RE: Problem(s) verifying signed message with detached content

Jon,

Your usage of the SFL looks appropriate you have just found one bug and I am not sure yet about the second problem.

The first problem you reported "encapsulated content digest != message digest attribute" happens because the SHA-256 message digest reference algorithm that we use does not return the digest in platform independent endianness, so the digest comparison fails. The first problem was easy to fix, simply add the following code at line 4674 of smp/SMIME/alg_libs/sm_free3/sm_free3.cpp:

} else if (oidDigest == SNACC::id_SHA256 ||

oidDigest == SNACC::id_ecdsa_with_SHA256)

{

bool bLastBlock = false; // set to true when this is the last block

CryptoPP::SHA256 sha256;

int bytesProcessed=0;

int loop = pData->Length() / sha256.DigestSize();

SME(pData->Open(SM_FOPEN_READ));

while (!bLastBlock)

{

SME(pchData = pData->nRead(sha256.DigestSize(), (SM_SIZE_T&)lBytesRead));

if ((lBytesRead != sha256.DigestSize()) || (pchData == NULL))

bLastBlock = true;

sha256.Update((const unsigned char *)pchData, lBytesRead);

}

CryptoPP::SecByteBlock digest(sha256.DigestSize());

sha256.Final(digest);

SME(pDigest->Open(SM_FOPEN_WRITE)); // open the digest buffer

SME(pDigest->Write((char *)digest.data(), digest.m_size));

status = 0;

}

If you do this then the SFL Free 3 CTIL will use crypto++ SHA-256 message digest algorithm which works correctly and returns the digest in the correct endianness.

I am still looking into the second problem and will get back to your shortly.

--Tom

From: owner-imc-sfl@xxxxxxxxxxxx [mailto:owner-imc-sfl@xxxxxxxxxxxx] On Behalf Of Rupe, Jonathan C UTCFS
Sent: Wednesday, May 16, 2007 11:47 AM
To: imc-sfl@xxxxxxxx
Subject: Problem(s) verifying signed message with detached content

I am having a problem (or two) verifying a signed message that has detached content. I am getting the error "encapsulated content digest != message digest attribute". However, I have been able to successfully verify the message with another API (that I cannot use). If I skip past where this exception is thrown (in sm_msgsignerinfo.cpp) I also get the following error: "RSA OID Unknown or Not Handled Yet!" The hashing algorithm is SHA-256 and signature algorithm is RSA. Is this supported? Below is my code and attached are the sample files.

I'm new with all this stuff so any help (especially sample code :)) will be greatly appreciated!

Thanks!
Jon

CSM_AppLogin appLogin;
appLogin.AddLogin(CTIL_FILE_NAME, NULL);

CSM_Buffer contentInfoBuf("./CHUIDSig.bin");
CSM_Buffer* pSignedDataBuf = NULL;

CSM_ContentInfoMsg contentInfoMsg(&contentInfoBuf);
if (contentInfoMsg.IsSignedData())
{
SM_RET_VAL retVal = 0;

        CSM_MsgToVerify msgToVerify; //(&contentInfoMsg);

        pSignedDataBuf = new CSM_Buffer(        contentInfoMsg.AccessEncapContentClear()->m_content.Access(),
                                                        contentInfoMsg.AccessEncapContentClear()->m_content.Length() );

        retVal = msgToVerify.PreProc(&appLogin, pSignedDataBuf);
        if( retVal != SM_NO_ERROR )
        {
                tcout <<_T("Failed to process verification message.") <<endl;
                return 1;
        }

        CSM_Buffer encapContent("./CHUIDData.bin");
        CSM_Content content(&encapContent);
        SNACC::AsnOid encapAsnOid = ID_PIV_CHUIDSECURITYOBJECT;
        msgToVerify.SetEncapContentClear(content);

        if( (retVal = msgToVerify.Verify(&appLogin)) == SM_NO_ERROR )
        {
                tcout <<_T("Verification passed!") <<endl;
        }
        else
        {
                tcout <<_T("Failed signature verification.") <<endl;
        }
}
else
{
        tcout <<_T("Content doesn't contain SignedData") <<endl;
}

<<TestData.zip>>