none
System.Security bug?

    General discussion

  • Creating digital signature using SignedCms and CmsSigner with SHA256 does not work!

    cmsSigner.DigestAlgorithm = new System.Security.Cryptography.Oid("2.16.840.1.101.3.4.2.1");
    signedCms.ComputeSignature(cmsSigner, false);

    ComputeSignature returns exception: "An internal error occured"

    I think it might be because in System.Security.Cryptography in CAPIBase.cs is probably bug..

            internal const string szOID_KEY_USAGE_RESTRICTION = "2.5.29.4";
            internal const string szOID_KEYID_RDN = "1.3.6.1.4.1.311.10.7.1";
            internal const string szOID_OIWSEC_desCBC = "1.3.14.3.2.7";
            internal const string szOID_OIWSEC_sha1 = "1.3.14.3.2.26";
            internal const string szOID_OIWSEC_sha1RSASign = "1.3.14.3.2.29";
            internal const string szOID_OIWSEC_SHA256 = "2.16.840.1.101.3.4.1";
            internal const string szOID_OIWSEC_SHA384 = "2.16.840.1.101.3.4.2";
            internal const string szOID_OIWSEC_SHA512 = "2.16.840.1.101.3.4.3";
            internal const string szOID_PKCS_1 = "1.2.840.113549.1.1";
            internal const string szOID_PKCS_10 = "1.2.840.113549.1.10";
     
    SHA256 is not 2.16.840.1.101.3.4.1, but 2.16.840.1.101.3.4.2.1


    Is there any workaround, or am i missing something?

    Thanks for reply
    Sunday, February 07, 2010 2:46 PM

All replies

  • Issue solved..

    Needed to register Oid in crypt library..

    OS i was working with was Win 7, so problem was somewhere there...

    To be specific:

    [DllImport("crypt32.dll",SetLastError = true)]
    [return: MarshalAs(UnamagedType.Bool)]
    internal static extern bool CryptRegisterOIDInfo([In] ref CRYPT_OID_INFO pInfo,OidRegistrationOptions dwFlags);

    is the function


    but i still dont understand why there are defined wrong constants in CAPIBase...

            internal const string szOID_OIWSEC_SHA256 = "2.16.840.1.101.3.4.1";
            internal const string szOID_OIWSEC_SHA384 = "2.16.840.1.101.3.4.2";
            internal const string szOID_OIWSEC_SHA512 = "2.16.840.1.101.3.4.3";

    Sunday, February 07, 2010 5:44 PM
  • Hi Ludovit,

    I'm interested in your solution to this problem. I'm working on Windows XP SP3, Windows Server 2003 and 2008 and would like to try your solution there . Could you post the complete code you used to register the OID's?
    Thursday, March 04, 2010 12:11 PM
  • Hi Ludovit,

    I'm interested in your solution to this problem. I'm working on Windows XP SP3, Windows Server 2003 and 2008 and would like to try your solution there . Could you post the complete code you used to register the OID's?

    Check this project.

    https://clrsecurity.svn.codeplex.com/svn/Security.Cryptography/src/Oid2.cs
    https://clrsecurity.svn.codeplex.com/svn/Security.Cryptography/src/CapiNative.cs

    Oid2.RegisterSha2OidInformationForRsa();

    Currently I am trying to find out, why the registration with CryptRegisterOIDInfo does not work on my win xp machine. (It worked on win 7)

    Sunday, May 09, 2010 4:44 PM
  • Thursday, August 02, 2012 2:18 PM
  • I ran this code using VS 2012 ON win8

    System.Security.Cryptography.Pkcs.ContentInfo contentInfo =

    newSystem.Security.Cryptography.Pkcs.ContentInfo(inputBytes);

    SignedCms signedCms =

    newSignedCms(contentInfo, false);

    CmsSigner cmsSigner =

    newCmsSigner(gwpccert);

    cmsSigner.DigestAlgorithm =

    newOid("2.16.840.1.101.3.4.2.1");

                signedCms.ComputeSignature(cmsSigner,

    false);

                Token =

    Convert.ToBase64String(signedCms.Encode());

    It works fine

    Thursday, August 15, 2013 7:21 PM
  • Also Is your signer cert installed on the machine, it should be in current user store
    Thursday, August 15, 2013 7:25 PM