[英]How to get unsigned attributies from detached signature using BouncyCastle
[英]Convert .NET detached signature verification to bouncycastle
我正在尝试将以下代码(使用 .NET 的内置密码库)转换为 BouncyCastle。 不幸的是,在缺乏文档、与所有 Java BC 问题的混淆以及使用分离签名的不寻常之间,我无法弄清楚如何做到这一点。
.NET 代码:
1)我需要转换的代码:
var data = Encoding.ASCII.GetBytes("Hi!");
var signature = File.ReadAllText("Signature.p7s");
byte[] hashedDocument = HashAlgorithm.Create("SHA256").ComputeHash(data);
var cms = new SignedCms(new ContentInfo(hashedDocument), true);
cms.Decode(Convert.FromBase64String(signature));
cms.CheckSignature(true);
2) 生成 p7s 的代码:
var data = File.ReadAllBytes(fileToSign);
var hash = SHA256.Create().ComputeHash(data);
ContentInfo ci = new ContentInfo(hash);
SignedCms cms = new SignedCms(ci, true);
CmsSigner signer = new CmsSigner(new X509Certificate2(cert, pw));
signer.IncludeOption = X509IncludeOption.WholeChain;
signer.DigestAlgorithm = new Oid("sha256RSA");
signer.SignedAttributes.Add(new Pkcs9DocumentName(cert.SubjectName.Name));
signer.SignedAttributes.Add(new Pkcs9SigningTime());
cms.ComputeSignature(signer);
var enc = Convert.ToBase64String(cms.Encode());
File.WriteAllText(sigFile, enc);
我已经尝试过 BouncyCastle 的RsaDigestSigner
、 CmsSignedData
、 CmsSignedDataParser
和SignerUtilities.GetSigner("SHA-256withRSA")
(它只返回RsaDigestSigner
),但它们似乎都没有办法理解 p7s 文件并实际验证它适用于指定数据。
因此,考虑到您没有提供有关如何生成分离签名的示例,我不得不做出一些假设。
下面的代码在 .net Core 3.0 中运行。
using System;
using System.IO;
using System.Linq;
using System.Text;
using System.Security.Cryptography;
using System.Security.Cryptography.Pkcs;
using System.Security.Cryptography.X509Certificates;
namespace Whatever
{
class Program
{
static string cert = "MIIJmQIBA.... // This here is base64 encoded PFX for the purposes of the demo ONLY";
static string pwd = "password";
static void Main(string[] args)
{
var data = Encoding.ASCII.GetBytes("Hi!");
var hash = HashAlgorithm.Create("SHA256").ComputeHash(data);
var certificate = new X509Certificate2(Convert.FromBase64String(cert), pwd);
// So since I've no idea how you got p7s, i improvised here:
var cms = new SignedCms(new ContentInfo(hash), true); // true -> Detached
var signer = new CmsSigner(SubjectIdentifierType.SubjectKeyIdentifier, certificate);
cms.ComputeSignature(signer);
var data2 = cms.Encode();
// assuming this was in p7s file
var xx = Convert.ToBase64String(data2);
// this passes, this is the .Net validation from OP
var cms2 = new SignedCms(new ContentInfo(hash), true);
cms2.Decode(Convert.FromBase64String(xx));
cms2.CheckSignature(true);
// Same in bouncy castle:
BCUtil.Validate(certificate, hash, xx);
}
}
}
这是我们的BCUtil
class:
using System;
using Org.BouncyCastle.Cms;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.Security;
using System.IO;
using System.Linq;
namespace Whatever
{
public class BCUtil
{
public static void Validate(System.Security.Cryptography.X509Certificates.X509Certificate2 cert, byte[] hash, string whatToValidate)
{
// My understanding is that you always need a cert to validate a signature with BC, but you only need a PUBLIC key
var certificate = DotNetUtilities.FromX509Certificate(cert);
// hash here
var processable = new CmsProcessableByteArray(hash);
// and signature here, for full .Net convert to old using() {} syntax
using var str = new MemoryStream(Convert.FromBase64String(whatToValidate));
var cms = new CmsSignedData(processable, str);
var signers = cms.GetSignerInfos();
var signersCollection = signers.GetSigners();
foreach(var signer in signersCollection.Cast<SignerInformation>())
{
if (signer.Verify(certificate.GetPublicKey()))
{
Console.WriteLine("yes banana"); // pass
}
else
{
throw new Exception("no banana"); // fail
}
}
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.