New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ASN.1 Set Of
invalid DER encoding for PKCS#7 authenticatedAttributes
#1013
Comments
I noticed that same thing too: not ordering the attribute list to sign causes the library to produce invalid signatures. |
@T-Ricks just FYI - I have now opened a PR that fixes the issue |
According to the X.690 specification (ISO/IEC 8825-1:2021 (E)) the ASN.1 standard for
Set Of
components must be encoded in order when using DER:This has been determined to cause bouncy castle to reject the PKCS#7 signatures that this library produces.
I'll take a look into ordering the
Set Of
components, presumably this is best done in thetoDer
method on the asn1 package? Otherwise the sorting could be done when the ASN.1 is constructed.The text was updated successfully, but these errors were encountered: