'Bouncy Castle signature verification fails for known good signature
I'm working with a platform that sends and receives very large AS/2 S/MIME messages and have problems verifying the signature for multipart/signed. The signatures that are generated by my code are valid and accepted by other systems. I can successfully verify my own signatures as well. Unfortunately my code chokes on some known good signatures from other systems, even for small messages. The verification code looks like this (simplified):
CMSSignedDataParser sp = new CMSSignedDataParser(
new JcaDigestCalculatorProviderBuilder()
.setProvider("BC")
.build(),
new CMSTypedStream(contentStream),
signature
);
sp.getSignedContent().drain();
// get signer cert from signer infos or pass it in as parameter
signer.verify(
new JcaSimpleSignerInfoVerifierBuilder()
.setProvider("BC")
.build(signerCert)
);
The verify method returns false for the "known good" signature. It does not throw, which it does if the digest is wrong. I have tried passing in the certificate as an argument and getting it from the signer infos. The code works for my own signatures. Changing to non-streaming classes with CMSProcessableByteArray makes no difference. Using signerCert.getPublicKey() also makes no difference.
Looking at the signature data, the "known good" to the right lacks an attribute table, otherwise the two are very similar.
0:d=0 hl=2 l=inf cons: SEQUENCE 0:d=0 hl=2 l=inf cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-signedD 2:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-signedD
13:d=1 hl=2 l=inf cons: cont [ 0 ] 13:d=1 hl=2 l=inf cons: cont [ 0 ]
15:d=2 hl=2 l=inf cons: SEQUENCE 15:d=2 hl=2 l=inf cons: SEQUENCE
17:d=3 hl=2 l= 1 prim: INTEGER :01 17:d=3 hl=2 l= 1 prim: INTEGER :01
20:d=3 hl=2 l= 11 cons: SET 20:d=3 hl=2 l= 11 cons: SET
22:d=4 hl=2 l= 9 cons: SEQUENCE 22:d=4 hl=2 l= 9 cons: SEQUENCE
24:d=5 hl=2 l= 5 prim: OBJECT :sha1 24:d=5 hl=2 l= 5 prim: OBJECT :sha1
31:d=5 hl=2 l= 0 prim: NULL 31:d=5 hl=2 l= 0 prim: NULL
33:d=3 hl=2 l=inf cons: SEQUENCE 33:d=3 hl=2 l=inf cons: SEQUENCE
35:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data 35:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data
46:d=4 hl=2 l= 0 prim: EOC 46:d=4 hl=2 l= 0 prim: EOC
48:d=3 hl=2 l=inf cons: cont [ 0 ] | 48:d=3 hl=4 l= 811 cons: cont [ 0 ]
50:d=4 hl=4 l= 807 cons: SEQUENCE | 52:d=4 hl=4 l= 807 cons: SEQUENCE
54:d=5 hl=4 l= 527 cons: SEQUENCE | 56:d=5 hl=4 l= 527 cons: SEQUENCE
58:d=6 hl=2 l= 3 cons: cont [ 0 ] | 60:d=6 hl=2 l= 3 cons: cont [ 0 ]
60:d=7 hl=2 l= 1 prim: INTEGER :02 | 62:d=7 hl=2 l= 1 prim: INTEGER :02
63:d=6 hl=2 l= 16 prim: INTEGER :153D15DC586C0 | 65:d=6 hl=2 l= 16 prim: INTEGER :153D15DC586C0
81:d=6 hl=2 l= 13 cons: SEQUENCE | 83:d=6 hl=2 l= 13 cons: SEQUENCE
83:d=7 hl=2 l= 9 prim: OBJECT :sha1WithRSAEn | 85:d=7 hl=2 l= 9 prim: OBJECT :sha1WithRSAEn
94:d=7 hl=2 l= 0 prim: NULL | 96:d=7 hl=2 l= 0 prim: NULL
96:d=6 hl=2 l= 25 cons: SEQUENCE | 98:d=6 hl=2 l= 25 cons: SEQUENCE
98:d=7 hl=2 l= 23 cons: SET | 100:d=7 hl=2 l= 23 cons: SET
100:d=8 hl=2 l= 21 cons: SEQUENCE | 102:d=8 hl=2 l= 21 cons: SEQUENCE
102:d=9 hl=2 l= 3 prim: OBJECT :commonName | 104:d=9 hl=2 l= 3 prim: OBJECT :commonName
107:d=9 hl=2 l= 14 prim: UTF8STRING :as2.example.s | 109:d=9 hl=2 l= 14 prim: UTF8STRING :as2.example.s
123:d=6 hl=2 l= 30 cons: SEQUENCE | 125:d=6 hl=2 l= 30 cons: SEQUENCE
125:d=7 hl=2 l= 13 prim: UTCTIME :190208065447Z | 127:d=7 hl=2 l= 13 prim: UTCTIME :190208065447Z
140:d=7 hl=2 l= 13 prim: UTCTIME :240208070447Z | 142:d=7 hl=2 l= 13 prim: UTCTIME :240208070447Z
155:d=6 hl=2 l= 25 cons: SEQUENCE | 157:d=6 hl=2 l= 25 cons: SEQUENCE
157:d=7 hl=2 l= 23 cons: SET | 159:d=7 hl=2 l= 23 cons: SET
159:d=8 hl=2 l= 21 cons: SEQUENCE | 161:d=8 hl=2 l= 21 cons: SEQUENCE
161:d=9 hl=2 l= 3 prim: OBJECT :commonName | 163:d=9 hl=2 l= 3 prim: OBJECT :commonName
166:d=9 hl=2 l= 14 prim: UTF8STRING :as2.example.s | 168:d=9 hl=2 l= 14 prim: UTF8STRING :as2.example.s
182:d=6 hl=4 l= 290 cons: SEQUENCE | 184:d=6 hl=4 l= 290 cons: SEQUENCE
186:d=7 hl=2 l= 13 cons: SEQUENCE | 188:d=7 hl=2 l= 13 cons: SEQUENCE
188:d=8 hl=2 l= 9 prim: OBJECT :rsaEncryption | 190:d=8 hl=2 l= 9 prim: OBJECT :rsaEncryption
199:d=8 hl=2 l= 0 prim: NULL | 201:d=8 hl=2 l= 0 prim: NULL
201:d=7 hl=4 l= 271 prim: BIT STRING | 203:d=7 hl=4 l= 271 prim: BIT STRING
0000 - 00 30 82 01 0a 02 82 01-01 00 cd f2 29 98 3b 8d 0000 - 00 30 82 01 0a 02 82 01-01 00 cd f2 29 98 3b 8d
0010 - c5 14 d3 51 38 c8 bb ae-3b 19 9e 7a f9 8e 97 61 0010 - c5 14 d3 51 38 c8 bb ae-3b 19 9e 7a f9 8e 97 61
0020 - 5e 99 3d cb cc 4f 4a a9-79 53 d5 ef 12 29 60 1e 0020 - 5e 99 3d cb cc 4f 4a a9-79 53 d5 ef 12 29 60 1e
0030 - 8f 49 0a f3 dc 4c a0 39-71 ec 05 9c 27 44 ab b7 0030 - 8f 49 0a f3 dc 4c a0 39-71 ec 05 9c 27 44 ab b7
0040 - 6d ee 5d ab 95 d7 d9 4c-9d 48 86 85 54 10 40 d1 0040 - 6d ee 5d ab 95 d7 d9 4c-9d 48 86 85 54 10 40 d1
0050 - 7c b4 8a 6f 2c 5e 46 ab-89 9b d5 d7 27 dc 97 3e 0050 - 7c b4 8a 6f 2c 5e 46 ab-89 9b d5 d7 27 dc 97 3e
0060 - ab d8 ff 71 36 59 96 89-5a 96 63 80 7f d5 77 89 0060 - ab d8 ff 71 36 59 96 89-5a 96 63 80 7f d5 77 89
0070 - 24 07 f2 cc 88 a2 ae 2f-d8 97 91 6a ef a9 92 72 0070 - 24 07 f2 cc 88 a2 ae 2f-d8 97 91 6a ef a9 92 72
