Unknown signature algorithm exception when using a real eHealth certificate.


I'm trying to seal a file using a DataSealer that I've created, which uses a 'real eHealth certificate'.
The seal method throws an exception saying:
unknown signature algorithm.Org.BouncyCastle.Security.SecurityUtilityException: Signer SHA256WITHRSASSA-PSS not recognised.
This exception is thrown in the BouncyCastle assembly, and indeed, there's no reference in the GetSigner method of such algorithm.
When I execute the unit-tests that can be found in the Siemens.EHealth.Etee.Crypto project, they all run successfully ...
Closed Nov 24, 2010 at 2:09 PM by Reno2


egelke wrote Nov 23, 2010 at 7:45 PM

Can you post the entire stack trace?

FrederikGheysels wrote Nov 24, 2010 at 7:17 AM

Very strange, I had this issue on a virtual machine (Windows XP).
When using the library on my workstation (Windows 7), it works without any problems. Using it on another XP VM works as well, so I think the issue is due because of a problem in the VM.

Anyway, the complete stacktrace:
The exception is thrown in the SignerUtilities.GetSigner method that exists in the BouncyCastle.Crypto library.

at Org.BouncyCastle.Cms.CmsSignedDataStreamGenerator.CmsSignedDataOutputStream.Close()
at Siemens.EHealth.Etee.Crypto.Encrypt.TripleWrapper.Sign(Stream signed, Stream unsigned, Boolean includeSigner)
at Siemens.EHealth.Etee.Crypto.Encrypt.TripleWrapper.SealSemiOptimized(ITempStreamFactory factory, Stream unsealedStream, ICollection`1 tokens, SecretKey key)
at Siemens.EHealth.Etee.Crypto.Encrypt.TripleWrapper.Seal(EncryptionToken token, Byte[] unsealed)
at Corilus.eHealthEtee.CryptoService.Encrypt(X509Certificate2 authenticationCertificate, Etk etk, String[] filesToEncrypt) in C:\Development\Corilus.eHealthEtee\devtrunk\source\Corilus.eHealthEtee\Corilus.eHealthEtee\CryptoService.cs:line 50
at Corilus.eHealthEtee.CryptoTool.MainForm.btnEncrypt_Click(Object sender, EventArgs e) in C:\Development\Corilus.eHealthEtee\devtrunk\source\Corilus.eHealthEtee\Corilus.eHealthEtee.CryptoTool\MainForm.cs:line 60
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(Int32 dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.Run(Form mainForm)
at Corilus.eHealthEtee.CryptoTool.Program.Main() in C:\Development\Corilus.eHealthEtee\devtrunk\source\Corilus.eHealthEtee\Corilus.eHealthEtee.CryptoTool\Program.cs:line 16
at System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args)
at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()

wrote Nov 24, 2010 at 10:40 AM

wrote Nov 24, 2010 at 2:09 PM

Resolved with changeset 3908.

egelke wrote Nov 24, 2010 at 2:16 PM

The problem isn't VM, but the version of Windows. Probably the XP in the VM was older then the XP on the machine (e.g. different service pack).

The issue with XP is that it does not know all algorithms (and we use windows to retreive the algorithms ids). We already explicitly defined the ids for the algorimths that where unknown on our XP. It is very lickely that older version of XP have even less known algorithms. Therefore we now explicitly specify the ids of all algorithms.

wrote Feb 13, 2013 at 2:13 AM

wrote May 15, 2013 at 12:55 AM