000011579 - Cert-J: Adding a certificate or other data to an existing PKCS #7 SignedData message

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000011579
Applies ToRSA BSAFE Cert-J
IssueCert-J: Adding a certificate or other data to an existing PKCS #7 SignedData message
Calling SignedData.addCertificate() to add a certificate to an existing PKCS #7 SignedData message, and then SignedData.getContentInfoDERLen() and SignedData.writeMessage() produces output that is the same as the original SignedData and does not include the new certificate.
Resolution

Call ContentInfo.clearInternalContentBuffer() after SignedData.addCertificate() and before SignedData.getContentInfoDERLen() and SignedData.writeMessage() to re-generate the SignedData message.  The documentation in the Developer's Guide says:

  Clears the internal working buffer that contains the entire ContentInfo encoding of a newly read and parsed message. A subsequent write operation (with the writeMessage() method) will cause the encoding to be re-generated from the component parts.

Legacy Article IDa45495

Attachments

    Outcomes