Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

signing with CAPICOM, verifying with Java

843811Oct 13 2005 — edited Dec 15 2005
I have to verify digital signs created with the CAPICOM dll by
Microsoft. I have found some advices to proceed with the BouncyCastle
library but until now all the tries failed. Particularly I am always getting an exception like this:

org.bouncycastle.cms.CMSException: invalid signature format in message: + content hash found in signed attributes different

This is the code I am using:

public class CAPICOMVerifier {

public static void main(String[] args) {
/*
String sign =
"MIIMZAYJKoZIhvcNAQcCoIIMVTCCDFECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3" +
"DQEHAaCCCnIwggR5MIIDYaADAgECAgEHMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV" +
"BAYTAkJHMQ4wDAYDVQQHEwVTb2ZpYTEYMBYGA1UEChMPQmFua3NlcnZpY2UgUExD" +
"MRAwDgYDVQQLEwdCLVRydXN0MTAwLgYDVQQDEydCLVRydXN0IERvbWVzdGljIFJv" +
"b3QgQ0EgLSAyMDQ4IExldmVsIDAwHhcNMDMwNDA0MTIwNTE5WhcNMTMxMjMxMTIw" +
"MDAwWjCCAQoxCzAJBgNVBAYTAkJHMQ4wDAYDVQQIEwVTb2ZpYTEOMAwGA1UEBxMF" +
"U29maWExLjAsBgNVBAoTJUJhbmtzZXJ2aWNlIFBMQyAtIEJVTFNUQVQgVSAwMDA2" +
"NDA5NTQxEDAOBgNVBAsTB0ItVHJ1c3QxLDAqBgNVBAMTI0ItVHJ1c3QgRG9tZXN0" +
"aWMgQ0ExIC0gMTAyNCBMZXZlbCAxMSEwHwYDVQQJExg0MSwgVHphciBCb3JpcyBJ" +
"SUkgYmx2ZC4xDTALBgNVBBETBDE2MTIxHjAcBgkqhkiG9w0BCQEWD2NhMUBiLXRy" +
"dXN0Lm9yZzEZMBcGA1UEFBMQKzM1OSAyIDkgMjE1IDEwMDCBnzANBgkqhkiG9w0B" +
"AQEFAAOBjQAwgYkCgYEAuwevqryGzKEa6kwPrsblS0MdLOifvLp4gz6yldoCy5ad" +
"ODku7ZvaeJINyBsPtEDdzJgmvY65hweCv5iMVtJ+iS0XNK0Oe2Et3JLJc5ISkA/e" +
"lH+NuKJkwIvRA3rSb/di6778VGUlulil/mf8XgpEtNnFLA1qAz6VXjOadrrBcBMC" +
"AwEAAaOB+jCB9zAfBgNVHSMEGDAWgBTVTLNeADU+o2OFokjD1EZEEaHUWDAdBgNV" +
"HQ4EFgQU23qBsPh6X2eqrjlxFSTZlWtrnFAwDgYDVR0PAQH/BAQDAgFGMEcGA1Ud" +
"IARAMD4wPAYKKwYBBAH7dgEBATAuMCwGCCsGAQUFBwIBFiBodHRwOi8vd3d3LmIt" +
"dHJ1c3Qub3JnL2RvY3VtZW50czASBgNVHRMBAf8ECDAGAQH/AgEDMEgGA1UdHwRB" +
"MD8wPaA3oDWGM2h0dHA6Ly93d3cuYi10cnVzdC5vcmcvcmVwb3NpdG9yeS9yb290" +
"L2NybC9yb290LmNybIECAX4wDQYJKoZIhvcNAQEFBQADggEBAM6f5u2ibHfZSlgd" +
"jvqUts1dchYCY07Q2UbSl4/UAPTiaSRfBZMoGRcbIKKpR7rB3+Q8YiVfwjrXYboO" +
"fBSs5pDZJRgGnVzu0QmgQJ4Z5lS5T1w8KZ5ZktQxJOwdpjHiyK9GJiH3nQjDdaGw" +
"g/iMJn7yEwkpSKNFaFDEIMnBNB7NjC01NtYK/l0jV7eRsExPdbdG1bNI7UGqmiVC" +
"DeR8vYWBMPsjTA1u3aKyYRtnnEZZFe33dHXsvUvfEuJ9ljxG0LQluCOiLP7DLoTo" +
"KOwP0kzijdUlOzgpLyzg/rHy22LKeMRNBTfHcnV2PJ7z7xV9KQhZ3vFqHtMELSXR" +
"w/r/VYowggXxMIIFWqADAgECAgIEAzANBgkqhkiG9w0BAQUFADCCAQoxCzAJBgNV" +
"BAYTAkJHMQ4wDAYDVQQIEwVTb2ZpYTEOMAwGA1UEBxMFU29maWExLjAsBgNVBAoT" +
"JUJhbmtzZXJ2aWNlIFBMQyAtIEJVTFNUQVQgVSAwMDA2NDA5NTQxEDAOBgNVBAsT" +
"B0ItVHJ1c3QxLDAqBgNVBAMTI0ItVHJ1c3QgRG9tZXN0aWMgQ0ExIC0gMTAyNCBM" +
"ZXZlbCAxMSEwHwYDVQQJExg0MSwgVHphciBCb3JpcyBJSUkgYmx2ZC4xDTALBgNV" +
"BBETBDE2MTIxHjAcBgkqhkiG9w0BCQEWD2NhMUBiLXRydXN0Lm9yZzEZMBcGA1UE" +
"FBMQKzM1OSAyIDkgMjE1IDEwMDAeFw0wMzEyMTYxMTMyNDlaFw0wNDEyMTYxMTMy" +
"NDlaMIICBDELMAkGA1UEBhMCQkcxMTAvBgNVBAgTKGprLktyLlBvbGlhbmEgYmwu" +
"MzksU29maWEsRUdOOjU1MDQyODY0MTQxDjAMBgNVBAcTBVNvZmlhMSkwJwYDVQQK" +
"EyBGaW5hbmNpYWwgU3VwZXJ2aXNpb24gQ29tbWlzc2lvbjEfMB0GA1UECxMWUHJv" +
"ZmVzc2lvbmFsIEUgQ2xhc3MgMjEvMC0GA1UECxMmUVM6VW5pdmVyc2FsIFNpZ25h" +
"dHVyZSBDZXJ0aWZpY2F0ZS1ZZXMxHDAaBgNVBAsTE090ZGVsOlNjaGV0b3ZvZHN0" +
"dm8xFTATBgNVBAsTDFNSOkRWMjUvMjAwMzEaMBgGA1UECxMRQlVMU1RBVDoxMzEw" +
"NjA2NzYxFjAUBgNVBAsTDUROOjEyMjIxMzEwMzcxGjAYBgNVBAsTEURUOjIwMDMx" +
"MjEwMTQyNDI2MSEwHwYDVQQDExhUYXR5YW5hIEl2YW5vdmEgWmhpdmtvdmExKjAo" +
"BgNVBAwTIUdsLmVrc3BlcnQ6dC5kIFAtMDctMzMvMjYuMDMuMjAwMzEdMBsGA1UE" +
"CRMUcGwuU3YuTmVkZWxpYTYsU29maWExDTALBgNVBBETBDEwMDAxHzAdBgkqhkiG" +
"9w0BCQEWEGppdmtvdmFfdEBmc2MuYmcxEjAQBgNVBBQTCTIgOTQwNDY5MDCBnzAN" +
"BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo/9+4DZBlIstZ4bqZpbNERwis8oQQXBX" +
"Y8pEV0yUOtdsS48KKEChg3DdseibNtCEKawaxMr2h7A5jnhubnc6w3gjr4Id0vmq" +
"7f1HR0XjYlFp+uhkhMtVNgrkW2FMbd8GDAJ4ZUxNEtFBByIKP8zM11NlCwZFFvMR" +
"0X0mPRTzaHECAwEAAaOCAWYwggFiMB8GA1UdIwQYMBaAFNt6gbD4el9nqq45cRUk" +
"2ZVra5xQMB0GA1UdDgQWBBQ+fb2KGkUrRiIgASyi8KIXBMmrXTAOBgNVHQ8BAf8E" +
"BAMCA/gwRQYDVR0lBD4wPAYIKwYBBQUHAwIGCCsGAQUFBwMEBggrBgEFBQcDBQYI" +
"KwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQgCAjBMBgNVHSAERTBDMEEGCysGAQQB" +
"+3YBAQEEMDIwMAYIKwYBBQUHAgEWJGh0dHA6Ly93d3cuYi10cnVzdC5vcmcvZG9j" +
"dW1lbnRzL2NwczAwBgNVHRIEKTAnhiVodHRwOi8vd3d3LmNyYy5iZy92Mi9maWxl" +
"cy9iZy84MDguaHRtMEkGA1UdHwRCMEAwPqA4oDaGNGh0dHA6Ly93d3cuYi10cnVz" +
"dC5vcmcvcmVwb3NpdG9yeS9jYS9jcmwvYi10cnVzdC5jcmyBAgF+MA0GCSqGSIb3" +
"DQEBBQUAA4GBAKQiyQK4bzJWkIhecVey/y3GQifn5jHkWFhcfrhTbGWdL16loJwx" +
"sNtm6b3tbRaJLvTvicIp0h7O+JR4WZ+4aB6iqCLq1scKM5T5dqSHUOVli/24GTPY" +
"lnXs2O5lCjVJvnurAt5Q35A6RkAXESNRwL/Ef5IOb6JZNAIp8zNflex4MYIBujCC" +
"AbYCAQEwggESMIIBCjELMAkGA1UEBhMCQkcxDjAMBgNVBAgTBVNvZmlhMQ4wDAYD" +
"VQQHEwVTb2ZpYTEuMCwGA1UEChMlQmFua3NlcnZpY2UgUExDIC0gQlVMU1RBVCBV" +
"IDAwMDY0MDk1NDEQMA4GA1UECxMHQi1UcnVzdDEsMCoGA1UEAxMjQi1UcnVzdCBE" +
"b21lc3RpYyBDQTEgLSAxMDI0IExldmVsIDExITAfBgNVBAkTGDQxLCBUemFyIEJv" +
"cmlzIElJSSBibHZkLjENMAsGA1UEERMEMTYxMjEeMBwGCSqGSIb3DQEJARYPY2Ex" +
"QGItdHJ1c3Qub3JnMRkwFwYDVQQUExArMzU5IDIgOSAyMTUgMTAwAgIEAzAJBgUr" +
"DgMCGgUAMA0GCSqGSIb3DQEBAQUABIGAIKyF7oVH1Lirt8QkFKf8zdBh4kbQA0db" +
"MzqsUEfbXNPSuEHO9FkBAfjNQBWkYoO3pNKzXLomO5lRmR2WFMLah8T3DIecV68h" +
"Q8+48u6sJ3DX0CfzRk5R4/YK4PXnAezTSDbBZPVcgJQS61qmKyjXv7Ifaa/slqfU" +
"Hbenr/QB3EY=";

