Hello Guys, My name is Carlos Alberto Im working at the Bolsa de Valores (Stock Exchange, http://www.bmv.com.mx ) of México in some software that is going to be used for the non repudiation of the exchange instructions.
My team has put some pressure under supporting Firefox in our portal. But this time that got us into a problem, it seems that the PKCS #7 signature is different from Firefox than from IE and we haven´t being able to detect how is it different (rather than the most obvious places) for us to tweak our process. We are trying to validate the signature using an OS library named BouncyCastle but we have not being able to do that to the date. We think that it could be some salt or maybe the encoding but we can´t advance from where we are. Is there a way to simply emulate IE's signature... I'm pretty sure that the Firefox implementation is much better and that we are avoiding some other attack using this salt (I think is a Salt) but we are working with huge organizations that won´t easily change the way they are working... and that means we will need to use IE signature style. Do you happen to have some information about the differences from IE signed content and Firefox signed one? How to tweak firefox using javascript for that? Or any other information that could help us. Thank you very much, we really appreciate your help Carlos Alberto PD: I already tried to send this to 'dev-tech-crypto@lists.mozilla.org' but I got a cannot be reached error. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
