In http://msdn.microsoft.com/en-us/library/system.security.cryptography.pkcs(VS.85).aspx we can see that the following digital signature attributes are defined:
Of those, Pkcs9DocumentDescription and Pkcs9DocumentName are not present in the PKCS#9 specification. I have a Java application that uses Bouncy Castle and I want my app to be able to create digital signatures that have these two attributes.
So, I have two questions: how to do so? Should I do that?
You'll have to manually build the attributes using the OIDs, like so:
ObjectIdentifier dnOid = new ObjectIdentifier("1.3.6.1.4.1.311.88.2.1");
ObjectIdentifier ddOid = new ObjectIdentifier("1.3.6.1.4.1.311.88.2.2");
ASN1Set nameSet = new DERSet(new ASN1Encodable[] {new DERPrintableString("name")});
ASN1Set descriptionSet = new DERSet(new ASN1Encodable[] {new DERPrintableString("description"}));
Attribute documentName = new Attribute(dnOid, nameSet);
Attribute documentDescription = new Attribute(ddOid, descriptionSet);
I should point out that using DERPrintableString for the attribute value is my best guess. I can't find the documentation for indicating the correct type.
As for should you, well, there's nothing wrong with using Attributes which aren't from PKCS #9. You just shouldn't rely on an external system being able to use them.