Discussion:
Problem parsing signed MDN
Davis, Cale
2014-07-09 15:33:36 UTC
Permalink
Hello,


I'm using bouncy castle 1.49 to parse a signed MDN. I'm parsing a signed MDN so that I can verify the signature later. An MDN is a receipt message used in the AS2 protocol. The signed MDN I'm using for testing is attached. A signed MDN is a multipart message that has two parts. The first part is another 2-part multipart message. The second part is the signature. I've tried parsing the message a couple different ways. Below are my tests that are written in Scala.


import com.elemica.smime.SMimeHelper

import java.io.{FileInputStream, File}
import javax.mail.internet.{MimeMultipart, MimeMessage}

import net.liftweb.util.Helpers

import org.bouncycastle.cms.{CMSSignedData, CMSProcessableByteArray}
import org.bouncycastle.mail.smime.SMIMESignedParser
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder

import org.specs2.mutable.Specification

class SMimeParseSpec extends Specification {

val filePath = "/home/daviscale/mdn_example.mime"
val file = new File(filePath)
val fileInputStream = new FileInputStream(file)
val mimeMessage = new MimeMessage(SMimeHelper.getSession, fileInputStream)

"The bouncy castle library " should {
"parse a signed MDN with SMIMESignedParser" in {
val mimeMultipart = mimeMessage.getContent.asInstanceOf[MimeMultipart]
val mdnPart = mimeMultipart.getBodyPart(0)
val mdnPartBytes = Helpers.readWholeStream(mdnPart.getInputStream)
val signaturePart = mimeMultipart.getBodyPart(1)
val signaturePartBytes = Helpers.readWholeStream(signaturePart.getInputStream)
val cmsByteArray = new CMSProcessableByteArray(mdnPartBytes)
val cmsSignedData = new CMSSignedData(cmsByteArray, signaturePartBytes)
true
}
"parse a signed MDN with CMSSignedData" in {
val smimeParser = new SMIMESignedParser(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(),mimeMessage.getContent.asInstanceOf[MimeMultipart])
true
}
}
}


The tests throw an exception in the same place. Here are the exceptions:


[info] SMimeParseSpec
[info]
[info] The bouncy castle library should
[error] ! parse a signed MDN with SMIMESignedParser
[error] CMSException: IOException reading content. (null:-1)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$1.apply$mcZ$sp(SMimeParseSpec.scala:31)
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$1.apply$mcZ$sp(SMimeParseSpec.scala:31)
[error] DER length more than 4 bytes: 111
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$1.apply$mcZ$sp(SMimeParseSpec.scala:31)
[error] ! parse a signed MDN with CMSSignedData
[error] CMSException: IOException reading content. (null:-1)
[error] org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$2.apply$mcZ$sp(SMimeParseSpec.scala:35)
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
[error] org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$2.apply$mcZ$sp(SMimeParseSpec.scala:35)
[error] DER length more than 4 bytes: 111
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
[error] org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$2.apply$mcZ$sp(SMimeParseSpec.scala:35)


Any thoughts on what I can do to successfully parse the MDN would be appreciated.


Thanks,

Cale


Cale Davis | Software Developer | Elemica

780 Johnson Ferry Road | Suite 400 | Atlanta, Georgia | 30342
Mobile: +1 770 286 2645

Skype: cale.davis.elemica

www.elemica.com<http://www.elemica.com/>


This message contains confidential or privileged information and is intended only for the individual named. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Nothing in this email is intended to bind Elemica, Inc., which only operates under the terms of written agreements signed by an authorized officer. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
Davis, Cale
2014-07-09 15:39:08 UTC
Permalink
​I just saw that I mismatched each test description with the corresponding test.



Cale Davis | Software Developer | Elemica

780 Johnson Ferry Road | Suite 400 | Atlanta, Georgia | 30342
Mobile: +1 770 286 2645

Skype: cale.davis.elemica

www.elemica.com<http://www.elemica.com/>

________________________________
From: Davis, Cale <***@elemica.com>
Sent: Wednesday, July 09, 2014 11:33 AM
To: dev-***@bouncycastle.org
Subject: [dev-crypto] Problem parsing signed MDN


Hello,


I'm using bouncy castle 1.49 to parse a signed MDN. I'm parsing a signed MDN so that I can verify the signature later. An MDN is a receipt message used in the AS2 protocol. The signed MDN I'm using for testing is attached. A signed MDN is a multipart message that has two parts. The first part is another 2-part multipart message. The second part is the signature. I've tried parsing the message a couple different ways. Below are my tests that are written in Scala.


import com.elemica.smime.SMimeHelper

import java.io.{FileInputStream, File}
import javax.mail.internet.{MimeMultipart, MimeMessage}

import net.liftweb.util.Helpers

import org.bouncycastle.cms.{CMSSignedData, CMSProcessableByteArray}
import org.bouncycastle.mail.smime.SMIMESignedParser
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder

import org.specs2.mutable.Specification

class SMimeParseSpec extends Specification {

val filePath = "/home/daviscale/mdn_example.mime"
val file = new File(filePath)
val fileInputStream = new FileInputStream(file)
val mimeMessage = new MimeMessage(SMimeHelper.getSession, fileInputStream)

"The bouncy castle library " should {
"parse a signed MDN with SMIMESignedParser" in {
val mimeMultipart = mimeMessage.getContent.asInstanceOf[MimeMultipart]
val mdnPart = mimeMultipart.getBodyPart(0)
val mdnPartBytes = Helpers.readWholeStream(mdnPart.getInputStream)
val signaturePart = mimeMultipart.getBodyPart(1)
val signaturePartBytes = Helpers.readWholeStream(signaturePart.getInputStream)
val cmsByteArray = new CMSProcessableByteArray(mdnPartBytes)
val cmsSignedData = new CMSSignedData(cmsByteArray, signaturePartBytes)
true
}
"parse a signed MDN with CMSSignedData" in {
val smimeParser = new SMIMESignedParser(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(),mimeMessage.getContent.asInstanceOf[MimeMultipart])
true
}
}
}


The tests throw an exception in the same place. Here are the exceptions:


[info] SMimeParseSpec
[info]
[info] The bouncy castle library should
[error] ! parse a signed MDN with SMIMESignedParser
[error] CMSException: IOException reading content. (null:-1)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$1.apply$mcZ$sp(SMimeParseSpec.scala:31)
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$1.apply$mcZ$sp(SMimeParseSpec.scala:31)
[error] DER length more than 4 bytes: 111
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$1.apply$mcZ$sp(SMimeParseSpec.scala:31)
[error] ! parse a signed MDN with CMSSignedData
[error] CMSException: IOException reading content. (null:-1)
[error] org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$2.apply$mcZ$sp(SMimeParseSpec.scala:35)
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
[error] org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$2.apply$mcZ$sp(SMimeParseSpec.scala:35)
[error] DER length more than 4 bytes: 111
[error] org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
[error] org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
[error] org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedDataParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] org.bouncycastle.mail.smime.SMIMESignedParser.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$2.apply$mcZ$sp(SMimeParseSpec.scala:35)


Any thoughts on what I can do to successfully parse the MDN would be appreciated.


Thanks,

Cale


Cale Davis | Software Developer | Elemica

780 Johnson Ferry Road | Suite 400 | Atlanta, Georgia | 30342
Mobile: +1 770 286 2645

Skype: cale.davis.elemica

www.elemica.com<http://www.elemica.com/>


This message contains confidential or privileged information and is intended only for the individual named. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Nothing in this email is intended to bind Elemica, Inc., which only operates under the terms of written agreements signed by an authorized officer. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.



This message contains confidential or privileged information and is intended only for the individual named. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Nothing in this email is intended to bind Elemica, Inc., which only operates under the terms of written agreements signed by an authorized officer. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
Lothar Kimmeringer
2014-07-09 17:55:02 UTC
Permalink
Hi,
Post by Davis, Cale
I'm using bouncy castle 1.49 to parse a signed MDN. I'm parsing a
signed MDN so that I can verify the signature later. An MDN is a>
receipt message used in the AS2 protocol. The signed MDN I'm using
for testing is attached.
That's not a valid AS2-MDN since it lacks all the relevant
headers like AS2-From, etc.
Post by Davis, Cale
A signed MDN is a multipart message that
has two parts. The first part is another 2-part multipart message.
The second part is the signature. I've tried parsing the message a
couple different ways. Below are my tests that are written in Scala.
[...]
Post by Davis, Cale
val signaturePart = mimeMultipart.getBodyPart(1)
val signaturePartBytes = Helpers.readWholeStream(signaturePart.getInputStream)
val cmsByteArray = new CMSProcessableByteArray(mdnPartBytes)
val cmsSignedData = new CMSSignedData(cmsByteArray, signaturePartBytes)
Why aren't you using BC's SMIME-classes? I assume you create
the smime-blocks for yourself as well e.g. leading to the
effect that there are duplicate Content-Type and Content-
Transfer-Encoding-Lines in the header and the body of the
DN-part.

As well, AFAIR you just put in the signature into the signature-
block, leaving away the certificate being used for signing.
The certificate to be expected is set up before anyway, so
you don't need to retransmit it every time you confirm the
reception of a file (a customer of us received 200.000 AS2-
messages from one customer alone, so do the math for yourself
what that means when you send the certificate all the time).

What's wrong with your code, I can't tell. As a first step
I'd dump out what you try to read in as CMS-data. Maybe
you get the wrong data as signature-data (add tests for
the particular content-type you're dealing with, in the
case of "bodypart[1]" it should be
application/pkcs7-signature; name=smime.p7s; smime-type=signed-data)

If the content-type is correct and you see the data you assumed
that should be there, my guesstimate is that there are encoding-
problems with the binary data.


Cheers, Lothar
Davis, Cale
2014-07-09 20:01:32 UTC
Permalink
Hi Lothar,

Thanks for the prompt response.
As a first step I'd dump out what you try to read in as CMS-data.
I'm not sure what you mean by this. Can you point me to the BC classes that will allow me to accomplish that?

Thanks,
Cale

Cale Davis | Software Developer | Elemica

780 Johnson Ferry Road | Suite 400 | Atlanta, Georgia | 30342
Mobile: +1 770 286 2645

Skype: cale.davis.elemica

www.elemica.com

________________________________________
From: Lothar Kimmeringer <job-***@public.gmane.org>
Sent: Wednesday, July 09, 2014 1:55 PM
To: dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN

Hi,
I'm using bouncy castle 1.49 to parse a signed MDN. I'm parsing a
signed MDN so that I can verify the signature later. An MDN is a>
receipt message used in the AS2 protocol. The signed MDN I'm using
for testing is attached.
That's not a valid AS2-MDN since it lacks all the relevant
headers like AS2-From, etc.
A signed MDN is a multipart message that
has two parts. The first part is another 2-part multipart message.
The second part is the signature. I've tried parsing the message a
couple different ways. Below are my tests that are written in Scala.
[...]
val signaturePart = mimeMultipart.getBodyPart(1)
val signaturePartBytes = Helpers.readWholeStream(signaturePart.getInputStream)
val cmsByteArray = new CMSProcessableByteArray(mdnPartBytes)
val cmsSignedData = new CMSSignedData(cmsByteArray, signaturePartBytes)
Why aren't you using BC's SMIME-classes? I assume you create
the smime-blocks for yourself as well e.g. leading to the
effect that there are duplicate Content-Type and Content-
Transfer-Encoding-Lines in the header and the body of the
DN-part.

As well, AFAIR you just put in the signature into the signature-
block, leaving away the certificate being used for signing.
The certificate to be expected is set up before anyway, so
you don't need to retransmit it every time you confirm the
reception of a file (a customer of us received 200.000 AS2-
messages from one customer alone, so do the math for yourself
what that means when you send the certificate all the time).

What's wrong with your code, I can't tell. As a first step
I'd dump out what you try to read in as CMS-data. Maybe
you get the wrong data as signature-data (add tests for
the particular content-type you're dealing with, in the
case of "bodypart[1]" it should be
application/pkcs7-signature; name=smime.p7s; smime-type=signed-data)

If the content-type is correct and you see the data you assumed
that should be there, my guesstimate is that there are encoding-
problems with the binary data.


Cheers, Lothar


This message contains confidential or privileged information and is intended only for the individual named. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Nothing in this email is intended to bind Elemica, Inc., which only operates under the terms of written agreements signed by an authorized officer. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
Lothar Kimmeringer
2014-07-09 20:08:13 UTC
Permalink
Post by Davis, Cale
As a first step I'd dump out what you try to read in as CMS-data.
I'm not sure what you mean by this. Can you point me to the BC
classes that will allow me to accomplish that?
System.out.println(new String(signaturePartBytes, "8859_1"));


Cheers, Lothar
Davis, Cale
2014-07-09 20:51:04 UTC
Permalink
Lothar,
Post by Lothar Kimmeringer
Why aren't you using BC's SMIME-classes?
Did you see my 2nd test that uses SMimeSignedParser? I added the test that uses CMSSignedData after I was unable to figure out the problem with using SMimeSignedParser.

In the example that uses CMSSignedData, should I use the entire MIME body parts or just the content of each body part? In my earlier email, I was only using the content of each body part. I updated my example to use the entire MIME body parts, but that fails with this exception:

[info] The bouncy castle library should
[error] ! parse a signed MDN with CMSSignedData
[error] CMSException: Malformed content. (null:-1)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$1.apply$mcZ$sp(SMimeParseSpec.scala:32)
[error] org.bouncycastle.asn1.ASN1Sequence.getInstance(Unknown Source)
[error] org.bouncycastle.asn1.cms.ContentInfo.getInstance(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$1.apply$mcZ$sp(SMimeParseSpec.scala:32)
[error] unknown object in getInstance: org.bouncycastle.asn1.DERApplicationSpecific
[error] org.bouncycastle.asn1.ASN1Sequence.getInstance(Unknown Source)
[error] org.bouncycastle.asn1.cms.ContentInfo.getInstance(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
[error] org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
[error] com.elemica.service.mdn.SMimeParseSpec$$anonfun$1$$anonfun$apply$1.apply$mcZ$sp(SMimeParseSpec.scala:32)


Cale Davis | Software Developer | Elemica

780 Johnson Ferry Road | Suite 400 | Atlanta, Georgia | 30342
Mobile: +1 770 286 2645

Skype: cale.davis.elemica

www.elemica.com

________________________________________
From: Lothar Kimmeringer <job-***@public.gmane.org>
Sent: Wednesday, July 09, 2014 4:08 PM
To: dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Lothar Kimmeringer
As a first step I'd dump out what you try to read in as CMS-data.
I'm not sure what you mean by this. Can you point me to the BC
classes that will allow me to accomplish that?
System.out.println(new String(signaturePartBytes, "8859_1"));


Cheers, Lothar


This message contains confidential or privileged information and is intended only for the individual named. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Nothing in this email is intended to bind Elemica, Inc., which only operates under the terms of written agreements signed by an authorized officer. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
Lothar Kimmeringer
2014-07-09 21:28:43 UTC
Permalink
Post by Davis, Cale
Post by Lothar Kimmeringer
Why aren't you using BC's SMIME-classes?
Did you see my 2nd test that uses SMimeSignedParser?
I don't know Scala, so I have difficulties seeing anything ;-)
Try SMIMESigned instead of the parser using the complete message
(with content-type multipart/signed).


Cheers, Lothar
Erick Lichtas
2014-07-14 15:54:37 UTC
Permalink
Hi Lothar and Cale,

I actually started experiencing what I think is the same issue after upgrading from bc 1.38 to 1.49, specifically with processing binary encoded signed receipts. We currently use BC for AS2 processing and the issue is when processing the MDN receipts. We are using the SMIMESigned object as suggested and are experiencing the following failure

Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:577)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:467)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.java:430)
Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 7 more

This is the block of code that fails when constructing the SMIMESigned object.

String transferEncoding = getTransferEncoding();
MimeMultipart content = (MimeMultipart) part.getContent();
if (transferEncoding != null) {
smimeSigned = new SMIMESigned(content, transferEncoding);
}
else {
smimeSigned = new SMIMESigned(content);
}
verifySignature(smimeSigned);
verifiedPart = smimeSigned.getContent();

I'll be digging into this rather deep today and I'll post whatever findings I come across, but any additional insight is appreciated.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:job-***@public.gmane.org]
Sent: Wednesday, July 09, 2014 4:29 PM
To: dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Davis, Cale
Post by Lothar Kimmeringer
Why aren't you using BC's SMIME-classes?
Did you see my 2nd test that uses SMimeSignedParser?
I don't know Scala, so I have difficulties seeing anything ;-) Try SMIMESigned instead of the parser using the complete message (with content-type multipart/signed).


Cheers, Lothar
Erick Lichtas
2014-07-14 21:48:33 UTC
Permalink
I misspoke, it has nothing to do with the upgrade from 1.38, the problem exists in both versions. To me, it seems like the encoding used by BC during initialization of the SignedData object is wrong, because the failure occurs for all 'binary' encoded signatures that I've been able to test. I have a few stactraces from various different AS2 servers that ultimate meet the same end 'IOException reading content' but the root causes is different for each one. In all cases, the signature is 'binary'.
----------------------------------------------------------------------------------
Caused by: org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
... 59 more
Caused by: java.io.IOException: unknown tag 6321 encountered
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildEncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildDEREncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 63 more
----------------------------------------------------------------------------------
Caused by: org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
... 59 more
Caused by: java.io.EOFException: DEF length 9 object truncated by 1
at org.bouncycastle.asn1.DefiniteLengthInputStream.read(Unknown Source)
at org.bouncycastle.util.io.Streams.readFully(Unknown Source)
at org.bouncycastle.util.io.Streams.readFully(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.getBuffer(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 63 more
----------------------------------------------------------------------------------
Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:285)
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:63)
at org.bouncycastle.cms.CMSSignedData.<init>(CMSSignedData.java:126)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(SMIMESigned.java:104)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:591)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:469)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.java:432)
Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:280)
... 6 more
Regards,
Erick

-----Original Message-----
From: Erick Lichtas [mailto:ELichtas-beiWeuV/D4/QT0dZR+***@public.gmane.org]
Sent: Monday, July 14, 2014 10:55 AM
To: dev-crypto-***@public.gmane.org
Subject: RE: [dev-crypto] Problem parsing signed MDN

Hi Lothar and Cale,

I actually started experiencing what I think is the same issue after upgrading from bc 1.38 to 1.49, specifically with processing binary encoded signed receipts. We currently use BC for AS2 processing and the issue is when processing the MDN receipts. We are using the SMIMESigned object as suggested and are experiencing the following failure

Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:577)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:467)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.java:430)
Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 7 more

This is the block of code that fails when constructing the SMIMESigned object.

String transferEncoding = getTransferEncoding();
MimeMultipart content = (MimeMultipart) part.getContent();
if (transferEncoding != null) {
smimeSigned = new SMIMESigned(content, transferEncoding);
}
else {
smimeSigned = new SMIMESigned(content);
}
verifySignature(smimeSigned);
verifiedPart = smimeSigned.getContent();

I'll be digging into this rather deep today and I'll post whatever findings I come across, but any additional insight is appreciated.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:job-***@public.gmane.org]
Sent: Wednesday, July 09, 2014 4:29 PM
To: dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Davis, Cale
Post by Lothar Kimmeringer
Why aren't you using BC's SMIME-classes?
Did you see my 2nd test that uses SMimeSignedParser?
I don't know Scala, so I have difficulties seeing anything ;-) Try SMIMESigned instead of the parser using the complete message (with content-type multipart/signed).


Cheers, Lothar
Davis, Cale
2014-07-15 00:16:02 UTC
Permalink
Hi Erick,

I have only experienced the "IOException reading content" error when trying to parse an MDN with a binary signature. I have successfully parsed original AS2 messages with binary signatures. I'm curious if you're seeing that as well.

Cheers,
Cale

________________________________________
From: Erick Lichtas <ELichtas-beiWeuV/D4/QT0dZR+***@public.gmane.org>
Sent: Monday, July 14, 2014 5:48 PM
To: dev-crypto-***@public.gmane.org
Subject: RE: [dev-crypto] Problem parsing signed MDN

I misspoke, it has nothing to do with the upgrade from 1.38, the problem exists in both versions. To me, it seems like the encoding used by BC during initialization of the SignedData object is wrong, because the failure occurs for all 'binary' encoded signatures that I've been able to test. I have a few stactraces from various different AS2 servers that ultimate meet the same end 'IOException reading content' but the root causes is different for each one. In all cases, the signature is 'binary'.
----------------------------------------------------------------------------------
Caused by: org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
... 59 more
Caused by: java.io.IOException: unknown tag 6321 encountered
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildEncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildDEREncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 63 more
----------------------------------------------------------------------------------
Caused by: org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
... 59 more
Caused by: java.io.EOFException: DEF length 9 object truncated by 1
at org.bouncycastle.asn1.DefiniteLengthInputStream.read(Unknown Source)
at org.bouncycastle.util.io.Streams.readFully(Unknown Source)
at org.bouncycastle.util.io.Streams.readFully(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.getBuffer(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 63 more
----------------------------------------------------------------------------------
Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:285)
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:63)
at org.bouncycastle.cms.CMSSignedData.<init>(CMSSignedData.java:126)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(SMIMESigned.java:104)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:591)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:469)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.java:432)
Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:280)
... 6 more
Regards,
Erick

-----Original Message-----
From: Erick Lichtas [mailto:ELichtas-beiWeuV/D4/QT0dZR+***@public.gmane.org]
Sent: Monday, July 14, 2014 10:55 AM
To: dev-crypto-***@public.gmane.org
Subject: RE: [dev-crypto] Problem parsing signed MDN

Hi Lothar and Cale,

I actually started experiencing what I think is the same issue after upgrading from bc 1.38 to 1.49, specifically with processing binary encoded signed receipts. We currently use BC for AS2 processing and the issue is when processing the MDN receipts. We are using the SMIMESigned object as suggested and are experiencing the following failure

Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:577)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:467)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.java:430)
Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 7 more

This is the block of code that fails when constructing the SMIMESigned object.

String transferEncoding = getTransferEncoding();
MimeMultipart content = (MimeMultipart) part.getContent();
if (transferEncoding != null) {
smimeSigned = new SMIMESigned(content, transferEncoding);
}
else {
smimeSigned = new SMIMESigned(content);
}
verifySignature(smimeSigned);
verifiedPart = smimeSigned.getContent();

I'll be digging into this rather deep today and I'll post whatever findings I come across, but any additional insight is appreciated.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:job-***@public.gmane.org]
Sent: Wednesday, July 09, 2014 4:29 PM
To: dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Davis, Cale
Post by Lothar Kimmeringer
Why aren't you using BC's SMIME-classes?
Did you see my 2nd test that uses SMimeSignedParser?
I don't know Scala, so I have difficulties seeing anything ;-) Try SMIMESigned instead of the parser using the complete message (with content-type multipart/signed).


Cheers, Lothar









This message contains confidential or privileged information and is intended only for the individual named. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Nothing in this email is intended to bind Elemica, Inc., which only operates under the terms of written agreements signed by an authorized officer. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
Erick Lichtas
2014-07-15 13:02:13 UTC
Permalink
Hi Cale,

That is true, it is only when parsing the MDN receipts that I have experienced this issue.

Regards,
Erick

-----Original Message-----
From: Davis, Cale [mailto:cale.davis-***@public.gmane.org]
Sent: Monday, July 14, 2014 7:16 PM
To: Erick Lichtas; dev-crypto-***@public.gmane.org
Subject: RE: [dev-crypto] Problem parsing signed MDN

Hi Erick,

I have only experienced the "IOException reading content" error when trying to parse an MDN with a binary signature. I have successfully parsed original AS2 messages with binary signatures. I'm curious if you're seeing that as well.

Cheers,
Cale

________________________________________
From: Erick Lichtas <ELichtas-beiWeuV/D4/QT0dZR+***@public.gmane.org>
Sent: Monday, July 14, 2014 5:48 PM
To: dev-crypto-***@public.gmane.org
Subject: RE: [dev-crypto] Problem parsing signed MDN

I misspoke, it has nothing to do with the upgrade from 1.38, the problem exists in both versions. To me, it seems like the encoding used by BC during initialization of the SignedData object is wrong, because the failure occurs for all 'binary' encoded signatures that I've been able to test. I have a few stactraces from various different AS2 servers that ultimate meet the same end 'IOException reading content' but the root causes is different for each one. In all cases, the signature is 'binary'.
----------------------------------------------------------------------------------
Caused by: org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
... 59 more
Caused by: java.io.IOException: unknown tag 6321 encountered
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildEncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildDEREncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 63 more
----------------------------------------------------------------------------------
Caused by: org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
... 59 more
Caused by: java.io.EOFException: DEF length 9 object truncated by 1
at org.bouncycastle.asn1.DefiniteLengthInputStream.read(Unknown Source)
at org.bouncycastle.util.io.Streams.readFully(Unknown Source)
at org.bouncycastle.util.io.Streams.readFully(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.getBuffer(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 63 more
----------------------------------------------------------------------------------
Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:285)
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:63)
at org.bouncycastle.cms.CMSSignedData.<init>(CMSSignedData.java:126)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(SMIMESigned.java:104)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:591)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:469)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.java:432)
Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:280)
... 6 more Regards, Erick

-----Original Message-----
From: Erick Lichtas [mailto:ELichtas-beiWeuV/D4/QT0dZR+***@public.gmane.org]
Sent: Monday, July 14, 2014 10:55 AM
To: dev-crypto-***@public.gmane.org
Subject: RE: [dev-crypto] Problem parsing signed MDN

Hi Lothar and Cale,

I actually started experiencing what I think is the same issue after upgrading from bc 1.38 to 1.49, specifically with processing binary encoded signed receipts. We currently use BC for AS2 processing and the issue is when processing the MDN receipts. We are using the SMIMESigned object as suggested and are experiencing the following failure

Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:577)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:467)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.java:430)
Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 7 more

This is the block of code that fails when constructing the SMIMESigned object.

String transferEncoding = getTransferEncoding();
MimeMultipart content = (MimeMultipart) part.getContent();
if (transferEncoding != null) {
smimeSigned = new SMIMESigned(content, transferEncoding);
}
else {
smimeSigned = new SMIMESigned(content);
}
verifySignature(smimeSigned);
verifiedPart = smimeSigned.getContent();

I'll be digging into this rather deep today and I'll post whatever findings I come across, but any additional insight is appreciated.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:job-***@public.gmane.org]
Sent: Wednesday, July 09, 2014 4:29 PM
To: dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Davis, Cale
Post by Lothar Kimmeringer
Why aren't you using BC's SMIME-classes?
Did you see my 2nd test that uses SMimeSignedParser?
I don't know Scala, so I have difficulties seeing anything ;-) Try SMIMESigned instead of the parser using the complete message (with content-type multipart/signed).


Cheers, Lothar









This message contains confidential or privileged information and is intended only for the individual named. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Nothing in this email is intended to bind Elemica, Inc., which only operates under the terms of written agreements signed by an authorized officer. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
Lothar Kimmeringer
2014-07-15 13:14:08 UTC
Permalink
Post by Erick Lichtas
That is true, it is only when parsing the MDN receipts that
I have experienced this issue.
I have only experienced the "IOException reading content" error
when trying to parse an MDN with a binary signature. I have
successfully parsed original AS2 messages with binary signatures.
I'm curious if you're seeing that as well.
Then you've been lucky. I experienced this kind of thing with
AS2-messages as well.


Cheers, Lothar
David Hook
2014-07-15 00:41:46 UTC
Permalink
AS2 differs from regular SMIME - the default content transfer encoding
is binary, so the code below is incorrect, the null case should be

new SMIMESigned(content, "binary");

Regards,

David
Post by Erick Lichtas
Hi Lothar and Cale,
I actually started experiencing what I think is the same issue after upgrading from bc 1.38 to 1.49, specifically with processing binary encoded signed receipts. We currently use BC for AS2 processing and the issue is when processing the MDN receipts. We are using the SMIMESigned object as suggested and are experiencing the following failure
Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:577)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:467)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.java:430)
Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 7 more
This is the block of code that fails when constructing the SMIMESigned object.
String transferEncoding = getTransferEncoding();
MimeMultipart content = (MimeMultipart) part.getContent();
if (transferEncoding != null) {
smimeSigned = new SMIMESigned(content, transferEncoding);
}
else {
smimeSigned = new SMIMESigned(content);
}
verifySignature(smimeSigned);
verifiedPart = smimeSigned.getContent();
I'll be digging into this rather deep today and I'll post whatever findings I come across, but any additional insight is appreciated.
Regards,
Erick
-----Original Message-----
Sent: Wednesday, July 09, 2014 4:29 PM
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Davis, Cale
Post by Lothar Kimmeringer
Why aren't you using BC's SMIME-classes?
Did you see my 2nd test that uses SMimeSignedParser?
I don't know Scala, so I have difficulties seeing anything ;-) Try SMIMESigned instead of the parser using the complete message (with content-type multipart/signed).
Cheers, Lothar
Erick Lichtas
2014-07-15 13:11:08 UTC
Permalink
Hi David,

Thanks for the reply. I'm aware of the need to specify binary for AS2 type transmissions as per the BC Javadoc and the code below actually does that, but is encapsulated in the getTransferEncoding() method. This method will always return 'binary' unless we explicitly shut this off via a system property. In my case, binary is always passed in. Same results with this code (a bit cleaner):

smimeSigned = new SMIMESigned((MimeMultipart) part.getContent(),
"binary");
verifySignature(smimeSigned);
verifiedPart = smimeSigned.getContent();

Interesting enough, I get the exact same stacktrace (below) regardless of whether or not I pass in the transfer encoding or omit that parameter (using default 7-bit).

Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:285)
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:63)
at org.bouncycastle.cms.CMSSignedData.<init>(CMSSignedData.java:126)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(SMIMESigned.java:124)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:578)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:469)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.java:432)
Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(CMSUtils.java:280)
... 6 more

Any other insight into this would be much appreciated. I have a signature block that produces this issue that I can share outside the mailing list if one of the developers is willing to help me identify the cause of this problem.

Regards,
Erick

-----Original Message-----
From: David Hook [mailto:dgh-lQXO3U89oAbxy1ys+oinMti2O/***@public.gmane.org]
Sent: Monday, July 14, 2014 7:42 PM
To: Erick Lichtas; dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN


AS2 differs from regular SMIME - the default content transfer encoding is binary, so the code below is incorrect, the null case should be

new SMIMESigned(content, "binary");

Regards,

David
Post by Erick Lichtas
Hi Lothar and Cale,
I actually started experiencing what I think is the same issue after
upgrading from bc 1.38 to 1.49, specifically with processing binary
encoded signed receipts. We currently use BC for AS2 processing and
the issue is when processing the MDN receipts. We are using the
SMIMESigned object as suggested and are experiencing the following
failure
Exception in thread "main" org.bouncycastle.cms.CMSException: IOException reading content.
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source)
at org.bouncycastle.cms.CMSSignedData.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMESigned.<init>(Unknown Source)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.checkSignature(CopyOfASMessageMDN.java:577)
at com.linoma.dpa.tasks.as.CopyOfASMessageMDN.parseMDN(CopyOfASMessageMDN.java:467)
at
com.linoma.dpa.tasks.as.CopyOfASMessageMDN.main(CopyOfASMessageMDN.jav
a:430) Caused by: java.io.IOException: unknown tag 11 encountered
at org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.BERTaggedObjectParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.BERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
... 7 more
This is the block of code that fails when constructing the SMIMESigned object.
String transferEncoding = getTransferEncoding();
MimeMultipart content = (MimeMultipart) part.getContent();
if (transferEncoding != null) {
smimeSigned = new SMIMESigned(content, transferEncoding);
}
else {
smimeSigned = new SMIMESigned(content);
}
verifySignature(smimeSigned);
verifiedPart = smimeSigned.getContent();
I'll be digging into this rather deep today and I'll post whatever findings I come across, but any additional insight is appreciated.
Regards,
Erick
-----Original Message-----
Sent: Wednesday, July 09, 2014 4:29 PM
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Davis, Cale
Post by Lothar Kimmeringer
Why aren't you using BC's SMIME-classes?
Did you see my 2nd test that uses SMimeSignedParser?
I don't know Scala, so I have difficulties seeing anything ;-) Try SMIMESigned instead of the parser using the complete message (with content-type multipart/signed).
Cheers, Lothar
Lothar Kimmeringer
2014-07-15 13:16:47 UTC
Permalink
Post by Erick Lichtas
Thanks for the reply. I'm aware of the need to specify binary for AS2
type transmissions as per the BC Javadoc and the code below actually does
that, but is encapsulated in the getTransferEncoding() method. This
method will always return 'binary' unless we explicitly shut this off
via a system property.
where is the test-data coming from? Is it a file you read in or is
the MDN generated during the test? In both cases, make sure that
there are no charset-issues leading to ?s in the resulting "text"
when writing the binary data or reading it in. In both cases, the
ASN1-data gets corrupted and no transfer-encoding-setting will
fix that.


Cheers, Lothar
Lothar Kimmeringer
2014-07-15 15:06:08 UTC
Permalink
Post by Erick Lichtas
Two of the servers we are having this problem with are
Liaison/NuBridges and Seeburger.
is there a Drummond Certification running at the moment? Tell
Aaron greetings from me ;-)

Maybe a dump of the ASN1-data might help get to the bottom
of this. You might send me that mentioned data (I need the
complete MDN, not only the signature) and I can run it
through my JUnit-test for my MDN-processing part of out
AS2-Connector.


Cheers, Lothar
Erick Lichtas
2014-07-15 15:52:30 UTC
Permalink
Ha, no Drummond Certification in the works currently, just a big migration from WebMethods. I will work on providing you with the MDN dump.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:job-***@public.gmane.org]
Sent: Tuesday, July 15, 2014 10:06 AM
To: Erick Lichtas
Cc: Steve Luebbe; dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Erick Lichtas
Two of the servers we are having this problem with are
Liaison/NuBridges and Seeburger.
is there a Drummond Certification running at the moment? Tell Aaron greetings from me ;-)

Maybe a dump of the ASN1-data might help get to the bottom of this. You might send me that mentioned data (I need the complete MDN, not only the signature) and I can run it through my JUnit-test for my MDN-processing part of out AS2-Connector.


Cheers, Lothar
Erick Lichtas
2014-07-17 18:42:40 UTC
Permalink
Lothar, Bernd, and BC community

Thanks you Bernd and Lothar for point me in the right direction. I was able to identify that indeed the binary signature was corrupt. This was caused by a block of code that was converting the request input stream into a StringBuffer, ultimately corrupting the binary data. We haven't hit this issue up until now because all receipts we were parsing were base64 encoded.

By removing the StringBuffer code and simply passing the bytes from the stream to the MimeBodyPart constructor resolved the issue.

Thanks again for all your help!

Regards,
Erick

-----Original Message-----
From: Erick Lichtas [mailto:ELichtas-beiWeuV/D4/QT0dZR+***@public.gmane.org]
Sent: Tuesday, July 15, 2014 10:53 AM
To: Lothar Kimmeringer
Cc: Steve Luebbe; dev-crypto-***@public.gmane.org
Subject: RE: [dev-crypto] Problem parsing signed MDN

Ha, no Drummond Certification in the works currently, just a big migration from WebMethods. I will work on providing you with the MDN dump.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:job-***@public.gmane.org]
Sent: Tuesday, July 15, 2014 10:06 AM
To: Erick Lichtas
Cc: Steve Luebbe; dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Erick Lichtas
Two of the servers we are having this problem with are
Liaison/NuBridges and Seeburger.
is there a Drummond Certification running at the moment? Tell Aaron greetings from me ;-)

Maybe a dump of the ASN1-data might help get to the bottom of this. You might send me that mentioned data (I need the complete MDN, not only the signature) and I can run it through my JUnit-test for my MDN-processing part of out AS2-Connector.


Cheers, Lothar
Eckenfels. Bernd
2014-07-17 21:09:59 UTC
Permalink
Hello,

Erick, I am glad we could resolve your problem. Feel free to test a signed request as well.

Before I switch my test-installation off - if anybody wants to do some more interop testing with SEEBURGER AS2, let me know.

Greetings
Bernd
--
Chief Architect (R&D)
http://www.seeburger.com
________________________________________
From: Erick Lichtas [***@linoma.com]
Sent: Thursday, July 17, 2014 20:42
To: dev-***@bouncycastle.org
Cc: Eckenfels. Bernd; Lothar Kimmeringer
Subject: RE: [dev-crypto] Problem parsing signed MDN

Lothar, Bernd, and BC community

Thanks you Bernd and Lothar for point me in the right direction. I was able to identify that indeed the binary signature was corrupt. This was caused by a block of code that was converting the request input stream into a StringBuffer, ultimately corrupting the binary data. We haven't hit this issue up until now because all receipts we were parsing were base64 encoded.

By removing the StringBuffer code and simply passing the bytes from the stream to the MimeBodyPart constructor resolved the issue.

Thanks again for all your help!

Regards,
Erick

-----Original Message-----
From: Erick Lichtas [mailto:***@linoma.com]
Sent: Tuesday, July 15, 2014 10:53 AM
To: Lothar Kimmeringer
Cc: Steve Luebbe; dev-***@bouncycastle.org
Subject: RE: [dev-crypto] Problem parsing signed MDN

Ha, no Drummond Certification in the works currently, just a big migration from WebMethods. I will work on providing you with the MDN dump.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:***@kimmeringer.de]
Sent: Tuesday, July 15, 2014 10:06 AM
To: Erick Lichtas
Cc: Steve Luebbe; dev-***@bouncycastle.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Erick Lichtas
Two of the servers we are having this problem with are
Liaison/NuBridges and Seeburger.
is there a Drummond Certification running at the moment? Tell Aaron greetings from me ;-)

Maybe a dump of the ASN1-data might help get to the bottom of this. You might send me that mentioned data (I need the complete MDN, not only the signature) and I can run it through my JUnit-test for my MDN-processing part of out AS2-Connector.


Cheers, Lothar













SEEBURGER AG Vorstand/Seeburger Executive Board:
Sitz der Gesellschaft/Registered Office: Bernd Seeburger, Axel Haas, Michael Kleeberg
Edisonstr. 1
D-75015 Bretten Vorsitzender des Aufsichtsrats/Chairperson of the Seeburger Supervisory Board:
Tel.: 07252 / 96 - 0 Dr. Franz Scherer
Fax: 07252 / 96 - 2222
Internet: http://www.seeburger.de Registergericht/Commercial Register:
e-mail: ***@seeburger.de HRB 240708 Mannheim


Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.


This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachm
Davis, Cale
2014-07-24 12:28:29 UTC
Permalink
I solved my signature corruption issue as well. My MDN was indadvertedly going through a UTF-8 parser before it was passed to my signature verification method.

Thanks for your help!
Cale

Cale Davis | Software Developer | Elemica

780 Johnson Ferry Road | Suite 400 | Atlanta, Georgia | 30342
Mobile: +1 770 286 2645

Skype: cale.davis.elemica

www.elemica.com

________________________________________
From: Erick Lichtas <ELichtas-beiWeuV/D4/QT0dZR+***@public.gmane.org>
Sent: Thursday, July 17, 2014 2:42 PM
To: dev-crypto-***@public.gmane.org
Cc: Eckenfels. Bernd; Lothar Kimmeringer
Subject: RE: [dev-crypto] Problem parsing signed MDN

Lothar, Bernd, and BC community

Thanks you Bernd and Lothar for point me in the right direction. I was able to identify that indeed the binary signature was corrupt. This was caused by a block of code that was converting the request input stream into a StringBuffer, ultimately corrupting the binary data. We haven't hit this issue up until now because all receipts we were parsing were base64 encoded.

By removing the StringBuffer code and simply passing the bytes from the stream to the MimeBodyPart constructor resolved the issue.

Thanks again for all your help!

Regards,
Erick

-----Original Message-----
From: Erick Lichtas [mailto:ELichtas-beiWeuV/D4/QT0dZR+***@public.gmane.org]
Sent: Tuesday, July 15, 2014 10:53 AM
To: Lothar Kimmeringer
Cc: Steve Luebbe; dev-crypto-***@public.gmane.org
Subject: RE: [dev-crypto] Problem parsing signed MDN

Ha, no Drummond Certification in the works currently, just a big migration from WebMethods. I will work on providing you with the MDN dump.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:job-***@public.gmane.org]
Sent: Tuesday, July 15, 2014 10:06 AM
To: Erick Lichtas
Cc: Steve Luebbe; dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Erick Lichtas
Two of the servers we are having this problem with are
Liaison/NuBridges and Seeburger.
is there a Drummond Certification running at the moment? Tell Aaron greetings from me ;-)

Maybe a dump of the ASN1-data might help get to the bottom of this. You might send me that mentioned data (I need the complete MDN, not only the signature) and I can run it through my JUnit-test for my MDN-processing part of out AS2-Connector.


Cheers, Lothar







This message contains confidential or privileged information and is intended only for the individual named. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Nothing in this email is intended to bind Elemica, Inc., which only operates under the terms of written agreements signed by an authorized officer. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
Erick Lichtas
2014-07-15 14:58:03 UTC
Permalink
Hi Lothar,

We've been testing both cases. The problems exist when processing MDNs received directly from the servers. We've since taken one of the problem MDNs and written the content to a file for more isolated testing. This was done using FileOutputStream and we are getting the exact same problem working on the file as we did with the test to the server, so no encoding problems have been introduced here. There are no ?s when viewing the file.

Two of the servers we are having this problem with are Liaison/NuBridges and Seeburger.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:job-***@public.gmane.org]
Sent: Tuesday, July 15, 2014 8:17 AM
To: Erick Lichtas; dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Erick Lichtas
Thanks for the reply. I'm aware of the need to specify binary for AS2
type transmissions as per the BC Javadoc and the code below actually
does that, but is encapsulated in the getTransferEncoding() method.
This method will always return 'binary' unless we explicitly shut this
off via a system property.
where is the test-data coming from? Is it a file you read in or is the MDN generated during the test? In both cases, make sure that there are no charset-issues leading to ?s in the resulting "text"
when writing the binary data or reading it in. In both cases, the ASN1-data gets corrupted and no transfer-encoding-setting will fix that.


Cheers, Lothar
Eckenfels. Bernd
2014-07-15 15:05:11 UTC
Permalink
Hello,

if anybody has problems regarding interop with a SEEBURGER AS2, let me know. (I will contact Erick offlist).

We do use BC as well, I am not sure if in all cases with the AS2 adapter, but I can connect with the right people.

Gruss
Bernd

Chief Architect
http://seeburger.com/

-----Ursprüngliche Nachricht-----
Von: Erick Lichtas [mailto:ELichtas-beiWeuV/D4/QT0dZR+***@public.gmane.org]
Gesendet: Dienstag, 15. Juli 2014 16:58
An: dev-crypto-***@public.gmane.org
Betreff: RE: [dev-crypto] Problem parsing signed MDN

Hi Lothar,

We've been testing both cases. The problems exist when processing MDNs received directly from the servers. We've since taken one of the problem MDNs and written the content to a file for more isolated testing. This was done using FileOutputStream and we are getting the exact same problem working on the file as we did with the test to the server, so no encoding problems have been introduced here. There are no ?s when viewing the file.

Two of the servers we are having this problem with are Liaison/NuBridges and Seeburger.

Regards,
Erick

-----Original Message-----
From: Lothar Kimmeringer [mailto:job-***@public.gmane.org]
Sent: Tuesday, July 15, 2014 8:17 AM
To: Erick Lichtas; dev-crypto-***@public.gmane.org
Subject: Re: [dev-crypto] Problem parsing signed MDN
Post by Erick Lichtas
Thanks for the reply. I'm aware of the need to specify binary for AS2
type transmissions as per the BC Javadoc and the code below actually
does that, but is encapsulated in the getTransferEncoding() method.
This method will always return 'binary' unless we explicitly shut this
off via a system property.
where is the test-data coming from? Is it a file you read in or is the MDN generated during the test? In both cases, make sure that there are no charset-issues leading to ?s in the resulting "text"
when writing the binary data or reading it in. In both cases, the ASN1-data gets corrupted and no transfer-encoding-setting will fix that.


Cheers, Lothar











SEEBURGER AG Vorstand/Seeburger Executive Board:
Sitz der Gesellschaft/Registered Office: Bernd Seeburger, Axel Haas, Michael Kleeberg
Edisonstr. 1
D-75015 Bretten Vorsitzender des Aufsichtsrats/Chairperson of the Seeburger Supervisory Board:
Tel.: 07252 / 96 - 0 Dr. Franz Scherer
Fax: 07252 / 96 - 2222
Internet: http://www.seeburger.de Registergericht/Commercial Register:
e-mail: info-***@public.gmane.org HRB 240708 Mannheim


Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.


This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.
Loading...