Here is the problem.
I have a pkcs#7 object, created by Netscape with crypto.signtext()
method.
I can parse the object with JSS. But when I verify it, it tells me
that signature is invalid...
I take the public key from the only certificate included in the Pkcs#7
object.
I don't think that Netscape signtext() method is bugged... There is a
problem , but where.... I hope you'll be able to help me !
(I have verified the key in the object, it is the right one).
Included is all you need to perform the test...
Here is the code :
----------CODE START----------
try {
CryptoManager.InitializationValues vals =
new CryptoManager.InitializationValues("/databasepath/");
vals.removeSunProvider = false;
CryptoManager.initialize(vals);
}
catch (AlreadyInitializedException e) {}
FileInputStream fiss = new FileInputStream("signed.b64");
// you have to decode the base64 pkcs#7 file
// use sun decoder (included in jdk) if you don't have
javamail
InputStream is =
javax.mail.internet.MimeUtility.decode(fiss,"base64");
BufferedInputStream bis = new BufferedInputStream(is);
byte[] messageDigest = {(byte)0xCA,(byte)0x9A,(byte)0x46,(byte)0xEC,
(byte)0xFB,(byte)0x68,(byte)0x50,(byte)0xB2,
(byte)0x7A,(byte)0x4B,(byte)0x71,(byte)0x78,
(byte)0x6F,(byte)0x31,(byte)0x7D,(byte)0x34,
(byte)0x4C,(byte)0xEF,(byte)0x2E,(byte)0x0A};
ContentInfo ci = (ContentInfo) ContentInfo.getTemplate().decode(bis);
SignedData sd = (SignedData) ci.getInterpretedContent();
SignerInfo sinfo = (SignerInfo) sd.getSignerInfos().elementAt(0);
SET certs = sd.getCertificates();
org.mozilla.jss.pkix.cert.Certificate cert =
(org.mozilla.jss.pkix.cert.Certificate) certs.elementAt(0);
sinfo.verify(messageDigest,ContentInfo.DATA,cert.getInfo().getSubjectPublicKeyInfo().toPublicKey());
out.println("Signature ok!!!");
}
catch (Exception e) {e.printStackTrace();throw new Exception(
"Exception checking RAO signature : " + e.getMessage() );}
----------CODE END----------
Here is the base64 Pkcs#7 object :
-----------Pkcs#7 Start-----------
MIIEhwYJKoZIhvcNAQcCoIIEeDCCBHQCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3
DQEHAaCCAn4wggJ6MIIB46ADAgECAgEWMAsGCSqGSIb3DQEBBDByMRkwFwYDVQQD
ExBDQSBPcGVuIFBLSSBKYXZhMQswCQYDVQQGEwJmcjERMA8GA1UEBxMIbWFsYWtv
ZmYxEzARBgNVBAsTCmUtc2VydmljZXMxDzANBgNVBAoTBnRoYWxlczEPMA0GA1UE
CBMGZnJhbmNlMB4XDTAxMDEwMTEzNTQ1MFoXDTAyMDEwMTEzNTQ1MFowRDEOMAwG
A1UEAxMFcm8gcm8xCzAJBgNVBAYTAmZyMQswCQYDVQQLEwJybzELMAkGA1UECxMC
cm8xCzAJBgNVBAoTAnJvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDU16wq
Du/nLmFSgvzF6S2wRfPFy908Uj/Kp+Df6Cun8G0RmYxNqce+/XUvhfROz7Sk5+ni
qWi8cyA4Co8PPtQRse5QQMLw65aKG9KEoIXe1b4QyllyzRsCUH4LNSNAnL9eJToJ
MZo9C2mZ4Gh2RBCG3ao2zZDuSD6fEPAjLcKCoQIDAQABo1AwTjAMBgNVHRMEBTAD
AQEAMAsGA1UdDwQEAwIA+DAxBgNVHSUEKjAoBggrBgEFBQcDAgYIKwYBBQUHAwUG
CCsGAQUFBwMGBggrBgEFBQcDBzANBgkqhkiG9w0BAQQFAAOBgQAMKBTnSwWj2JiF
OU8jj8NyH8iDTAQiao3KPkm5cJ68Iy2Mvc+AzqSGeAs2j16KSeqCJyB/qQLCF9Mz
YuMmMUHVoZhBEJC5BmDgoJnKCdpy8RKNMKnM1D4SjpC2bzzMSTEI+m9d82WZJpkH
hQ66eXWQtoiYhcO4XTOlK/IsIoiCszGCAdEwggHNAgEBMHcwcjEZMBcGA1UEAxMQ
Q0EgT3BlbiBQS0kgSmF2YTELMAkGA1UEBhMCZnIxETAPBgNVBAcTCG1hbGFrb2Zm
MRMwEQYDVQQLEwplLXNlcnZpY2VzMQ8wDQYDVQQKEwZ0aGFsZXMxDzANBgNVBAgT
BmZyYW5jZQIBFjAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B
BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMDkxMzE1NDAwMFowIwYJKoZIhvcNAQkEMRYE
FMqaRuz7aFCyektxeG8xfTRM7y4KMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcN
AwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgFAMA0GCCqG
SIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABIGAzmWy7YtpkjE9VdeRa/ehouTOe4v5
lsmfmgO5CnGfiEUaBxrzv7/VsHyZwKkiEPQnaTHVK8RlOxrI8gtS5Hu5hHglKwZM
nedE8p0eJle5YuTswORsV6bjHWsxlH9DVz3qCqupq7Ql5xbEo5SFxWwWUCPFDNJ6
OArF61cx1b0SZbA=
-----------Pkcs#7 End-----------
