DER length is more than 4 bytes?

Question

I want to digitally sign a pdf document but i am getting an expection

DER length is more than 4 bytes.

Here is my code:

public static Asn1EncodableVector GetTimestamp(byte[] signature)
{

        ITSAClient tsc = new TSAClientBouncyCastle("https://wstsa.kibs.mk/wsTSA.asmx", null, null);
        //return tsc.GetTimeStampToken(null, tsImprint);
        HashAlgorithm sha = new SHA1CryptoServiceProvider();


      //byte[] hash =  sha1.ComputeHash(bytData);
        String ID_TIME_STAMP_TOKEN = "1.2.840.113549.1.9.16.2.14"; // RFC 3161 id-aa-timeStampToken
        mk.kibs.wstsatest.wsTSATest oWS1 = new mk.kibs.wstsatest.wsTSATest();
    //    HashAlgorithm sha = new SHA1CryptoServiceProvider();

        mk.kibs.wstsatest.TSCheck_Bytes bytes = new mk.kibs.wstsatest.TSCheck_Bytes();
        mk.kibs.wstsatest.TSResponse_Bytes b = new mk.kibs.wstsatest.TSResponse_Bytes();
        byte[] filename = File.ReadAllBytes(@"C:\Users\nikola.nedelkovski\Desktop\nalozinovi.pdf");

        SHA1CryptoServiceProvider shax = new SHA1CryptoServiceProvider();
       byte [] hashx = shax.ComputeHash(filename);
    //   Asn1InputStream tempstream = new Asn1InputStream(new MemoryStream(tsc.GetTimeStampToken(null, hashx)));
       // mk.kibs.wstsatest.TSResponse_Bytes resp1 = oWS1.funGenerateTS_Bytes(hashx);

        oWS1.Dispose();
   //     hashx = b.bytTSToken;
        //hashx = bytes.bytHashMessage;
        bytes.bytHashMessage = hashx;
       Asn1InputStream tempstream = new Asn1InputStream(new MemoryStream(hashx));

        Asn1EncodableVector unauthAttributes = new Asn1EncodableVector();

        Asn1EncodableVector v = new Asn1EncodableVector();
        v.Add(new DerObjectIdentifier(ID_TIME_STAMP_TOKEN)); // id-aa-timeStampToken
        Asn1Sequence seq = (Asn1Sequence)tempstream.ReadObject();
        v.Add(new DerSet(seq));

        unauthAttributes.Add(new DerSequence(v));
        //return unauthAttributes;
     //   return unauthAttributes;
        return unauthAttributes;
    }

    public static X509Certificate2 GetCertificate()
    {
        X509Store st = new X509Store(StoreName.My, StoreLocation.CurrentUser);
        st.Open(OpenFlags.ReadOnly);
        X509Certificate2Collection col = st.Certificates;
        X509Certificate2 card = null;
        X509Certificate2Collection sel = X509Certificate2UI.SelectFromCollection(col, "Certificates", "Select one to sign", X509SelectionFlag.SingleSelection);
        if (sel.Count > 0)
        {
            X509Certificate2Enumerator en = sel.GetEnumerator();
            en.MoveNext();
            card = en.Current;
        }
        st.Close();
        return card;
}

The exception is thrown at following line: you can find it in the code mentioned

Asn1Sequence seq = (Asn1Sequence)tempstream.ReadObject();

Any help or suggestions please?

Answer 1

Well, you create a hash, which consists of binary bytes that can have any value. Then you perform:

Asn1Sequence seq = (Asn1Sequence)tempstream.ReadObject();

on the binary data that is indistinguishable from random. Random binary data does not represent an ASN.1 SEQUENCE.

You need to redesign your method and understand what you're doing. Quite possibly you should generate an ASN.1 SEQUENCE yourself instead of parsing it.