0080 - 95 e3 c3 de 56 48 10 bb-be 2d bf 68 fe 51 69 72 0080 - 95 e3 c3 de 56 48 10 bb-be 2d bf 68 fe 51 69 72
0090 - 64 cd 69 90 44 ff da 5e-fc c2 69 f6 71 36 73 09 0090 - 64 cd 69 90 44 ff da 5e-fc c2 69 f6 71 36 73 09
00a0 - 31 58 1b 21 e3 19 2e 6b-ec a4 3f b9 ba 4e aa ae 00a0 - 31 58 1b 21 e3 19 2e 6b-ec a4 3f b9 ba 4e aa ae
00b0 - 8b 46 22 9f fa 8b 6d 45-4e 0e e9 40 2e 27 08 5d 00b0 - 8b 46 22 9f fa 8b 6d 45-4e 0e e9 40 2e 27 08 5d
00c0 - 7d 59 cf 81 ef c8 cf 9d-fb 35 9a f2 4f 62 01 80 00c0 - 7d 59 cf 81 ef c8 cf 9d-fb 35 9a f2 4f 62 01 80
00d0 - 2d 9b 0e e3 09 f5 f2 75-63 3d 72 c8 2b 02 07 da 00d0 - 2d 9b 0e e3 09 f5 f2 75-63 3d 72 c8 2b 02 07 da
00e0 - 0b ec e1 fd de 8f e4 0d-b9 e5 c3 62 3b 60 2d 8a 00e0 - 0b ec e1 fd de 8f e4 0d-b9 e5 c3 62 3b 60 2d 8a
00f0 - 25 13 7e 87 6c df 63 9e-38 d7 84 e3 04 dd 07 31 00f0 - 25 13 7e 87 6c df 63 9e-38 d7 84 e3 04 dd 07 31
0100 - 41 04 99 1a 67 45 29 c1-34 ed 02 03 01 00 01 0100 - 41 04 99 1a 67 45 29 c1-34 ed 02 03 01 00 01
476:d=6 hl=2 l= 107 cons: cont [ 3 ] | 478:d=6 hl=2 l= 107 cons: cont [ 3 ]
478:d=7 hl=2 l= 105 cons: SEQUENCE | 480:d=7 hl=2 l= 105 cons: SEQUENCE
480:d=8 hl=2 l= 14 cons: SEQUENCE | 482:d=8 hl=2 l= 14 cons: SEQUENCE
482:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Key Us | 484:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Key Us
487:d=9 hl=2 l= 1 prim: BOOLEAN :255 | 489:d=9 hl=2 l= 1 prim: BOOLEAN :255
490:d=9 hl=2 l= 4 prim: OCTET STRING | 492:d=9 hl=2 l= 4 prim: OCTET STRING
0000 - 03 02 04 b0 0000 - 03 02 04 b0
496:d=8 hl=2 l= 29 cons: SEQUENCE | 498:d=8 hl=2 l= 29 cons: SEQUENCE
498:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Extend | 500:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Extend
503:d=9 hl=2 l= 22 prim: OCTET STRING | 505:d=9 hl=2 l= 22 prim: OCTET STRING
0000 - 30 14 06 08 2b 06 01 05-05 07 03 02 06 08 2b 06 0000 - 30 14 06 08 2b 06 01 05-05 07 03 02 06 08 2b 06
0010 - 01 05 05 07 03 01 0010 - 01 05 05 07 03 01
527:d=8 hl=2 l= 25 cons: SEQUENCE | 529:d=8 hl=2 l= 25 cons: SEQUENCE
529:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Subjec | 531:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Subjec
534:d=9 hl=2 l= 18 prim: OCTET STRING | 536:d=9 hl=2 l= 18 prim: OCTET STRING
0000 - 30 10 82 0e 61 73 32 2e-76 61 6c 69 64 6f 6f 2e 0000 - 30 10 82 0e 61 73 32 2e-76 61 6c 69 64 6f 6f 2e
0010 - 73 65 0010 - 73 65
554:d=8 hl=2 l= 29 cons: SEQUENCE | 556:d=8 hl=2 l= 29 cons: SEQUENCE
556:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Subjec | 558:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Subjec
561:d=9 hl=2 l= 22 prim: OCTET STRING | 563:d=9 hl=2 l= 22 prim: OCTET STRING
0000 - 04 14 32 53 96 ec 74 b8-f0 17 9d e5 e7 7c 2f 2b 0000 - 04 14 32 53 96 ec 74 b8-f0 17 9d e5 e7 7c 2f 2b
0010 - 9b 0e db ae 08 78 0010 - 9b 0e db ae 08 78
585:d=5 hl=2 l= 13 cons: SEQUENCE | 587:d=5 hl=2 l= 13 cons: SEQUENCE
587:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEn | 589:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEn
598:d=6 hl=2 l= 0 prim: NULL | 600:d=6 hl=2 l= 0 prim: NULL
600:d=5 hl=4 l= 257 prim: BIT STRING | 602:d=5 hl=4 l= 257 prim: BIT STRING
0000 - 00 32 90 8e 5e 2a a1 63-27 66 06 a9 2b c3 cf 1e 0000 - 00 32 90 8e 5e 2a a1 63-27 66 06 a9 2b c3 cf 1e
0010 - 40 70 72 db b0 57 b0 b3-7e 0e 82 f3 40 8d e9 b5 0010 - 40 70 72 db b0 57 b0 b3-7e 0e 82 f3 40 8d e9 b5
0020 - 41 fa 16 b2 d0 cf 95 bb-2b 50 d6 3c 2c bc 6f 81 0020 - 41 fa 16 b2 d0 cf 95 bb-2b 50 d6 3c 2c bc 6f 81
0030 - e5 b3 2e 78 7c f9 44 e0-eb 88 79 0f 96 fa 84 e3 0030 - e5 b3 2e 78 7c f9 44 e0-eb 88 79 0f 96 fa 84 e3
0040 - 99 fc f8 25 2f 46 1b 3a-45 b0 43 e7 e0 2c 81 f3 0040 - 99 fc f8 25 2f 46 1b 3a-45 b0 43 e7 e0 2c 81 f3
0050 - f0 1a c4 b6 2e 0b a5 78-63 d2 79 15 04 25 64 58 0050 - f0 1a c4 b6 2e 0b a5 78-63 d2 79 15 04 25 64 58
0060 - 06 29 05 20 38 68 1b 6e-3b ee 9b f3 51 67 52 73 0060 - 06 29 05 20 38 68 1b 6e-3b ee 9b f3 51 67 52 73
0070 - 5f 10 22 0d 94 33 7a c3-61 a2 5a a3 85 cd c1 cb 0070 - 5f 10 22 0d 94 33 7a c3-61 a2 5a a3 85 cd c1 cb
0080 - 77 19 30 43 86 46 2e 11-ac be 67 16 db fb 77 87 0080 - 77 19 30 43 86 46 2e 11-ac be 67 16 db fb 77 87
0090 - b7 6a fc e2 16 55 42 ea-a7 4b 49 f2 45 50 5b aa 0090 - b7 6a fc e2 16 55 42 ea-a7 4b 49 f2 45 50 5b aa
00a0 - d7 78 9d 3d c8 51 91 05-fb ee a3 7b 27 c7 71 25 00a0 - d7 78 9d 3d c8 51 91 05-fb ee a3 7b 27 c7 71 25
00b0 - e9 34 e0 41 aa 35 cc a1-a3 ea 16 e7 25 f7 c3 34 00b0 - e9 34 e0 41 aa 35 cc a1-a3 ea 16 e7 25 f7 c3 34
00c0 - 13 b6 25 e6 01 85 a8 41-74 ee ae 40 43 b7 1e ae 00c0 - 13 b6 25 e6 01 85 a8 41-74 ee ae 40 43 b7 1e ae
00d0 - bf df 96 04 b4 27 f6 11-c5 8f a4 02 88 fa 66 d6 00d0 - bf df 96 04 b4 27 f6 11-c5 8f a4 02 88 fa 66 d6
00e0 - 6d c5 bb 97 be f0 5f 3d-e3 db 7c 72 b3 76 63 7b 00e0 - 6d c5 bb 97 be f0 5f 3d-e3 db 7c 72 b3 76 63 7b
00f0 - 12 34 ab c5 75 78 8c ab-00 9f 2a 10 60 5a 56 3f 00f0 - 12 34 ab c5 75 78 8c ab-00 9f 2a 10 60 5a 56 3f
0100 - 47 0100 - 47
861:d=4 hl=2 l= 0 prim: EOC | 863:d=3 hl=4 l= 340 cons: SET
863:d=3 hl=4 l= 597 cons: SET | 867:d=4 hl=4 l= 336 cons: SEQUENCE
867:d=4 hl=4 l= 593 cons: SEQUENCE <
871:d=5 hl=2 l= 1 prim: INTEGER :01 871:d=5 hl=2 l= 1 prim: INTEGER :01
874:d=5 hl=2 l= 45 cons: SEQUENCE 874:d=5 hl=2 l= 45 cons: SEQUENCE
876:d=6 hl=2 l= 25 cons: SEQUENCE 876:d=6 hl=2 l= 25 cons: SEQUENCE
878:d=7 hl=2 l= 23 cons: SET 878:d=7 hl=2 l= 23 cons: SET
880:d=8 hl=2 l= 21 cons: SEQUENCE 880:d=8 hl=2 l= 21 cons: SEQUENCE
882:d=9 hl=2 l= 3 prim: OBJECT :commonName 882:d=9 hl=2 l= 3 prim: OBJECT :commonName
887:d=9 hl=2 l= 14 prim: UTF8STRING :as2.example.s 887:d=9 hl=2 l= 14 prim: UTF8STRING :as2.example.s
903:d=6 hl=2 l= 16 prim: INTEGER :153D15DC586C0 903:d=6 hl=2 l= 16 prim: INTEGER :153D15DC586C0
921:d=5 hl=2 l= 9 cons: SEQUENCE 921:d=5 hl=2 l= 9 cons: SEQUENCE
923:d=6 hl=2 l= 5 prim: OBJECT :sha1 923:d=6 hl=2 l= 5 prim: OBJECT :sha1
930:d=6 hl=2 l= 0 prim: NULL 930:d=6 hl=2 l= 0 prim: NULL
932:d=5 hl=3 l= 254 cons: cont [ 0 ] | 932:d=5 hl=2 l= 13 cons: SEQUENCE
935:d=6 hl=2 l= 24 cons: SEQUENCE | 934:d=6 hl=2 l= 9 prim: OBJECT :rsaEncryption
937:d=7 hl=2 l= 9 prim: OBJECT :contentType | 945:d=6 hl=2 l= 0 prim: NULL
948:d=7 hl=2 l= 11 cons: SET | 947:d=5 hl=4 l= 256 prim: OCTET STRING
950:d=8 hl=2 l= 9 prim: OBJECT :pkcs7-data | 0000 - 6f 58 e3 71 97 28 86 cd-02 2e 7b e9 df c7 0c 8d
961:d=6 hl=2 l= 28 cons: SEQUENCE | 0010 - 85 68 7f e7 ea 88 9f bd-76 d4 6f 7c e8 93 41 cf
963:d=7 hl=2 l= 9 prim: OBJECT :signingTime | 0020 - ce 5b b7 c4 63 9a 75 48-88 1e e2 29 25 92 fc 92
974:d=7 hl=2 l= 15 cons: SET | 0030 - 9a 86 8c 7f 08 5c 30 fd-ea fd 43 83 b9 4b a4 9d
976:d=8 hl=2 l= 13 prim: UTCTIME :220425160449Z | 0040 - 37 b4 d0 58 c5 6b e9 07-d3 21 62 30 63 16 a4 f4
991:d=6 hl=2 l= 35 cons: SEQUENCE | 0050 - b1 ad 3c 1d 4f 1c a8 b8-7a 6d 65 4d 50 7e 65 58
993:d=7 hl=2 l= 9 prim: OBJECT :messageDigest | 0060 - 48 a0 5a aa 5b f4 db 3b-a8 ca a2 7a 50 41 75 d9
1004:d=7 hl=2 l= 22 cons: SET | 0070 - 01 20 78 bc 0e 1b 58 82-b7 ec b9 22 3e fe 8d 44
1006:d=8 hl=2 l= 20 prim: OCTET STRING | 0080 - 3c d3 26 76 69 54 17 e0-68 01 f7 82 73 cd 66 ab
0000 - ba 30 61 18 8d e9 00 6b-46 9f 0e 00 b5 d8 36 f7 | 0090 - 3e 90 30 48 e8 84 5a 79-a1 aa 0d 74 46 ab 72 04
0010 - 33 1d 9d 77 | 00a0 - 18 0f c7 c0 bc db c0 12-a3 34 82 31 f5 92 28 87
1028:d=6 hl=2 l= 41 cons: SEQUENCE | 00b0 - b4 44 0e 4e 26 9a 19 a8-96 01 98 59 69 3c 80 e3
1030:d=7 hl=2 l= 9 prim: OBJECT :1.2.840.11354 | 00c0 - 8c a5 5c b8 33 dc 14 16-d7 28 72 97 6e 93 fe 9c
1041:d=7 hl=2 l= 28 cons: SET | 00d0 - 04 cf 0e 50 b8 1f 1c b7-7b cf da 79 12 ac 09 2a
1043:d=8 hl=2 l= 26 cons: SEQUENCE | 00e0 - c4 7d 04 e8 93 12 8c c4-dc 85 af ce fc 00 75 97
1045:d=9 hl=2 l= 9 cons: SEQUENCE | 00f0 - fc 01 47 5a 59 99 a9 5d-c2 dc ce ae 9e 53 42 15
1047:d=10 hl=2 l= 5 prim: OBJECT :sha1 | 1207:d=3 hl=2 l= 0 prim: EOC
1054:d=10 hl=2 l= 0 prim: NULL | 1209:d=2 hl=2 l= 0 prim: EOC
