stackoom
  简体   繁体   中英

PKCS#7 CMS - Message digest calculation process

 原文  2020-12-17 17:55:07       asn.1/ pkcs#7/ der/ ber

Question

i'm studying RFC 5652 in order to know exactly how to encode/decode PKCS#7 ASN.1 data.

I don't understand how one can create a signature when the field "signedAttrs" is present:

The result of the message digest calculation process depends on whether the signedAttrs field is present. When the field is absent, the result is just the message digest of the content as described above. When the field is present, however, the result is the message digest of the complete DER encoding of the SignedAttrs value contained in the signedAttrs field. Since the SignedAttrs value, when present, must contain the content-type and the message-digest attributes, those values are indirectly included in the result.

By reading the above text I get confused: SignedAttrs field contains message-digest and content-type values but message-digest can be present once calculated and the digest has to be calculated on:

eContent OCTET STRING + full DER encoding of SignedAttrs field (Containing message-digest field).

In the example below there is a PKCS#7 Signed data structure where the envelopedData content field value is being signed + the signed attributes. Where does exactly the messageDigest value come from? 在此处输入图像描述

1 answers

solution1
 0  2021-10-07 06:47:14

There are two different message-digests in CMS algorithm:

  • First message-digest is a signed attribute which contains digest only of the encapsulated content being signed.

  • Second one is that will be signed by the signature algorithm . This message-digest contains digest which is calculated by the specific algorithm:

    The input to the message-digest algorithm is the Content . In case of absent signed attributes, the digest of current input (current input = the Content) will be created and returned as a resulting message digest. Otherwise, if signed attributes are present, then the digest of the Content is calculated and added to the signed attributes list (as Message-digest signed attribute) and then the digest of all signed attributes is calculated. So the content is indirectly included in the result

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Decode ASN.1 - PKCS#7 non-detached signature PKCS15 PKCS15Object tagging misunderstanding How to read PKCS ASN.1 specs Verify a signature file (PKCS7) with WinCrypt or CNG Certificate Request Info on a PKCS#10 to be signed Is this double constraint syntax from PKCS#9 legal? From CRMF request into CertificateRequest (PKCS#10) Signature Erlang ASN.1 otp compile 'PKCS7' module p7b file to pem How to enforce definite length encoding with CMS in NSS? Is the length of a DER-encoded RSAPublicKey (PKCS #1) for a 1024-bit RSA key pair consistent?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM