[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    [dev-crypto] Custom Signature object
From:       pippo baudo <dottzero () yahoo ! com>
Date:       2011-06-13 9:30:20
Message-ID: 781928.45317.qm () web130124 ! mail ! mud ! yahoo ! com
[Download RAW message or body]

Hi All.

For one project I'm following lately I'm implementing my own SignatureSpi 
implementation.
That involves the creation of three different objects:
1) MySignature extends SignatureSpi
2) MyPrivateKey implements RSAPrivateKey
3) MyProvider extends Provider

Inside MySignature I've implemented the sign() method.
As far as I know, the bytes I get to sign are an attribute table, so I've 
implemented my sign method this way:



            byte[] toSign = new DigestInfo(new 
AlgorithmIdentifier(X509ObjectIdentifiers.id_SHA1), 
DigestUtils.sha(attributeTableBytes)).getEncoded();
            Cipher cipher = Cipher.getInstance("RSA", new 
BouncyCastleProvider());
            cipher.init(Cipher.ENCRYPT_MODE, privKey, new SecureRandom());
            return cipher.doFinal(hash);


I call the signature this way:

CMSSignedDataStreamGenerator gen =  new CMSSignedDataStreamGenerator();
...
gen.addCertificatesAndCRLs(certstore);
gen.addSigner(new MyPrivateKey(), cert,
                    OIWObjectIdentifiers.idSHA1.getId(), new 
DefaultSignedAttributeTableGenerator(),
                    null, new MyProvider());
            OutputStream sigOut = new java.io.BufferedOutputStream(gen.open(new 
FileOutputStream("/tmp/test1.p7m"), true));
            sigOut.write("Hello".getBytes());
            sigOut.flush();
            sigOut.close();


However, while the produced P7M is correct, the signature verification always 
fails.
What do I do wrong?
I think the problem is inside the sign method, however, I really don't know 
what's wrong...

Thank you in advance!!

Regards,
Massimiliano

[prev in list] [next in list] [prev in thread] [next in thread]