
Open this post in threaded view
|

AW: AW: AW: [dev-crypto] Unknown signature type requested: SHA256WITH1.2.840.10045.3.1.7

RealWotan
Hi David,

thanks a lot! The vendor has changed the encoding of signature from
Bit-Encoding to DER-Encoding. Now it works fine!!!

Regards
Lars

-----Ursprüngliche Nachricht-----
Von: David Hook [mailto:[hidden email]]
Gesendet: Donnerstag, 30. Mai 2013 23:20
An: [hidden email] >> "[hidden email]"
Betreff: Re: AW: AW: [dev-crypto] Unknown signature type requested:
SHA256WITH1.2.840.10045.3.1.7


I'd be asking the vendor to explain how it is possible that this would
happen. It doesn't look like the signature even represents a valid stream.

Regards,

David

On 30/05/13 22:38, Lars Denkewitz wrote:

> Hi David,
>
> ok, thanks. One question before I will do it: did you see the
> exception after my code ("DER length more than 4 bytes: 84")? Which
> result do you excpect (to tell them)?
>
> java.io.IOException: DER length more than 4 bytes: 84 at
> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:
> 333)
> at
> org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:
> 104)
> at
> org.bouncycastle.asn1.ASN1InputStream.readObject(ASN1InputStream.java:
> 223) at
> org.bouncycastle.asn1.ASN1Primitive.fromByteArray(ASN1Primitive.java:2
> 7)
> at
> SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_B
> 64Sing
> le.java:184)
>
> regards.
> Lars
>
> -----Ursprüngliche Nachricht-----
> Von: David Hook [mailto:[hidden email]]
> Gesendet: Donnerstag, 30. Mai 2013 13:43
> An: [hidden email]
> Betreff: Re: AW: [dev-crypto] Unknown signature type requested:
> SHA256WITH1.2.840.10045.3.1.7
>
>
> Yep, it's getSignature(). I think you might want to have a word to
> them about this! (At least if it's really supposed to ECDSA).
>
> Regards,
>
> David
>
> On 30/05/13 20:33, Lars Denkewitz wrote:
>> Hi David,
>>
>> I am not sure…is variable „signature” in your code the return value
>> of “signer.getSignature()” in my code (marked with “Davids Code to
>> check vendor encoded the signature correctly”? See code below please:
>>
>>                       CMSProcessableByteArray sDataToCompareForTest =
>> new CMSProcessableByteArray(
>>                                     sDataForCompare.getBytes());
>>
>>                       CMSSignedData signatureOrg = new
>> CMSSignedData(signatureData);
>>
>>                       System.out.println("BC parsed: "
>>                                     +
>> signatureOrg.getContentInfo().getContent());
>>
>>                       if (null != signatureOrg.getSignedContent()
>>                                     && null !=
>> signatureOrg.getSignedContent().getContent()) {
>>                              String toBeSigned1 = new String((byte[])
>> signatureOrg
>>
> .getSignedContent().getContent());
>>                              System.out.println(new String(toBeSigned1));
>>                       } else {
>>                              System.out.println("data not
>> encapsulated in signature");
>>                       }
>>
>>                       CMSSignedData signatureWithPushedsDataToCompare
>> = new CMSSignedData(sDataToCompareForTest,
>>                                     signatureData);
>>
>>                       Store store =
>> signatureWithPushedsDataToCompare.getCertificates();
>>                       JcaCertStoreBuilder certsStorenew = new
>> JcaCertStoreBuilder();
>>                       certsStorenew.addCertificates(store);
>>                       CertStore certs = certsStorenew.build();
>>                       SignerInformationStore signers =
>> signatureWithPushedsDataToCompare.getSignerInfos();
>>
>>                       for (Iterator<?> iterator =
>> signers.getSigners().iterator(); iterator
>>                                     .hasNext();) {
>>                              SignerInformation signer =
>> (SignerInformation) iterator.next();
>>                              Collection<? extends Certificate>
>> certCollection = certs
>>
> .getCertificates(signer.getSID());
>>                              if (certCollection.isEmpty()) {
>>                                     // certifikat not included
>>
>>                                     //Davids Code to check vendor
>> encoded the signature correctly
>>                                     ASN1Sequence s = (ASN1Sequence)
>> ASN1Primitive.fromByteArray(signer.getSignature());
>>                                     BigInteger[] sig = new
>> BigInteger[2];
>>
>>                                     sig[0] =
>> ASN1Integer.getInstance(s.getObjectAt(0))
>>                                                  .getValue();
>>                                     sig[1] =
>> ASN1Integer.getInstance(s.getObjectAt(1))
>>                                                  .getValue();
>>
>>                                     if (signer.verify(new
>> JcaSimpleSignerInfoVerifierBuilder()
>>                                                
>> .setProvider("BC").build(x509CertUser))) {
>>                                           verified = true;
>>                                     }
>>
>>                              }
>>                       }
>>
>>                       if (!verified) {
>>
>>                              String toBeSigned = new String((byte[])
>> signatureWithPushedsDataToCompare
>>                                          
>> .getSignedContent().getContent());
>>
>>                              System.out.println(new String(toBeSigned));
>>                       }
>>
>> When its ok (but I don’t believe it ;-)), then output with exception is:
>>
>> java.io.IOException: DER length more than 4 bytes: 84
>>          at
>>
org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:333)
>>          at
>>
org.bouncycastle.asn1.ASN1InputStream.readLength(ASN1InputStream.java:104)
>>          at
>>
org.bouncycastle.asn1.ASN1InputStream.readObject(ASN1InputStream.java:223)

>>          at
>> org.bouncycastle.asn1.ASN1Primitive.fromByteArray(ASN1Primitive.java:27)
>>          at
>> SignatureVerifyWithBC_from_B64Single.main(SignatureVerifyWithBC_from_
>> B
>> 64Sing
>> le.java:184)
>>
>> Thanks in advance!
>> Lars
>>
>> Von: David Hook [mailto:[hidden email]]
>> Gesendet: Mittwoch, 29. Mai 2013 21:58
>> An: [hidden email]
>> Betreff: Re: [dev-crypto] Unknown signature type requested:
>> SHA256WITH1.2.840.10045.3.1.7
>>
>>
>> Hmmm. I think in this case I'd check they've encoded the signature
>> correctly:
>>
>> Try the following on it:
>>
>>               ASN1Sequence s =
>> (ASN1Sequence)ASN1Primitive.fromByteArray(signature);
>>               BigInteger[] sig = new BigInteger[2];
>>
>>               sig[0] =
> ASN1Integer.getInstance(s.getObjectAt(0)).getValue();
>>               sig[1] =
>> ASN1Integer.getInstance(s.getObjectAt(1)).getValue();
>>
>> A common error here is that people forget that ASN.1 INTEGER is not
>> unsigned so forget to add a zero byte at the start where the actual
>> number has the high bit set in it's unsigned representation, or they
>> don't forget, but assume the numbers will always be the same length
>> and inadvertently overwrite one of the headers.
>>
>> Regards,
>>
>> David
>>
>>
>
>
>