If you are signing unicode text, you could get some problems. SecCLab signs binary strings, so if the character binary code in Mozilla (the way javascript represents unicode characters) differs for the character binary code in Bouncy Castle, the verification fails. For example, if the body text has a character not supported by the form charset, mozilla sends it this way:
&xxxx;
where xxxx is the unicode value of the char. But in the client-side, when you access the body text from javascript code, you get the character binary code in the client computer.
You could try to sign a simple message with ASCII characters to check the server side verification.
Best regards
Luis
Petio Zaffirov escribi�:
Hi Luis, First thank you for the nice component.
We're able to verify the signature produced from the XUL form with BouncyCastle's JCE using their CMSSignedData method.
When we try to verify the signed text produced with CLABString it's unable to read the signature after base 64 decoding.
It says CMSException 'invalid signature format in message'.
I'm attaching the testform we're using for signing with CLABString.
Any hints ? Best regards, Mihail Daskalov and Petio Zafirov
------------------------------------------------------------------------
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
