pkcs#7

问题 I was trying to copy this line openssl smime -sign -signer <chain_crt_file> -in <infile> -out <outfile> -inkey <privatekey> -outform der into C# However it didn't turn out to be as easy as I thought. So far I came only this point OpenSSL.Core.BIO crtBio = OpenSSL.Core.BIO.File("C:/asl/chain.crt", "r"); OpenSSL.Core.BIO keyBio = OpenSSL.Core.BIO.File("C:/asl/keydec.txt", "r"); OpenSSL.X509.X509Chain crt = new OpenSSL.X509.X509Chain(crtBio); OpenSSL.Crypto.RSA key = OpenSSL.Crypto.RSA

问题 i have a usb cryptotoken and able to sign data and pack it in pkcs file. then i can extract certificate and data from that file using openssl as follows: openssl cms -verify -in signature.p7s -inform DER -noverify -outform DER -signer cert.pem -out textdata so my question is how to do the same using python (pyopenssl)? i've tried to do as described here, but there is different case - i have attached signature and do not have separate signature and certificate file - i have ASN.1 encoded file,

问题 I would like to achieve the same what this openssl command performs, but programmatically in Java: openssl pkcs7 -in toBeExported.p7c -inform DER -out certificate.pem -print_certs which means that I have a public key certificate (PKCS #7 Certificate) in DER format and I want to extract the raw certificate contained there to a Base64 file. Is there a way to do this? 回答1: Something like FileInputStream is = new FileInputStream( "cert.pkcs7" ); CertificateFactory cf = CertificateFactory

问题 I create a pkcs7 block,and can verify myself, but the result is not the same with my partner who use OpenSSL.The p7 block I create cannot verify by my partner. we check the code carefully, just find the code which cannot find counterpart in c#, OPENSSL: signInfo->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption); Here is the code us C# in .net 4.0, can everyone know that how to Use RSAEncryption in p7 ? public static string Sign(byte[] data, X509Certificate2 certificate) { if (data ==

问题 I have a crypto/php question, I was hoping someone could help me with. My issue is that I have a signed PKCS7 block that I am trying to verify in PHP. However, when I run the following PHP command: openssl_pkcs7_verify($myfile, PKCS7_BINARY | PKCS7_NOVERIFY, $signers_file); I get the following error: PKCS7 routines:SMIME_read_PKCS7:no content type If I do it using ruby like so: p7container = OpenSSL::PKCS7.new(file_contents); mystore = OpenSSL::X509::Store.new p7container.verify(nil, store,

问题 I have a web application where some data (not file) needs to be digitally signed using a PKI Private Key. The PKI Certificate & Private Key will be in a USB Cryptotoken which registers the certificates with the browser when inserted into the USB slot. This eases the pain of doing authentication using the certificate because I do that by trigerring ssl-renegotiation in my Application. However, using a certificate for digital signing seems to be a bit more tricky. I can think of several ways to

问题 I am signing message using digital certificate in a asp.net web service using below code. Signing is working fine expect signedMessage.ComputeSignature line is taking up to 30 to 40 seconds because of this i am face timeout exception. The same code when i am running under windows forms application is producing result in fraction of second. Any clue or help. public static string Encrypt(string fullMessage, string certificateName, bool deAttch) { X509Certificate2 signer = GetCertificate

问题 I've got PKCS#7 Der formatted file called p7 and an x509 certificate file called mroot.der.cer which matches the root certificate of p7 chain. I'd like to verify my p7 certificate chain using openssl using the following commands : First - convert my mroot trusted cert file to pem format. openssl x509 -in mroot.der.cer -inform der -outform PEM -out mroot.pem.cer Second - verify the root chain using mroot.pem.cer openssl smime -verify -CAfile mroot.pem.cer -in p7 -inform DER -out blabla However

问题 I need to transfer data between WCF service and UWP app. So I sign and verify data after receive data. I have a problem. The signed data result in WCF is differences in UWP app.(Of course, I can't verify data) This is my source code: // WCF private String Sign(string Message) { ContentInfo cont = new ContentInfo(Encoding.UTF8.GetBytes(Message)); SignedCms signed = new SignedCms(cont, true); _SignerCert = new X509Certificate2("Path", "Password"); CmsSigner signer = new CmsSigner(_SignerCert);

问题 Summarized and clarified: Using origami, extracting a certificate from a signed pdf (signed within e.g. Adobe Reader) I cannot verify the signature: origami = Origami::PDF.read(File.open('/path/to/file.pdf', 'r')) pdf_signature = origami.signature[:Contents] cert = OpenSSL::PKCS7.new(pdf_signature).certificates.first origami.verify(trusted_certs: [cert]) #=> false As far as I can tell, this should always be true. So maybe Adobe uses a different byte range that it takes a SHA of when signing