有没有关于如何签名文件的好教程,并使用bouncycastle将其包装在asn1 pkcs7包中?
答案 0 :(得分:6)
过了一段时间,我在bouncyCastle应用程序的示例中找到了它的完成方式。
实际上,它比我在IText中找到的更简单直接(没有取出框架本身的亲切性)。
代码如下:
AsymmetricCipherKeyPair signaturePair;
X509Certificate signatureCert;
IList certList = new ArrayList();
IList crlList = new ArrayList();
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("I hate hello world!"));
certList.Add(signatureCert);
certList.Add(OrigCert);
crlList.Add(SignCrl);
IX509Store x509Certs = X509StoreFactory.Create(
"Certificate/Collection",
new X509CollectionStoreParameters(certList));
IX509Store x509Crls = X509StoreFactory.Create(
"CRL/Collection",
new X509CollectionStoreParameters(crlList));
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(signaturePair.Private, signatureCert, CmsSignedDataGenerator.DigestSha1);
gen.AddCertificates(x509Certs);
gen.AddCrls(x509Crls);
CmsSignedData signedData = gen.Generate(msg, true);
//saving in BER encoding
Stream stream = new MemoryStream(signedData.GetEncoded());