在C#中生成存折传递签名文件

时间:2014-01-20 13:10:01

标签: c# passbook

  1. 应用程序是关于通过C#生成通行证(Iphone中的Passbook App)。
  2. 我已下载Pass证书和AppleWWDRCA证书。
  3. 要生成传递,我可以生成pass.json和manifest.json。
  4. 但是,当我使用签名证书和manifest.json生成PKCS 7分离签名文件时,iphone中的Passbook应用程序无法识别它。
  5. 我在MAC中使用openssl生成了分离的签名文件,工作正常并安装在Passbook中。
  6. 我已下载通行证和AppleWWDRCA证书
  7. 任何人都可以帮助我逐步创建c#中的签名文件和使用的方法

    8. 我已将证书存储在本地文件夹中,而不是存储在Windows本地存储中。我以前在windows本地商店试过但是没有用。

    下面的

    是用于签名的方法,

     X509Certificate2 card = GetCertificate(); //Fetches the pass certificate   
X509Certificate2 appleCA = GetAppleCertificate();  //Fetches the AppleWWDRCA certificate    
    byte[] manifestbytes = Encoding.ASCII.GetBytes(manifest);
            ContentInfo contentinfo = new ContentInfo(manifestbytes);
            SignedCms signedCms = new SignedCms(contentinfo, true);
            var signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber,card);
            signer.Certificates.Add(new X509Certificate2(appleCA));
            signer.IncludeOption = X509IncludeOption.WholeChain;
            signer.SignedAttributes.Add(new Pkcs9SigningTime());
            signedCms.ComputeSignature(signer);
            signatureFile = signedCms.Encode();
            return signatureFile;

1 个答案:

答案 0 :(得分:4)

我创建了一个用于生成这些传递的开源C#库。

https://github.com/tomasmcguinness/dotnet-passbook

这是我用来执行文件签名的代码(它使用BouncyCastle)

// Load your pass type identifier certificate
X509Certificate2 card = GetCertificate(request);

Org.BouncyCastle.X509.X509Certificate cert = DotNetUtilities.FromX509Certificate(card);
Org.BouncyCastle.Crypto.AsymmetricKeyParameter privateKey = DotNetUtilities.GetKeyPair(card.PrivateKey).Private;

// Load the Apple certificate
X509Certificate2 appleCA = GetAppleCertificate(request);
X509.X509Certificate appleCert = DotNetUtilities.FromX509Certificate(appleCA);


ArrayList intermediateCerts = new ArrayList();

intermediateCerts.Add(appleCert);
intermediateCerts.Add(cert);

Org.BouncyCastle.X509.Store.X509CollectionStoreParameters PP = new Org.BouncyCastle.X509.Store.X509CollectionStoreParameters(intermediateCerts);
Org.BouncyCastle.X509.Store.IX509Store st1 = Org.BouncyCastle.X509.Store.X509StoreFactory.Create("CERTIFICATE/COLLECTION", PP);

CmsSignedDataGenerator generator = new CmsSignedDataGenerator();

generator.AddSigner(privateKey, cert, CmsSignedDataGenerator.DigestSha1);
generator.AddCertificates(st1);

CmsProcessable content = new CmsProcessableByteArray(manifestFile);
CmsSignedData signedData = generator.Generate(content, false);

signatureFile = signedData.GetEncoded();

我希望这会有所帮助。

相关问题
最新问题