c# - How to create an pkcs7 block for key exchange only (bouncy castle) -


i trying create file containing pkcs 7 block. in container, need public key , signer info (no signed data!!!). have tried several alternatives without luck. code:

first signature info:

 list<x509certificate> certs = new list<x509certificate> { cert };  ix509store x509certs = x509storefactory.create(       "certificate/collection",       new x509collectionstoreparameters(certs));   var ias = new issuerandserialnumber(cert.issuerdn, cert.serialnumber);  signeridentifier sid = new signeridentifier(ias);  algorithmidentifier algodigid = new algorithmidentifiercmssignedgenerator.digestsha1);  algorithmidentifier algocryptid = new algorithmidentifier(cmssignedgenerator.encryptionrsa);   signerinfo si = new signerinfo(sid, algodigid, null, algocryptid,                                       new deroctetstring(contentsignature), null);

the contentsignature byte[] contains signed digest info.

now, when try create signeddata, goes down

  var signedcontent = new contentinfo(cmsobjectidentifiers.data, dernull.instance);   cmssigneddata csd = new cmssigneddata(signedcontent);

i not trying send info, key exchange , verification purposes. believe valid scenario somehow not work.

thanks help.

update:

more context.

i trying sign jar .net executable. have pretty done rest of process jarsigner creates pkcs7 file with:

  • contentinfo set type data , no content. far, making new contentinfo( cmsobjectidentifiers.data, null) throws exception while adding content info cmsdata

  • a signerinfo added, signerinfo includes signature derived jar's content.

as question related signing apk / jar file, answer in context.

assuming that:

you have performed following setup steps:

  1. generated valid manifest.mf
  2. generated valid cert.sf
  3. have valid pfx file loaded x509certificate2 variable named "cert"
  4. have binary contents of cert.sf file in byte array named "manifestsfbytes"

the following code generate valid detached pkcs7 signature cert.rsa content:

string oid_data = "1.2.840.113549.1.7.1";  // setup data sign contentinfo content = new contentinfo( new oid( oid_data ), manifestsfbytes ); signedcms signedcms = new signedcms( content, true ); cmssigner signer = new cmssigner( subjectidentifiertype.issuerandserialnumber, cert );  // create signature signedcms.computesignature( signer ); byte[] data = signedcms.encode();

this code relies on system.security.cryptography.pkcs namespace , not require bouncycastle.

what going on here raw content (signature file binary data) hashed , signed in 1 go computesignature() call.

therefore no "null contentinfo" tricks necessary i.e. contentinfo contains raw data signed , hashed unlike java implementation signs , hashes content prior pkcs7 generation.

hth

-(e)


Comments

Post a Comment

Popular posts from this blog

c# - SharpSVN - How to get the previous revision? -

i trying find efficient way previous revision of file text comparison using sharpsvn. using (svnclient c = new svnclient()) { c.authentication.defaultcredentials = new networkcredential( configurationmanager.appsettings.get("svnserviceusername") , configurationmanager.appsettings.get("svnservicepassword") , configurationmanager.appsettings.get("svnservicedomain") ); c.authentication.sslservertrusthandlers += new eventhandler<svnsslservertrusteventargs>(authentication_sslservertrusthandlers); collection<svnfileversioneventargs> fileversioncollection = new collection<svnfileversioneventargs>(); svnrevisionrange range = new svnrevisionrange(0, this.hooks.revision); svnfileversionsargs args = new svnfileversionsargs(); args.retrieveproperties = true; args.range = range; foreach (svnchangeitem item in log.changedpaths) { string path = this.repositorypath + it...
Read more

c++ - Is it possible to compile a VST on linux? -

for class project i'm attempting write vst plugin backed cuda. current cuda workflow on linux box, i'd prefer compile , link there. according wikipedia , should possible (i couldn't find steinberg documentation relevant linux) can't find makefile or instructions on how build if aren't using xcode or visual studio. i'm vst 3 sdk doesn't support linux. when try compile plugin under linux, error: ./base/source/fatomic.cpp:39:30: fatal error: libkern/osatomic.h: no such file or directory this issue caused following code in "vst3 sdk/base/source/fatomic.cpp" #if mac #include <libkern/osatomic.h> #if mac_os_x_version_min_required > mac_os_x_version_10_4 #define native_atomic_type (volatile int32_t*) #else #define native_atomic_type (int32_t*) #endif #elif windows #include <windows.h> #endif but hope compiling under linux work vst sdk 2.4. reading. jvstwrapper seems run on lin...
Read more

url - Querystring manipulation of email Address in PHP -

i using third party application (email2http) send me emailid, body , message. unable retrieve email id due name appended on , enclosed < , >. here querystring getting. test.php?from=ajay+reddy &subject=cx&body=somebody when print variable in php returns name , not email id. $from = $_get['from']; echo $from; //output ajay reddy please suggest me how can emailid also. i dont want use post method due testing , debugging. it's working fine. forgot use htmlentities() in debugging.
Read more