Re: PKCS11 quagmire... (JSS question) [really solved]

Mon, 30 Jul 2007 08:20:07 -0700 

Small, but important update to this...I was signing the wrong thing and 
missing a section of the SignerInfo.  The code in the previous post 
generates a valid ASN.1 encoded SignerInfo, but not one that will pass 
its own verify method.  The below code works properly.

public SignerInfo createBCSignerInfo(byte[] pkiDataHashBytes){
       Attribute contentTypeAttr = new Attribute(new 
DERObjectIdentifier(CONTENT_TYPE_OID), new DERSet(new 
DERObjectIdentifier(PKIDATA_OID)));
       Attribute messageDigestAttr = new Attribute(new 
DERObjectIdentifier(MESSAGE_DIGEST_OID), new DERSet(new 
DEROctetString(pkiDataHashBytes)));
       ASN1Set authenticatedAttributes = new DERSet(new Attribute[] 
{contentTypeAttr, messageDigestAttr});
       ASN1TaggedObject signedAttrTaggedObject = new 
DERTaggedObject(false, 0, authenticatedAttributes);

       //sign the authenticatedAttributes
       Signature sig = Signature.getInstance("SHA1withRSA");
       sig.initSign(agentPrivateKey);
       sig.update(authenticatedAttributes.getEncoded());
       byte[] encryptedHashBytes = sig.sign();

       //Add BC pieces to create a SignerInfo
       ASN1EncodableVector bcSignerInfo = new ASN1EncodableVector();
       bcSignerInfo.add(new DERInteger(1));  //version 1 if using 
issuerAndSerialNumber, 3 if using subjectKeyIdentifier
       bcSignerInfo.add(new 
IssuerAndSerialNumber(PrincipalUtil.getIssuerX509Principal(agentCert),agentCert.getSerialNumber()));
       bcSignerInfo.add(new 
org.bouncycastle.asn1.x509.AlgorithmIdentifier(SHA1_OID)); //SHA1 OID
       bcSignerInfo.add(signedAttrTaggedObject);
       bcSignerInfo.add(new 
org.bouncycastle.asn1.x509.AlgorithmIdentifier(RSA_ENCRYPTION_OID)); 
//SHA1withRSA OID (rsaEncryption)
       bcSignerInfo.add(new DEROctetString(encryptedHashBytes));

       //DER encode the BC SignerInfo
       ByteArrayOutputStream baos = new ByteArrayOutputStream();
       DEROutputStream dout = new DEROutputStream(baos);
       dout.writeObject(new DERSequence(bcSignerInfo));
       dout.close();
       byte[] signerInfoDERBytes = baos.toByteArray();

       //parse the DER signerInfo created with BouncyCastle into a JSS 
SignerInfo
       return (SignerInfo) ASN1Util.decode(SignerInfo.getTemplate(), 
signerInfoDERBytes);
}
_______________________________________________
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to