java - Bouncycastle and S/MIME signing-time attribute -


i kind of new signing / certificate after checking google + so, can't find answer. have base code generating signature file pkcs #7 detached signature, , far good... client verify signature happy signature generated. have new requirement include date/time original file signed using s/mime signing-time attribute.

my code far dealing is:

    final attribute signingattribute = new attribute(cmsattributes.signingtime, new derset(new derutctime(new date())));      signedattributes.add(new attribute(cmsattributes.contenttype, new derset(new asn1objectidentifier("1.2.840.113549.1.7.1"))));     signedattributes.add(new attribute(cmsattributes.messagedigest, new derset(new deroctetstring(hash))));     signedattributes.add(signingattribute);     final attributetable signedattributestable = new attributetable(signedattributes);     final defaultsignedattributetablegenerator signedattributegenerator = new defaultsignedattributetablegenerator(signedattributestable);     // proceed signing process bouncycastle     final jcasimplesignerinfogeneratorbuilder builder = new jcasimplesignerinfogeneratorbuilder().setprovider("bc").setdirectsignature(true);     builder.setsignedattributegenerator(signedattributegenerator);     final signerinfogenerator signergenerator = builder.build("sha1withrsa", key, cert);      final cmssigneddatagenerator gen = new cmssigneddatagenerator();     ...

then code afterward same used have generating signature... doesn't work.

one thing not hash messagedigest:

    signedattributes.add(new attribute(cmsattributes.messagedigest, new derset(new deroctetstring(hash))));

i got hash generated as:

    messagedigest md = messagedigest.getinstance("sha1", "bc");     md.update(filetosign.getbytes("utf-8"));     hash = md.digest();

but absolutely not sure it's right way hash? , overall way s/mime signing-time attribute generated...

any hints or overall explanation on missed welcome.

ok after digging more code solution easy... first code can simplify , issue not @ related hash.

for getting signing time, can have 1 attribute:

final asn1encodablevector signedattributes = new asn1encodablevector(); final attribute signingattribute = new attribute(cmsattributes.signingtime, new derset(new derutctime(new date())));  signedattributes.add(signingattribute); // create signing table final attributetable signedattributestable = new attributetable(signedattributes); // create table table generator added signer builder final defaultsignedattributetablegenerator signedattributegenerator = new defaultsignedattributetablegenerator(signedattributestable);   final jcasimplesignerinfogeneratorbuilder builder = new jcasimplesignerinfogeneratorbuilder().setprovider(bouncycastleprovider.provider_name); builder.setsignedattributegenerator(signedattributegenerator);  // ****** not call: setdirectsignature(true); ***** final signerinfogenerator signergenerator = builder.build("sha1withrsa", key, cert);

the critical piece here in commented part:

// ****** not call: setdirectsignature(true); *****

if calling setdirectsignature(true), undo work done prior. according documentation:

if passed in flag true, signer signature based on data, not collection of signed attributes, , no signed attributes included.

so that's it... on signature generated have signing time...

i verified new client, , previous error/log getting gone


Comments

Post a Comment

Popular posts from this blog

matlab - Deleting rows with specific rules -

i got 20*3 cell array , need delete rows contains "137", "2" , "n:t" origin data: 't' '' '' 'np(*)' '' '' [ 137] '' '' [ 2] '' '' 'are' 'and' 'np(fcc_a1#1)' '' '' '1:t' [ 1200] [0.7052] '' [1.2051e+03] [0.7076] '' 'are' 'and' 'np(fcc_a1#3)' '' '' '2:t' [ 1200] [0.0673] '' [1.2051e+03] [0.0671] '' 'are' 'and' 'np(m23c6)' '' '' '3:t' [ 1200] [0.227...
Read more

image - ClassNotFoundException when add a prebuilt apk into system.img in android -

i'm in trouble add prebuilt apk system.img based taiwan mtk android phone platform, when push apk onto device,after reboot phone,the apk can installed succecessfully,but if add apk alps/out/target/product/$prj/system/app or vendor/mediatek/$prj/artifacts/out/target/product/$prj/system/app ,and produce system.img,the apk can't installed normally,the logcat say: a.lang.runtimeexception: unable instantiate activity componentinfo{com.sec.android.widgetapp.ap.hero.accuweather.widget/com.sec.android.widgetapp.ap.hero.accuweather.widget.weatherclock}: java.lang.classnotfoundexception: com.sec.android.widgetapp.ap.hero.accuweather.widget.weatherclock. can tell me what's problem ? when package manager installs apps part of system partition different installing apps on data partition. looks app using libraries somewhere else. when install on data lib directory created in apps data directory , symlinked /data/app-lib/. when apps installed on system it's expecte...
Read more