Java, Digital Signature with BouncyCastle

4
votes

In Java, I tried to sign a byte[] (which is my sha256 digest of my document) with bouncy castle and a certificate in this specification:

http://www.ebics.org/fileadmin/unsecured/specification/spec_current_EN/EBICS_Specification_2.5_final-16-05-2011.pdf

in chapter 14.1.4.1.1 Digital signature generation.

I found in bouncy's java doc this method:

public static byte[] signer(byte[] datas, Certificat cert) {
    try {
        List<X509Certificate> certList = new ArrayList<X509Certificate>();
        CMSTypedData msg = new CMSProcessableByteArray(datas);

        certList.add(cert.getCertificat());

        Store certs = new JcaCertStore(certList);

        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
        ContentSigner sha256signer = new JcaContentSignerBuilder(
                "SHA256withRSA").setProvider("BC").build(
                cert.getPrivateKey());

        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
                new JcaDigestCalculatorProviderBuilder().setProvider("BC")
                        .build()).build(sha256signer, cert.getCertificat()));

        gen.addCertificates(certs);

        CMSSignedData sigData = gen.generate(msg, true);
        return sigData.getEncoded();
    } 
    catch (Exception e) {
        throw new RuntimeException(
                "Erreur lors de la signature du document", e);
    }

I don't know if this signature is really in accordance with PKCS#1 1.5 required by the specification. Do I have to add the padding manually? And the OID for RSA256?

1
javadigital-signaturebouncycastle
Any reason to not use the java.security APIs?martijno
no reason, you're right.Bastiflew

1 Answers

5
votes

EBICS signature A005 is a RSA signature with SHA-256 digest algorithm and PKCS#1 1.5 padding. However the code sample you pasted here is creating a CMS signature which uses a "low level" RSA signature but is a much more complex structure (for comprehensive details, see RFC 5652 http://www.rfc-editor.org/rfc/rfc5652.txt).

Hopefully, generating the signature you are trying to get is really simple with the java crypto API:

public static byte[] signer(byte[] data, PrivateKey key) {
    Signature signer = Signature.getInstance("SHA256WithRSA", "BC");
    signer.initSign(key);
    signer.update(data);
    return signer.sign();
}