EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Imzager MIM compatibility

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#17368
Posted: 08/26/2011 05:16:01
by Fikretcan Erken (Basic support level)
Joined: 08/19/2011
Posts: 9

Hey there,
I have another question: i came across a SigningOption flag csoImzagerMIMCompatibility on TElCMSSignature.SigningOptions. What exactly is Imzager MIM compatibility mode? Because i've been having dificulties verifying my signatures on Imzager MIM.
#17681
Posted: 09/29/2011 05:48:14
by Fikretcan Erken (Basic support level)
Joined: 08/19/2011
Posts: 9

I've been working on this issue for a time now and i still do not understand why Imzager can not validate my signature. I managed to compare the content of my signature with a signature created with Imzager, and i could not spot a major difference. I used an ASN.1 viewer to see the content of my CMS message. In fact, i exported them as xml files for easier examination, as you can see in the attachments. All ideas are welcome and thanks already!


[ Download ]
#17690
Posted: 09/29/2011 12:53:59
by Dmytro Bogatskyy (EldoS Corp.)

As far as I remember Imzager software requires that authenticated attributes placed in specific order (by standard it should not be so). So this flag changes the order of some attributes.
#17692
Posted: 09/30/2011 04:22:49
by Fikretcan Erken (Basic support level)
Joined: 08/19/2011
Posts: 9

First of all, thanks for the reply.

However my problem still exists. I set the csoImzagerMIMCompatibility flag up, and my signature contains everything necessary but i still can't validate my signatures on Imzager. When I checked the order of the authenticated attributes, I saw that they are still different. In Imzager signature the order is as follows:

1) signing certificate
2) timestamp
3) certificate ref.
4) revocation ref.
5) certificate val.
6) revocation val.

but in mine it's as follows:

1) signing certificate
2) certificate ref.
3) revocation ref.
4) timestamp
5) certificate val.
6) revocation val.

so, doesn't csoImzagerMIMCompatibility flag was supposed to fix this? What else can I do to change this order?

And again, thanks already!
#17696
Posted: 09/30/2011 05:00:46
by Dmytro Bogatskyy (EldoS Corp.)

Could you please show your code.
Did you create a signature in one step or you, for example, create a signature with a signing certificate and complete certificate and revocation references and save it, then timestamp this signature and add certificate and revocation values?
Did you use ElCAdESSignatureProcessor class or you work directly with ElCMSSignature class?
#17701
Posted: 09/30/2011 07:44:40
by Fikretcan Erken (Basic support level)
Joined: 08/19/2011
Posts: 9

The code is attached as a text file.


[ Download ]
#17706
Posted: 10/01/2011 05:07:33
by Dmytro Bogatskyy (EldoS Corp.)

I have reviewed a code, unfortunately it is not possible to simply change a current order of unsigned attributes.
I have made the necessary changes for csoImzagerMIMCompatibility flag for the next build. If you need those changes now, please create a ticket in the helpdesk and I'll recompile .Net assemblies.
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 1181 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!