That looks like a question to the IAIK guys.
Paulo
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Khurram Saleem
Sent: Thursday, June 07, 2007 4:35 PM
To: [email protected]
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [iText-questions] Adding revocation information in
PKCS#7duringsigning
Hi,
Thanx for previous reply and good guidance. For your ease the
thread link of previous reply is as follows:
http://www.mail-archive.com/itext-questions%40lists.sourceforge.net/msg3
1595.html
Now I'm facing a problem in adding revocation information during
signing. I'm successful to add RFC3161 Timestamp Token in PKCS#7 but
unable to add CRL in PKCS#7. The problem is that after adding revocation
information the signature is no more valid. By opening PDF it is showing
signature as corrupted/invalid.
Please help me in this regard. Am I doing any thing wrong?
The sample code is as follows:
ObjectID REVOCATION_OID = new ObjectID("1.2.840.113583.1.1.8",
"RevocationInfoArchival");
SEQUENCE obj_revocationInfo = new SEQUENCE();
SEQUENCE obj_crl = new SEQUENCE();
try {
FileInputStream obj_in = new
FileInputStream("test.crl");
iaik.x509.X509CRL obj_x509Crl = new
iaik.x509.X509CRL(obj_in);
obj_in.close();
obj_crl.addComponent(new
OCTET_STRING(obj_x509Crl.getEncoded()));
obj_revocationInfo.addComponent(obj_crl);
} catch (Exception ex) {
m_objLogger.logException("CRL Revocation Information
can't be embedded", ex);
return b_revoResponse;
}
try {
Attribute[] Signed_attributes = new Attribute[1];
Signed_attributes[0] = new Attribute(REVOCATION_OID,
new ASN1Object[] {new ASN1(obj_revocationInfo).toASN1Object()});
m_objSignedData.getSignerInfos()[0].setAuthenticatedAttributes(Signed_at
tributes);
} catch (Exception ex) {
m_objLogger.logException("Unable to assign
Authenticated Attributes", ex);
return false;
}
Regards,
KS
Aviso Legal:
Esta mensagem é destinada exclusivamente ao destinatário. Pode conter
informação confidencial ou legalmente protegida. A incorrecta transmissão desta
mensagem não significa a perca de confidencialidade. Se esta mensagem for
recebida por engano, por favor envie-a de volta para o remetente e apague-a do
seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de
usar, revelar ou distribuir qualquer parte desta mensagem.
Disclaimer:
This message is destined exclusively to the intended receiver. It may contain
confidential or legally protected information. The incorrect transmission of
this message does not mean the loss of its confidentiality. If this message is
received by mistake, please send it back to the sender and delete it from your
system immediately. It is forbidden to any person who is not the intended
receiver to use, distribute or copy any part of this message.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://itext.ugent.be/itext-in-action/
