1. 首頁
  2. 問答
  3. 使用SHA-256算法簽署文件

使用SHA-256算法簽署文件

2016-03-10 63 views
0

我有一個函數可以用X509Certificate2證書對XML文件進行簽名。我的問題是簽名被插入爲SHA-1和SHA-256。我在代碼中做了什麼錯誤?使用SHA-256算法簽署文件

CmsSigner cms = new CmsSigner(oCert); 
//if apply this row receive unknow error! 
//cms.DigestAlgorithm = new Oid("2.16.840.1.101.3.4.2.1"); 

ContentInfo ci = new ContentInfo(File.ReadAllBytes(cFileXml)); 
SignedCms cmssigned = new SignedCms(ci); 
cmssigned.ComputeSignature(cms); 
byte[] encodedmessage = cmssigned.Encode(); 

File.WriteAllBytes(cFile + ".p7m", encodedmessage);

來源

2016-03-10 Carlo Greco

+1

確實[這](http://stackoverflow.com/questions/5704906/digital-sign-from-sha1-to-sha256)幫助? –

+0

所以我必須用充氣城堡來做到這一點? 謝謝 –

+0

什麼是「充氣城堡」,這與您的問題有什麼關係? –

回答

0

我對自己說。這是簡單的解決方案:

   string PIN = Leo.LeggiFirmacert(); 
      System.Security.SecureString SecurePIN = new System.Security.SecureString(); 
      foreach (char ch in PIN) 
      { SecurePIN.AppendChar(ch); } 
      var rsa = (RSACryptoServiceProvider)cert.PrivateKey; 
      string ContinerName = rsa.CspKeyContainerInfo.KeyContainerName; 
      string CspName = rsa.CspKeyContainerInfo.ProviderName; 
      int CspType = rsa.CspKeyContainerInfo.ProviderType; 
      CspParameters csp = new CspParameters(CspType, CspName, ContinerName, new System.Security.AccessControl.CryptoKeySecurity(), SecurePIN); 
      SHA256Managed hashSha256 = new SHA256Managed(); 
      byte[] certHash = hashSha256.ComputeHash(cert.RawData); 
      EssCertIDv2 essCert1 = new EssCertIDv2(new Org.BouncyCastle.Asn1.X509.AlgorithmIdentifier("2.16.840.1.101.3.4.2.1"), certHash); 
      SigningCertificateV2 scv2 = new SigningCertificateV2(new EssCertIDv2[] { essCert1 }); 

      Org.BouncyCastle.Asn1.Cms.Attribute CertHAttribute = new Org.BouncyCastle.Asn1.Cms.Attribute(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASigningCertificateV2, new DerSet(scv2)); 
      Asn1EncodableVector v = new Asn1EncodableVector(); 
      v.Add(CertHAttribute); 
      Org.BouncyCastle.Asn1.Cms.AttributeTable AT = new Org.BouncyCastle.Asn1.Cms.AttributeTable(v); 
      CmsSignedDataGenWithRsaCsp cms = new CmsSignedDataGenWithRsaCsp(); 
      Org.BouncyCastle.Crypto.AsymmetricKeyParameter keyParameter = null; 
      Org.BouncyCastle.X509.X509Certificate certCopy = DotNetUtilities.FromX509Certificate(cert); 
      cms.MyAddSigner(rsa, certCopy, keyParameter, "1.2.840.113549.1.1.1", "2.16.840.1.101.3.4.2.1", AT, null); 
      ArrayList certList = new ArrayList(); 
      certList.Add(certCopy); 
      Org.BouncyCastle.X509.Store.X509CollectionStoreParameters PP = new Org.BouncyCastle.X509.Store.X509CollectionStoreParameters(certList); 

      Org.BouncyCastle.X509.Store.IX509Store st1 = Org.BouncyCastle.X509.Store.X509StoreFactory.Create("CERTIFICATE/COLLECTION", PP); 

      cms.AddCertificates(st1); 

      FileInfo File__1 = new FileInfo(NomeFile); 
      CmsProcessableFile file__2 = new CmsProcessableFile(File__1); 
      CmsSignedData Firmato = cms.Generate(file__2, true); 
      byte[] Encoded = Firmato.GetEncoded(); 
      RisFirma = ""; 

      return Encoded;

來源

2016-03-11 08:48:43

相關問題

 相關問題