pkcs#7

Summarized and clarified: Using origami, extracting a certificate from a signed pdf (signed within e.g. Adobe Reader) I cannot verify the signature: origami = Origami::PDF.read(File.open('/path/to/file.pdf', 'r')) pdf_signature = origami.signature[:Contents] cert = OpenSSL::PKCS7.new(pdf_signature).certificates.first origami.verify(trusted_certs: [cert]) #=> false As far as I can tell, this should always be true. So maybe Adobe uses a different byte range that it takes a SHA of when signing the PDF? How do I get that verify to work? If it's any help, after tiptoing through the changes on

I'm trying to read certificate from smime.p7s file, the certificate chain is: Baltimora Cyber Trust --> DigitPA --> Aruba PEC So when i'm trying to extract, I retrieve only the last two certificate, the last like subject and the first like issuer. What am I wrong? the code: private List<CertificateInfo> reading(ASN1InputStream asn1Stream) throws IOException, CMSException, CertificateException { ArrayList<CertificateInfo> infos = new ArrayList<CertificateInfo>(); ASN1Primitive obj = asn1Stream.readObject(); ContentInfo contentInfo = ContentInfo.getInstance(obj); CMSSignedData cms = new

I create a pkcs7 block,and can verify myself, but the result is not the same with my partner who use OpenSSL.The p7 block I create cannot verify by my partner. we check the code carefully, just find the code which cannot find counterpart in c#, OPENSSL: signInfo->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption); Here is the code us C# in .net 4.0, can everyone know that how to Use RSAEncryption in p7 ? public static string Sign(byte[] data, X509Certificate2 certificate) { if (data == null) throw new ArgumentNullException("data"); if (certificate == null) throw new ArgumentNullException

I would like to achieve the same what this openssl command performs, but programmatically in Java: openssl pkcs7 -in toBeExported.p7c -inform DER -out certificate.pem -print_certs which means that I have a public key certificate (PKCS #7 Certificate) in DER format and I want to extract the raw certificate contained there to a Base64 file. Is there a way to do this? Something like FileInputStream is = new FileInputStream( "cert.pkcs7" ); CertificateFactory cf = CertificateFactory.getInstance( "X.509" ); Iterator i = cf.generateCertificates( is ).iterator(); while ( i.hasNext() ) { Certificate c

I'm trying to create a PKCS#7 signed message in C#. The digital signature is being computed separately in an HSM so I already have the value of the signature, I just want to create a PKCS#7 structure that contains it. I've looked into using the SignedCms in the System.Security.Cryptography.Pkcs namespace but this doesn't seem to have an option for providing a precomputed signature. What is the best way to generate a PKCS#7 structure in C# when I already have the value of the digital signature? AFAIK you cannot do that with "built-in" .NET classes. However I have created an example application

I need to decrypt text encrypted using AES/CBC/PKCS5Padding scheme. The encrypted text I got was generated using some Java software. All values below are changed by me to something fictional. What I get is a Key aHjgYFutF672eGIUGGVlgSETyM9VJj0K (256-bit = 32-chars * 8-bit) and IV: rxYoks3c8hRRsL2P (16-bit) and (I supposed) Base64 encoded encrypted result ETlAHS5ZcshKxQUaHVB8== What I need is to decrypt in Ruby this ETlAHS5ZcshKxQUaHVB8== to get in the and a simple string, like 'blablablabla' I tried to decrypt what I got using both Ruby and just common linux console openssl command. NOTE: Key