1056:d=9 hl=2 l= 13 cons: cont [ 1 ] | 1211:d=1 hl=2 l= 0 prim: EOC
1058:d=10 hl=2 l= 9 prim: OBJECT :rsaEncryption <
1069:d=10 hl=2 l= 0 prim: NULL <
1071:d=6 hl=2 l= 52 cons: SEQUENCE <
1073:d=7 hl=2 l= 9 prim: OBJECT :S/MIME Capabi <
1084:d=7 hl=2 l= 39 cons: SET <
1086:d=8 hl=2 l= 37 cons: SEQUENCE <
1088:d=9 hl=2 l= 10 cons: SEQUENCE <
1090:d=10 hl=2 l= 8 prim: OBJECT :des-ede3-cbc <
1100:d=9 hl=2 l= 14 cons: SEQUENCE <
1102:d=10 hl=2 l= 8 prim: OBJECT :rc2-cbc <
1112:d=10 hl=2 l= 2 prim: INTEGER :80 <
1116:d=9 hl=2 l= 7 cons: SEQUENCE <
1118:d=10 hl=2 l= 5 prim: OBJECT :des-cbc <
1125:d=6 hl=2 l= 62 cons: SEQUENCE <
1127:d=7 hl=2 l= 11 prim: OBJECT :id-smime-aa-e <
1140:d=7 hl=2 l= 47 cons: SET <
1142:d=8 hl=2 l= 45 cons: cont [ 0 ] <
1144:d=9 hl=2 l= 25 cons: SEQUENCE <
1146:d=10 hl=2 l= 23 cons: SET <
1148:d=11 hl=2 l= 21 cons: SEQUENCE <
1150:d=12 hl=2 l= 3 prim: OBJECT :commonName <
1155:d=12 hl=2 l= 14 prim: UTF8STRING :as2.example.s <
1171:d=9 hl=2 l= 16 prim: INTEGER :153D15DC586C0 <
1189:d=5 hl=2 l= 13 cons: SEQUENCE <
1191:d=6 hl=2 l= 9 prim: OBJECT :rsaEncryption <
1202:d=6 hl=2 l= 0 prim: NULL <
1204:d=5 hl=4 l= 256 prim: OCTET STRING <
0000 - bd 8b 48 4d 61 ce 09 9c-d9 89 b8 52 15 55 9f 87 <
0010 - 8f 9b 45 23 00 77 a0 5b-c0 50 72 fe 78 4e f6 25 <
0020 - ed 6d 02 82 77 6b 9c 84-f0 04 82 c5 30 3a 50 21 <
0030 - 0a 51 40 01 fa 65 74 fd-0c 99 4b c7 e8 31 b1 09 <
0040 - 6d bd e5 c2 72 19 8c 14-07 3b 9c 00 ca cd ee ef <
0050 - 87 db c6 fa 0f e9 41 9d-28 fa ac 95 46 b7 6d e3 <
0060 - 83 9e 16 bf b2 14 90 54-b4 d8 09 67 e1 11 c6 e2 <
0070 - b9 3c d6 54 06 08 16 87-2b 0f 21 a3 66 14 a1 fc <
0080 - 1b a7 93 19 84 ad 89 8f-a7 7f 53 5c 2f 44 ae 94 <
0090 - 00 ce 01 e6 16 3c 19 89-0b b7 30 a3 b4 c4 94 ae <
00a0 - 71 4e 7d 3d 7b ad 3d e0-d2 f0 36 d7 b9 4f 47 08 <
00b0 - 13 6f ad 2e 54 db 33 be-c0 63 db 5d 1b d6 a5 71 <
00c0 - 01 7a 63 32 9e f5 3e 36-53 8e 12 14 b2 53 ef fb <
00d0 - 3f cb 07 85 9e 98 09 f0-75 43 22 23 21 74 c8 5d <
00e0 - 72 bd 43 ae 76 82 43 bc-48 bd 07 08 c6 5f 3d 75 <
00f0 - cc 7b 4d 81 31 67 1c d2-b7 f0 84 da 62 86 14 a1 <
1464:d=3 hl=2 l= 0 prim: EOC <
1466:d=2 hl=2 l= 0 prim: EOC <
1468:d=1 hl=2 l= 0 prim: EOC <
What could be wrong and how can I configure the BouncyCastle code to make this validation pass? The content digests are correct and other systems accept the signature, so there must be something I have missed. Unfortunately I have checked several samples without finding any clues. I can't rewrite everything to use the BouncyCastle S/MIME classes, especially as I don't even know if it would help.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|