String signedText = "alabala";
*/



String sign =
"MIIHFgYJKoZIhvcNAQcCoIIHBzCCBwMCAQExCzAJBgUrDgMCGgUAMC8GCSqGSIb3" +
"DQEHAaAiBCAMAMYCAgA5IPMAqgBqAGoAFAA+ANgARgDyAL4AHgCkAKCCBQ8wggUL" +
"MIID86ADAgECAgMA8qcwDQYJKoZIhvcNAQEFBQAwgZ0xCzAJBgNVBAYTAklUMRgw" +
"FgYDVQQKEw9JbmZvQ2FtZXJlIFNDcEExFDASBgNVBAUTCzAyMzEzODIxMDA3MTcw" +
"NQYDVQQLEy5DZXJ0aWZpY2F0b3JlIEFjY3JlZGl0YXRvIGRlbCBTaXN0ZW1hIENh" +
"bWVyYWxlMSUwIwYDVQQDExxJbmZvQ2FtZXJlIEZpcm1hIFF1YWxpZmljYXRhMB4X" +
"DTA1MDEwNTA5MjAyMVoXDTA4MDEwNTAwMDAwMFowga8xCzAJBgNVBAYTAklUMRcw" +
"FQYDVQQKEw5Ob24gRGljaGlhcmF0bzEeMBwGA1UECxMVUkE9Qy5DLkkuQS5BLiBE" +
"SSBCQVJJMTkwNwYDVQQDEzBHVUdMSUVMTUkvR0lVTElBTkEvR0dMR0xONjRUNjdF" +
"MTU1Vy8yMDAzMTExMjM1MzkxLDAqBgNVBA0TI0M9R3VnbGllbG1pL049R2l1bGlh" +
"bmEvRD0yNy0xMi0xOTY0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDm9BY" +
"sCnQtIb1g5hyf5pK+tSSJvfLbAkbeiekKfCcp0nNVJqXRvBiTM54jybD4wq/2EGS" +
"6a/IUb0t6Q3eUv8Tx+IXnjzGDdddNMq5cYl2Wzwwo6ODORxSycnKjsK5XJm/laLy" +
"SFy/c/0Lr8kuzD4O81i90y4wPdfS+oCp8MF64wIDAQABo4IBwjCCAb4wUAYDVR0g" +
"BEkwRzBFBgYrTA4BAQEwOzA5BggrBgEFBQcCARYtaHR0cDovL3d3dy5jYXJkLmlu" +
"Zm9jYW1lcmUuaXQvZG9jL21hbnVhbGkuaHRtMBgGCCsGAQUFBwEDBAwwCjAIBgYE" +
"AI5GAQEwDgYDVR0PAQH/BAQDAgZAMCcGA1UdEgQgMB6BHGZpcm1hLmRpZ2l0YWxl" +
"QGluZm9jYW1lcmUuaXQwHwYDVR0jBBgwFoAUZl1px+XiUNxeaeROTm5EWZaR22sw" +
"gdYGA1UdHwSBzjCByzCByKCBxaCBwoaBv2xkYXA6Ly9sZGFwMi5pbmZvY2FtZXJl" +
"Lml0OjM4OS9jbiUzZEluZm9DYW1lcmUlMjBGaXJtYSUyMFF1YWxpZmljYXRhJTIw" +
"Q1JMMDEsb3UlM2RDZXJ0aWZpY2F0b3JlJTIwQWNjcmVkaXRhdG8lMjBkZWwlMjBT" +
"aXN0ZW1hJTIwQ2FtZXJhbGUsbyUzZEluZm9DYW1lcmUlMjBTQ3BBLGMlM2RJVD9j" +
"ZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0MB0GA1UdDgQWBBSGQ2tAV49PFjqXzwBk" +
"RQ9T/qEPODANBgkqhkiG9w0BAQUFAAOCAQEAPZn0TwM3oRXnz+wuMIbg/g6OzIe9" +
"N1C91v13/axMVWnh19d1jbcp6FqaYZZQmP9OTQ+bvc+erx0zDV+RGFuApRAC8jIo" +
"/CY66r+BsHezht9Y9p9wb/twgR7SG0eLmFMCY1xODbIkW4i3DqQQ2gxqHbPaxlFs" +
"XHc9CnC6dtjcQC+ztnt1gJsN2i0IA8N074do5gAYleDJDlm1NtRNSmQsoL1euk1N" +
"PfPkSpV2iNfnnaPe0pSUnX27ATYVS3clNTUaijkChB7NLXWtQFsHmcQAsImPjVAp" +
"Zw4ujFgvW+Js6XWsOgqM3VXYD9DieDncIUTueefXkafVy5bix2tj0Lr24TGCAasw" +
"ggGnAgEBMIGlMIGdMQswCQYDVQQGEwJJVDEYMBYGA1UEChMPSW5mb0NhbWVyZSBT" +
"Q3BBMRQwEgYDVQQFEwswMjMxMzgyMTAwNzE3MDUGA1UECxMuQ2VydGlmaWNhdG9y" +
"ZSBBY2NyZWRpdGF0byBkZWwgU2lzdGVtYSBDYW1lcmFsZTElMCMGA1UEAxMcSW5m" +
"b0NhbWVyZSBGaXJtYSBRdWFsaWZpY2F0YQIDAPKnMAkGBSsOAwIaBQCgXTAYBgkq" +
"hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNTEwMTExNTM4" +
"MzhaMCMGCSqGSIb3DQEJBDEWBBTM9xJFwXlRg6zVrM1bqvLY65GTDTANBgkqhkiG" +
"9w0BAQEFAASBgD5iBMmO1oYeEtemZhxRDKWljzWdMgDNdSCQmmaEVRQrnuXNPb/T" +
"+j15ue/RN7vrlHiHr7i985l10L2ZHjfiXVPLQFY9xNga1tYpvowzD3z58aSYUQ2B" +
"eE7rvX7GlBlE0sqr4AwggClx7eC8y/RRy5CYmI5PO9gOkk+BINV8zGAg";

String signedText = "pippo";



try {
byte[] baSign = Base64.decode(sign);
byte[] baSignedText = signedText.getBytes("UnicodeLittleUnmarked");

Security.addProvider(new BouncyCastleProvider());

CMSProcessableByteArray cmsByteArray = new CMSProcessableByteArray(baSignedText);
CMSSignedData cmsSignedData = new CMSSignedData(cmsByteArray, baSign);

CertStore certs = cmsSignedData.getCertificatesAndCRLs("Collection", "BC");

SignerInformationStore signers = cmsSignedData.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();

boolean verificationResult = false;
while (it.hasNext()) {
SignerInformation signer = (SignerInformation)it.next();

SignerId signerId = signer.getSID();

Collection certCollection = certs.getCertificates(signerId);

Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();

// System.out.println("cert:\n" + cert);

verificationResult = verificationResult || signer.verify(cert, "BC");
}

System.out.println(verificationResult);

} catch (Exception e) {
e.printStackTrace();
}
}
}


Did anybody had a similar experience? Thank you.
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jan 12 2006
Added on Oct 13 2005
#cryptography
1 comment
450 views