将时间戳添加到数字签名
[英]Add TimeStamp to digital signature
问题描述
I have a code to sign a string with A1 certificate successfull usin C#. 
我有一个代码可以在C#中成功使用A1证书对字符串进行签名。 I need to add a TimeStamp to this signature. 我需要为该签名添加一个时间戳。 This TimeStamp need went from a TimeStamp server like http://www.cryptopro.ru/tsp/tsp.srf I can't figure out how to put the TimeStamp to the signature. 时间戳需求来自诸如http://www.cryptopro.ru/tsp/tsp.srf之类的时间戳服务器,我无法弄清楚如何将时间戳添加到签名中。 It's not a PDF sign, it's string sign. 它不是PDF符号,而是字符串符号。 Anyone can help me please? 有人可以帮我吗?
Code used to sign: 用于签名的代码:
private byte[] Sign(string text)
{
// Find the certificate we’ll use to sign
X509Certificate2 cert = new X509Certificate2(@"C:\Users\1000084016.pfx", "Password");
RSACryptoServiceProvider csp = null;
// Get its associated CSP and private key
csp = (RSACryptoServiceProvider)cert.PrivateKey;
// Hash the data
SHA1Managed sha1 = new SHA1Managed();
UnicodeEncoding encoding = new UnicodeEncoding();
byte[] data;
data = encoding.GetBytes(text);
byte[] hash = sha1.ComputeHash(data);
// Sign the hash
return csp.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"));
}
1 个解决方案
解决方案1
0 2017-07-17 06:20:59
A timestamp is issued by a external Time Stamp Provider using RFC3161 on a application/timestamp-query containing a hash. 外部时间戳记提供程序使用RFC3161在包含哈希的application/timestamp-query上发布application/timestamp-query 。 You can build the request using BouncyCastle (See example here ) 您可以使用BouncyCastle构建请求(请参见此处的示例)
To embed the timestamp result into the signature you can't use a basic RSA result. 要将时间戳结果嵌入签名中,您不能使用基本的RSA结果。 You need to use an advanced signature container like CMS (binary) o XMLDsig(XML) and add the timestamp as an unsigned attribute. 您需要使用CMS(二进制)或XMLDsig(XML)之类的高级签名容器,并将时间戳记添加为未签名的属性。 See here an implementation using CMS 请参阅此处使用CMS的实现
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.