pkcs#7

问题 I'm trying to add the signing time attribute to a file that I am signing using SignedCMS. private byte[] signFile(byte[] fileContent, X509Certificate2 verificationCert) { ContentInfo contentInfo = new ContentInfo(fileContent); SignedCms signedCMS = new SignedCms(contentInfo); CmsSigner cmsSigner = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, verificationCert); Oid signedDate = new Oid("1.2.840.113549.1.9.5"); //oid for PKCS #9 signing time signedDate.Value = DateTime.Now

问题 I'm trying to add the signing time attribute to a file that I am signing using SignedCMS. private byte[] signFile(byte[] fileContent, X509Certificate2 verificationCert) { ContentInfo contentInfo = new ContentInfo(fileContent); SignedCms signedCMS = new SignedCms(contentInfo); CmsSigner cmsSigner = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, verificationCert); Oid signedDate = new Oid("1.2.840.113549.1.9.5"); //oid for PKCS #9 signing time signedDate.Value = DateTime.Now

问题 I'm writing a Java web service that signs PDF documents with iText from some clients in the network. Documents are being signed correctly, and can be verified with external tools. However, due to some legal restrictions in order to store this document in an official documentary repository I have to provide the hash/digest message from the signature. I have tried almost anything to get to that hash, but the closest that I can get is to obtain the whole signature (CERT+HASH/DIGEST+TIMESTAMP) as

问题 I'm trying to implement a SAML SSO solution in .Net, but I'm having a problem parsing the assertion. I have a sample assertion (looks like byte[] data as text) and corresponding .p7b file. I want to load the keys from the .p7b and decrypt the assertion to an XML document. So far I think I'm reading the keys correctly: // get the key data byte[] certificateData = System.IO.File.ReadAllBytes("myKeys.p7b"); // decode the keys var cms = new SignedCms(SubjectIdentifierType.IssuerAndSerialNumber);

问题 I have a PKCS7 signature which i can get parsed contents from with openssl pkcs7 -inform DER -in signature.pkcs7 -print_certs -text But how do archieve the same output with PHPs openssl functions? Edit. I succeeded in creating a correct PEM file with the following function: function der2pem($der_data, $type="CERTIFICATE") { $pem = chunk_split(base64_encode($der_data), 64, "\n"); $pem = "-----BEGIN $type-----\n".$pem."-----END $type-----\n"; return $pem; } $data = der2pem($der_data, "PKCS7");

问题 I need to encrypt and sign data using PKCS7(CMS) . I am using bouncy castle provided api to achieve this using java . Till now what i understood is i need to follow these steps Need to generate a key pair private & public key using some algorithm say RSA Certify it with X509 certificate Convert it into PKCS7 key format like p7b Generate java key store using keytool some *.jks file Generate the Certificate Signing Request (CSR) using keytool command *.crt Become self CA(Certificate Autority)

问题 In this RailsCast on PayPal it shows you how to encrypt a URL parameter before sending it to PayPal. PAYPAL_CERT_PEM = File.read("#{Rails.root}/certs/paypal_cert.pem") APP_CERT_PEM = File.read("#{Rails.root}/certs/app_cert.pem") APP_KEY_PEM = File.read("#{Rails.root}/certs/app_key.pem") def encrypt_for_paypal(values) signed = OpenSSL::PKCS7::sign(OpenSSL::X509::Certificate.new(APP_CERT_PEM), OpenSSL::PKey::RSA.new(APP_KEY_PEM, ''), values.map { |k, v| "#{k}=#{v}" }.join("\n"), [], OpenSSL:

问题 I have a List of Byte arrays (representing each certificate from a chain), in PEM format, and I would like to know if there's a way to convert these to a unique PKCS7 formatted String, in Java. Thank you in advance. 回答1: This is an example to build a PKCS#7 file using a X509Certificate[] array based on this answer. It does not require the private key //Export a certificate list to PKCS#7 public static byte[] exportCertificatesAsPkcs7(X509Certificate certs[]) throws Exception { List certList =

问题 I have a pkcs7 file, and I want to load it and extract its contents. I tried these two methods: byte[] bytes = Files.readAllBytes(Paths.get("myfile.p7b")); FileInputStream fi = new FileInputStream(file); //Creating PKCS7 object PKCS7 pkcs7Signature = new PKCS7(bytes); or this FileInputStream fis = new FileInputStream(new File("myfile.p7b")); PKCS7 pkcs7Signature = new PKCS7(fis); but I got IOException: Sequence tag error So how can I load this .p7b file ? 回答1: Finally I did it with

问题 I have a CA issued CERT in PKCS#7 format. It has certificates (chained) within it. Keytool does not recognize the PKCS7 format. I have tried OpenSSL tool to convert PKCS7 format certificate to PEM format and it fails. I receive an error message "Unable to load PKCS7 object". How do I import the PKCS7 cert chain to my JKS? 回答1: As you can read in the keytool reference for -importcert command: Reads the certificate or certificate chain (where the latter is supplied in a PKCS#7 formatted reply)