使用SHA-256算法签名文件

时间:2016-03-10 09:49:46

标签: c# sha256

我有一个使用X509Certificate2证书签署XML文件的功能。我的问题是签名插入为SHA-1和SHA-256。我的代码中我做错了什么?

CmsSigner cms = new CmsSigner(oCert);
//if apply this row receive unknow error!
//cms.DigestAlgorithm = new Oid("2.16.840.1.101.3.4.2.1"); 

ContentInfo ci = new ContentInfo(File.ReadAllBytes(cFileXml));
SignedCms cmssigned = new SignedCms(ci);
cmssigned.ComputeSignature(cms);
byte[] encodedmessage = cmssigned.Encode();

File.WriteAllBytes(cFile + ".p7m", encodedmessage);

1 个答案:

答案 0 :(得分:0)

我对自己说。这是简单的解决方案:

                string PIN = Leo.LeggiFirmacert();
            System.Security.SecureString SecurePIN = new System.Security.SecureString();
            foreach (char ch in PIN)
            { SecurePIN.AppendChar(ch); }
            var rsa = (RSACryptoServiceProvider)cert.PrivateKey;
            string ContinerName = rsa.CspKeyContainerInfo.KeyContainerName;
            string CspName = rsa.CspKeyContainerInfo.ProviderName;
            int CspType = rsa.CspKeyContainerInfo.ProviderType;
            CspParameters csp = new CspParameters(CspType, CspName, ContinerName, new System.Security.AccessControl.CryptoKeySecurity(), SecurePIN);
            SHA256Managed hashSha256 = new SHA256Managed();
            byte[] certHash = hashSha256.ComputeHash(cert.RawData);
            EssCertIDv2 essCert1 = new EssCertIDv2(new Org.BouncyCastle.Asn1.X509.AlgorithmIdentifier("2.16.840.1.101.3.4.2.1"), certHash);
            SigningCertificateV2 scv2 = new SigningCertificateV2(new EssCertIDv2[] { essCert1 });

            Org.BouncyCastle.Asn1.Cms.Attribute CertHAttribute = new Org.BouncyCastle.Asn1.Cms.Attribute(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASigningCertificateV2, new DerSet(scv2));
            Asn1EncodableVector v = new Asn1EncodableVector();
            v.Add(CertHAttribute);
            Org.BouncyCastle.Asn1.Cms.AttributeTable AT = new Org.BouncyCastle.Asn1.Cms.AttributeTable(v);
            CmsSignedDataGenWithRsaCsp cms = new CmsSignedDataGenWithRsaCsp();
            Org.BouncyCastle.Crypto.AsymmetricKeyParameter keyParameter = null;
            Org.BouncyCastle.X509.X509Certificate certCopy = DotNetUtilities.FromX509Certificate(cert);
            cms.MyAddSigner(rsa, certCopy, keyParameter, "1.2.840.113549.1.1.1", "2.16.840.1.101.3.4.2.1", AT, null);
            ArrayList certList = new ArrayList();
            certList.Add(certCopy);
            Org.BouncyCastle.X509.Store.X509CollectionStoreParameters PP = new Org.BouncyCastle.X509.Store.X509CollectionStoreParameters(certList);

            Org.BouncyCastle.X509.Store.IX509Store st1 = Org.BouncyCastle.X509.Store.X509StoreFactory.Create("CERTIFICATE/COLLECTION", PP);

            cms.AddCertificates(st1);

            FileInfo File__1 = new FileInfo(NomeFile);
            CmsProcessableFile file__2 = new CmsProcessableFile(File__1);
            CmsSignedData Firmato = cms.Generate(file__2, true);
            byte[] Encoded = Firmato.GetEncoded();
            RisFirma = "";

            return Encoded;