[prev in list] [next in list] [prev in thread] [next in thread]
List: bouncycastle-crypto-dev
Subject: [dev-crypto] BouncyCastle vs BSAFE
From: fulgerica fulgerica <fulgerica2003 () gmail ! com>
Date: 2009-09-30 14:10:53
Message-ID: 41e573e20909300710j2dd09a94ke8f3422a5a3c1bd8 () mail ! gmail ! com
[Download RAW message or body]
Hello!
I have an application developed with BSAFE library; the application
allows signing and verification of signed files.
All the files signed with the BouncyCastle provider cannot be verified
with the application developed using BSAFE.
I performed the following test: I have signed a file with the
application and then signed the same file using the BC provider. On
both test I used the same certificates.
Then I have used openssl asn1parse –inform DER –in my_file >
my_file.txt to parse in order to see the differences.
The 2 files are identical at the begining, except one line.
Here is the BSAFE signed asn1 parsed file output
0:d=0 hl=2 l=inf cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-signedData
13:d=1 hl=2 l=inf cons: cont [ 0 ]
15:d=2 hl=2 l=inf cons: SEQUENCE
17:d=3 hl=2 l= 1 prim: INTEGER :01
20:d=3 hl=2 l= 11 cons: SET
22:d=4 hl=2 l= 9 cons: SEQUENCE
24:d=5 hl=2 l= 5 prim: OBJECT :sha1
31:d=5 hl=2 l= 0 prim: NULL
33:d=3 hl=2 l=inf cons: SEQUENCE
35:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data
46:d=4 hl=2 l=inf cons: cont [ 0 ]
48:d=5 hl=2 l=inf cons: OCTET STRING
50:d=6 hl=4 l= 599 prim: OCTET STRING
<some_content>
653:d=6 hl=2 l= 0 prim: EOC
655:d=5 hl=2 l= 0 prim: EOC
657:d=4 hl=2 l= 0 prim: EOC
659:d=3 hl=4 l=1722 cons: cont [ 0 ]
663:d=4 hl=4 l=1055 cons: SEQUENCE
667:d=5 hl=4 l= 904 cons: SEQUENCE
671:d=6 hl=2 l= 3 cons: cont [ 0 ]
673:d=7 hl=2 l= 1 prim: INTEGER :02
676:d=6 hl=2 l= 10 prim: INTEGER :7AFA65D40000000004C6
688:d=6 hl=2 l= 13 cons: SEQUENCE
690:d=7 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
701:d=7 hl=2 l= 0 prim: NULL
703:d=6 hl=3 l= 133 cons: SEQUENCE
706:d=7 hl=2 l= 11 cons: SET
708:d=8 hl=2 l= 9 cons: SEQUENCE
710:d=9 hl=2 l= 3 prim: OBJECT :countryName
715:d=9 hl=2 l= 2 prim: PRINTABLESTRING :RO
Here is the BC signed asn1 parsed file output
0:d=0 hl=2 l=inf cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-signedData
13:d=1 hl=2 l=inf cons: cont [ 0 ]
15:d=2 hl=2 l=inf cons: SEQUENCE
17:d=3 hl=2 l= 1 prim: INTEGER :01
20:d=3 hl=2 l= 11 cons: SET
22:d=4 hl=2 l= 9 cons: SEQUENCE
24:d=5 hl=2 l= 5 prim: OBJECT :sha1
31:d=5 hl=2 l= 0 prim: NULL
33:d=3 hl=2 l=inf cons: SEQUENCE
35:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data
46:d=4 hl=2 l=inf cons: cont [ 0 ]
48:d=5 hl=2 l=inf cons: OCTET STRING
50:d=6 hl=4 l= 599 prim: OCTET STRING
<some_content>
653:d=6 hl=2 l= 0 prim: EOC
655:d=5 hl=2 l= 0 prim: EOC
657:d=4 hl=2 l= 0 prim: EOC
659:d=3 hl=2 l=inf cons: cont [ 0 ]
661:d=4 hl=4 l=1055 cons: SEQUENCE
665:d=5 hl=4 l= 904 cons: SEQUENCE
669:d=6 hl=2 l= 3 cons: cont [ 0 ]
671:d=7 hl=2 l= 1 prim: INTEGER :02
674:d=6 hl=2 l= 10 prim: INTEGER :7AFA65D40000000004C6
686:d=6 hl=2 l= 13 cons: SEQUENCE
688:d=7 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
699:d=7 hl=2 l= 0 prim: NULL
701:d=6 hl=3 l= 133 cons: SEQUENCE
704:d=7 hl=2 l= 11 cons: SET
706:d=8 hl=2 l= 9 cons: SEQUENCE
708:d=9 hl=2 l= 3 prim: OBJECT :countryName
713:d=9 hl=2 l= 2 prim: PRINTABLESTRING :RO
The difference between those two outputs is the line 659:d=3 hl=4
l=1722 cons: cont [ 0 ] in the first file; in the second file, the one
signed using BC provider, the same line looks like 659:d=3 hl=2 l=inf
cons: cont [ 0 ]
Does anybody knows what the problem might be? Is that the length of
the certificates tag that is not completed for BC signing?
Thank you!
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic