CMS digital signature with JavaCard

Question

What I want

To create a detached digital signature in standard format (CMS / CAdES-EPES).

How I create digital signature now

I create hash from document (SHA-256), get hash algorithm ID and give it all into a message, that is sent to smartcard (JavaCard). Detached signature is generated for this message(RSA-512) and sent back. I am able to verify this signature using pure Java (so far no BouncyCastle) using code:

RSAPublicKey pubK = (RSAPublicKey) cert.getPublicKey();
Signature sig = Signature.getInstance("SHA256withRSA", "BC");
sig.initVerify(pubK);
//load signed file and update sig
...
sig.verify(signedMessage)

Problems

My goal is to get CMS(PKCS#7) signature from already signed data. Hovever, as mentioned here -> How can we Convert PKCS#1 to PKCS #7 if I have the Certificate? - it is not that easy to "convert" to CMS beacuse of signed attributes. Well, let's just say, I want to try it anyway (just to have backup solution). First I tried to use BouncyCastle. However, I couldn't find way to do it with already signed data and with no access to primary key (as it is on smartcard a CANNOT be exported). So i tried it with native java libraries like this:

X500Name xName = X500Name.asX500Name(cert.getSubjectX500Principal());
BigInteger serial   = cert.getSerialNumber();
AlgorithmId digestAlgorithmId = new AlgorithmId(AlgorithmId.SHA512_oid);
AlgorithmId signAlgorithmId = new AlgorithmId(AlgorithmId.RSAEncryption_oid);

//SignerInfo
SignerInfo sInfo = new SignerInfo(xName, serial, digestAlgorithmId, signAlgorithmId, signatureBytes);
//Create ContentInfo
ContentInfo cInfo = new ContentInfo(ContentInfo.DATA_OID, new DerValue(DerValue.tag_OctetString, dataToSign));
//create PKCS7 signature
PKCS7 p7 = new PKCS7(new AlgorithmId[] { digestAlgorithmId }, cInfo,
        new java.security.cert.X509Certificate[] { cert },
        new SignerInfo[] { sInfo });
//Write PKCS7 to bYteArray
ByteArrayOutputStream bOut = new DerOutputStream();
p7.encodeSignedData(bOut);
byte[] encodedPKCS7 = bOut.toByteArray();

This approach seems "not right" to me to be honest and I was not even able to verify it using PKCS7.verify() method (it returns null, which is unsuccessfull verification and no exceptions are thrown).

So my questions are:

1. Is there any way to get directly a CMS signature from JavaCard?
2. Is it possible to create CMS signature from already generated signature only with signers certificate (without acces to private key)?
3. Do you see any problem with "conversion" code above?
4. Do you know any tool, that can be used to verify detached signatures? (to be able to check my outcomes)

A was looking for answers for 2 weeks now and I am really desperate. Thanks for ANY kind of information/help.

Answer 1

(1) Is there any way to get directly a CMS signature from JavaCard?

As JavaCards are quite versatile if you are the one programming them, that just might be possible. The communication required to retrieve those CMS containers, though, would be quite proprietary, most likely only usable by your code (which can be good or bad for you; for the customer it generally is bad) and by code from people hacking your solution.

(2) Is it possible to create CMS signature from already generated signature only with signers certificate (without acces to private key)?

You can create very primitive CMS signature containers if you already have PKCS#1 signatures, cf. the question How can we Convert PKCS#1 to PKCS #7 if I have the Certificate you refer to.

If you intend to be interoperable with other signature verification software, though, such primitive signatures (which have a huge potential for manipulation) most likely will be rejected.

(3) Do you see any problem with "conversion" code above?

Please also supply sample PKCS#1 input signatures and sample CMS results. Furthermore, as @owlstead commented, You should not use Sun inner classes, they may be altered, renamed or even removed without further notice. (I actually would prefer to replace should by shall.)

(4) Do you know any tool, that can be used to verify detached signatures? (to be able to check my outcomes)

OpenSSL contains verification tools. Furthermore there are many web services providing signature verification services. Which of them would be appropriate for you, does very much depend on the PKI and legal environment of your signatures.