EldoS | Feel safer!

Software components for data protection, secure storage and transfer

interoperability: signature difference between eldos and other product

Posted: 04/08/2011 04:51:33
by Christoph Moar (Standard support level)
Joined: 08/28/2009
Posts: 46


we have been successfully using eldos secureblackbox for a few years now, and all of the signed documents are shown as valid signed documents by various other official software packages (even government software). Now, we just received notification from a government agency that uploading a signed document into a government verification page shows "invalid signature". I have analyzed the issue, verifying with additional official signature softwares, and found out the following:

Document "A" (ORDINE_38128.PDF.p7m) is signed with an official government software (DIKE).
Document "B" (B000060913.PDF_neu.p7m) is signed with Eldos

When I open up both documents in the third-party-software (DIKE) it shows:

Document A = signature CADES OK
Document B = signature PKCS#7 OK

I did a research on what is CAdES and it looks like an evolution of PKCS#7, which includes some attributes before not used. Currently nobody seems to know which attributes effectively need to be used, apart from the signed attribute "id-aa-signingCertificateV2"

(the signature is applied also to a reference to the certificate which is used for the signature itself).


Now I did a second try: there is another official page (italian post provider) which permits an online-check of the signed document.


I just go there and check with document A) and document B).
Document A) is shown valid, document B) is shown invalid, unfortunately without saying what is actually invalid.

I attach both files, screenshots (.docx) of the differences in the tests, and a txt file with the relevant certificate/signature attributes I extracted from both files.

Do you have any other chance of finding out what is the main difference between both documents and - if it is only a missing attribute or two - how to add that to the signed document?

The way I sign is:
- add signing certificate to memorycertstorage
- setup a TElSignedCMSMessage aMessage
- aMessage->CreateNew to read in the document stream
- aMessage->AddSignature to add a signature
- add signature options

aSignature->UsePSS = false;
aSignature->SigningOptions = (TSBCMSSigningOptions)0;
aSignature->SigningOptions add:

- add signature signing time, setup digestalg and sign
aSignature->SigningTime = UTCNow();
aSignature->DigestAlgorithm = mSignatureHashMethod;
aSignature->Sign(mCertificate, aMemoryCertStorage.get());

- set message contentversion to 1 since some other software (dike, poste)
seem to have problem with contentversion 3

aMessage->ContentVersion = 1;

- save the message, detached, later attach message and signature

I attach all files of this issue. I hope you can be able to spot the difference - as far as I can imagine it must be a simple issue of attributes, but I cannot find them out.

Thanks, regards

[ Download ]
Posted: 04/08/2011 05:12:06
by Ken Ivanov (Team)

Thank you very much for very detailed information.

Your understanding of the differences between PKCS#7 and CAdES is correct. CAdES extends PKCS#7 with some additional attributes that provide extra level of signer authentication.

Please try to adjust the following properties to make your signature conform to the CAdES specification. Please note that you might need to upgrade to SBB 8 (you are entitled for a free upgrade), as Document A uses SigningCertificateV2 attribute that just hasn't been defined at the times of SBB 7. However, it can be that the signature processor will be satisfied with older version of this attribute, SigningCertificate, which is still available in SBB 7.

So, please add csoInsertContentType and csoIncludeCertToAttributes flags to the SigningOptions flag set and check if it helps. If it doesn't, please upgrade to the SBB 8 and add the csoForceSigningCertificateV2Usage flag to the options as well.
Posted: 04/11/2011 02:15:59
by Christoph Moar (Standard support level)
Joined: 08/28/2009
Posts: 46

Thanks Innokentiy,

you have been very helpful. I did upgrade to SBB8 and added the flags you indicated. It looks like it changed something, since the web verifiers now confirm valid signed files. There is still a difference, tough. A file signed with SBB shows up as "pkcs#7" file in an official third-party-app (DIKE). The same file, signed with that third-party-app, shows up as "CADES" instead. I attach both files, identically signed. Can you find out what other attributes the "dike" file has, compared to the "eldos", and how I could try to add those attributes in my code?

By the way - what software could I use to find these details out by myself? What inspection software do you use for this task?

Thanks again for your help

[ Download ]
Posted: 04/11/2011 03:08:52
by Ken Ivanov (Team)

Hmm, have you added the csoForceSigningCertificateV2Usage flag to the SigningOptions flag set? Your signature uses an older SigningCertificateV1 attribute, which is actually the only difference comparing to the DIKE's.
Posted: 04/11/2011 03:19:33
by Christoph Moar (Standard support level)
Joined: 08/28/2009
Posts: 46

yes I did. Here is the code. Is there one option that overrides the other? I'll check again that I am linking the right code (but I am actually positive I do).

aSignature->UsePSS = false;
aSignature->SigningOptions = (TSBCMSSigningOptions)0;

aSignature->SigningOptions <<
csoInsertMessageDigests << csoInsertSigningTime << csoInsertContentType <<
csoUseGeneralizedTimeFormat << csoIncludeCertToMessage << csoIncludeCertToAttributes <<
csoForceSigningCertificateV2Usage ;

// configure and sign signature
aSignature->SigningTime = UTCNow();
aSignature->DigestAlgorithm = mSignatureHashMethod;
aSignature->Sign(mCertificate, aMemoryCertStorage.get());
Posted: 04/11/2011 03:48:38
by Ken Ivanov (Team)

Oops, that was my bad. You also have to set the FingerprintAlgorithm property to SBConstants.Unit.SB_ALGORITHM_DGST_SHA256.

Regarding the software that we use -- it's an in-house SBB-driven ASN.1 viewer. You can use publicly available ASN.1 tools, such as OpenSSL, to decode your files:

C:\> openssl asn1parse -inform DER -i -in sigfile.p7m > sigfile.asn1

Then the decodings can be compared with any text comparing utility (e.g. FC).
Posted: 04/11/2011 03:59:40
by Christoph Moar (Standard support level)
Joined: 08/28/2009
Posts: 46

Thanks Innokentiy,

FingerprintAlgorithm was the solution. Thanks a lot for your help, and for the ASN.1 view information - I will first look at that by myself in the future and come back on you only if I wouldn't spot the difference myself.

Posted: 01/11/2012 05:55:12
by Stefano Monterisi (Standard support level)
Joined: 10/05/2011
Posts: 18


may I have also any info about timestamping a pdf file using these classes and eventually (if you also tried) Aruba TSA?

Many tnx.

Posted: 01/11/2012 06:13:53
by Vsevolod Ievgiienko (Team)

Answered in Helpdesk. Lets continue there.



Topic viewed 4267 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!