|Applies To||RSA BSAFE Crypto-C|
RSA BSAFE Crypto-J
RSA BSAFE Cert-C
RSA BSAFE Cert-J
Cryptographic Message Syntax (CMS)
|Issue||How to compute the digest on a PKCS #7 Signed Data message to verify the message in RSA BSAFE|
|Resolution||This solution is purely informational; Cert-C does this work for you internally both when creating the signed message and when verifying the signed message.|
If the PKCS #7 Signed Data message has authenticated attributes, then the bytes of the authenticated attributes are what should be digested. One note is that the first byte of the BER-encoded attributes should be 0x31 (which denotes a SET OF) instead of A0 (which is the context-specific tag). Note that when authenticated attributes are present, a message digest attribute containing digest of the content info of the signed data message is required. Therefore, verifying the signature to guarantee that the authenticated attributes are intact also verifies that the content info of the signed data is intact.
If no authenticated attributes are present then the content info of the signed data is what should be digested.
For further details, see http://www.rsasecurity.com/rsalabs/pkcs/pkcs-7/index.html">the RSA Labs website for a copy of PKCS #7. Section 9.3 outlines the process for obtaining the digest as part of the signature creation process. Section 5.4 of RFC 2630 (CMS - Cryptographic Message Syntax) also contains a similar description. Note that Cert-C implements CMS, which is derived from PKCS #7.
Note that you should not need to compute the digest of the content info, nor compute the value for the message digest attribute of the authenticated attributes. The toolkit takes care of this computation for you. Cert-C automatically computes and adds the required attribute types and values when an attributes object for the authenticated attributes is given to C_WriteSignedDataMsg (via a SIGNER_INFO in the LIST_OBJ of signers).
|Legacy Article ID||a636|