bc-csharp icon indicating copy to clipboard operation
bc-csharp copied to clipboard
verified publisher icon bcgit

Not possible create CMS with rsaEncryption as signature algorithm

Open harrison314 opened this issue 2 years ago • 0 comments

When creating the time stamp, I encountered the problem that it was not possible to issue a time stamp in which the signature algorithm was specified (in CMS terminology - encryption algorithm) rsaEncryption (1.2.840.113549.1.1.1) when I wanted to use ISignatureFactory (ISignatureFactory.AlgorithmDetails).

System.NullReferenceException: Object reference not set to an instance of an object.
   at Org.BouncyCastle.Cms.CmsSignedDataGenerator.SignerInf..ctor(CmsSignedGenerator outer, ISignatureFactory sigCalc, SignerIdentifier signerIdentifier, CmsAttributeTableGenerator sAttr, CmsAttributeTableGenerator unsAttr, AttributeTable baseSignedTable)
   at Org.BouncyCastle.Cms.CmsSignedDataGenerator.AddSignerInfoGenerator(SignerInfoGenerator signerInfoGenerator)
   at Org.BouncyCastle.Tsp.TimeStampTokenGenerator.Generate(TimeStampRequest request, BigInteger serialNumber, DateTime genTime, X509Extensions additionalExtensions)
   at Org.BouncyCastle.Tsp.TimeStampTokenGenerator.Generate(TimeStampRequest request, BigInteger serialNumber, DateTime genTime)
   ....

The problem can be solved by using sha256WithRsaEncryption (1.2.840.113549.1.1.11 - it's a newer standard) in ISignatureFactory.AlgorithmDetails, but for backward client compatibility, the rsaEncryption algorithm would be better.

harrison314 avatar Jun 16 '23 08:06 harrison314