Comments (3)
Hi,
It seems like the structure of the applied signingCertificateV2 element is not correct. In your sample, it starts from an OCTETSTRING, while it should begin with a SEQUENCE, see RFC 5035. See below an example of a valid signingCertificateV2 attribute:
SEQUENCE
ObjectIdentifier signingCertificateV2 (1 2 840 113549 1 9 16 2 47)
SET
SEQUENCE
SEQUENCE
SEQUENCE
OCTETSTRING d2db2 <...> b5dad
SEQUENCE
SEQUENCE
[4]
SEQUENCE
SET
SEQUENCE
ObjectIdentifier countryName (2 5 4 6)
PrintableString 'SI'
SET
SEQUENCE
ObjectIdentifier organizationName (2 5 4 10)
PrintableString 'Ha'
SET
SEQUENCE
ObjectIdentifier organizationIdentifier (2 5 4 97)
PrintableString 'VA'
SET
SEQUENCE
ObjectIdentifier commonName (2 5 4 3)
PrintableString 'TEST'
INTEGER 33ae
Best regards,
Aleksandr
from dss-demonstrations.
Thank you! I'm still trying to solve the problem!
from dss-demonstrations.
I figured it out! The correct way to add the ess_signing_certificate is using OpenSSL is:
ESS_SIGNING_CERT_V2* signing_cert = OSSL_ESS_signing_cert_v2_new_init(EVP_get_digestbyname(this->hash_type.c_str()), this->x509_cert, this->x509_chain, -1);
int len_sign_cert = i2d_ESS_SIGNING_CERT_V2(signing_cert, NULL);
unsigned char* encoded_data = (unsigned char*)malloc(len_sign_cert * sizeof(unsigned char));
unsigned char* p = encoded_data; // i2d function is moving the pointer so we have to save the initial position
i2d_ESS_SIGNING_CERT_V2(signing_cert, &p);
ASN1_STRING* seq = ASN1_STRING_new();
ASN1_STRING_set(seq, encoded_data, len_sign_cert);
PKCS7_add_signed_attribute(p7Si, NID_id_smime_aa_signingCertificateV2, V_ASN1_SEQUENCE, seq);
This is a slice of code, some attributes are initialized as members of a class.
I hope this would help other people who will have the same issue!
from dss-demonstrations.
Related Issues (20)
- Is there a nice tutorial somewhere? HOT 2
- [Feature Request] Add a spring boot webapp alternative HOT 2
- Error when validating PDF file HOT 2
- REST API certificate chain error HOT 2
- VIsible signature via REST API HOT 3
- Disable logs from o.a.c.services.RestDocumentValidationServiceImpl HOT 2
- Is it possible to add custom certificates to DSS' list of trusted certificates? HOT 4
- Is it possible to create PAdES-B-LT and PAdES-B-LTA documents via REST API? HOT 4
- Configuration of the demonstration webapp's ip and port HOT 2
- Online refresh with https://www.ssi.gouv.fr/uploads/tl-fr.xml raises [Received fatal alert: protocol_version] HOT 5
- Standalone application for Mac OS HOT 3
- Use additional trusted certificates in DSS DemoWebapp HOT 3
- Visible Signature via RestAPI HOT 2
- PDF_NOT_ETSI error while trying to verify a signature with DSS Validation Tool HOT 4
- Please teach how to create the jar file of dss-spi-x509-aia, which is not included in central repository HOT 2
- Please teach how to create the jar file of dss-spi-x509-aia, which is not included in central repository HOT 1
- DSS demonstration tool not recognising OCSP response for signing cert HOT 6
- Error "The time-stamp message imprint is not intact!" while trying to increment the level of signature in PAdES B-T HOT 1
- [BUG] The openapi generation does not correctly generate the structure json for the property bytes HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dss-demonstrations.