[prev in list] [next in list] [prev in thread] [next in thread]
List: bouncycastle-crypto-dev
Subject: Re: [dev-crypto] Cades Sign
From: Satoru Otsubo <trnsnt () otip ! jp>
Date: 2010-02-15 4:09:29
Message-ID: 20100215130929.6e78358e.trnsnt () otip ! jp
[Download RAW message or body]
Hi,
When adding an unsigned attribute to the group of unsigned attributes to create a new \
CAdES, you can not change the structure of the CAdES existing before such adding. \
That is, if the previous structure is in a style of "definite length", then you need \
to maintain such a structure. But when creating a new CAdES by using \
org.bouncycastle.cms.SignerInformation.replaceUnsignedAttributes and \
org.bouncycastle.cms.CMSSignedData.replaceSigner, I think it becomes in a style of \
"indefinite length." Therefore it is needed to find a way an existing CAdES structure \
is maintained.
Satoru Otsubo
>
> Yes, this would be correct. I'll look into this - it's a little bit
> tricky as we'll need to distinguish between signed and unsigned
> attributes.
>
> Regards,
>
> David
>
> On Fri, 2010-02-12 at 15:26 +0900, Satoru Otsubo wrote:
> > Hi,
> >
> > In CAdES, unsigned attributes have to be set in chronological order.
> > But org.bouncycastle.asn1.cms.AttributeTable has been created with DER Set.
> > Therefore the cronological order of unsigned attributes is not maintained.
> > I think AttributeTable programmed with BER set is needed.
> >
> > Satoru Otsubo
> >
>
>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic