![](/img/trans.png)
[英]How to create a X509 certificate from Bouncy Castle for use with AuthenticateAsServer?
[英]CMS Signature X509 Certificate with Bouncy Castle
我需要將此.Net代碼轉換為BouncyCastle代碼,因為我需要在單聲道中使用
X509Certificate2 certFirmante = LoadCertFromFile("sign.p12");
ContentInfo infoContenido = new ContentInfo(argBytesMsg);
SignedCms cmsFirmado = new SignedCms(infoContenido);
CmsSigner cmsFirmante = new CmsSigner(argCertFirmante);
cmsFirmante.IncludeOption = X509IncludeOption.EndCertOnly;
cmsFirmado.ComputeSignature(cmsFirmante, true);
return cmsFirmado.Encode();
我嘗試使用此代碼,但簽名的數據不相同
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
CmsEnvelopedDataStreamGenerator dataGenerator = new CmsEnvelopedDataStreamGenerator();
dataGenerator.AddKeyTransRecipient(cert);
// Make the output stream
MemoryStream outStream = new MemoryStream();
// Sign the stream
Stream cryptoStream = dataGenerator.Open(outStream, CmsEnvelopedGenerator.Aes128Cbc);
BinaryWriter binWriter = new BinaryWriter(cryptoStream);
binWriter.Write(datos);
byte[] contenido = new byte[outStream.Length];
outStream.Read(contenido, 0, Convert.ToInt32(outStream.Length));
return contenido;
您想要的可能是這樣的:
byte[] Sign (byte[] argBytesMsg)
{
var signedData = new CmsSignedDataStreamGenerator ();
var x509certificate2 = LoadCertFromFile ("sign.p12");
var cert = DotNetUtilities.FromX509Certificate (x509certificate2);
var key = DotNetUtilities.GetKeyPair (x509certificate2.PrivateKey);
signedData.AddSigner (key.PrivateKey, cert, X509ObjectIdentifiers.IdSha1.Id, null, null);
signedData.AddCertificate (cert);
using (var memory = new MemoryStream ()) {
using (var stream = signedData.Open (memory, true))
stream.Write (argBytesMsg, 0, argBytesMsg.Length);
return memory.ToArray ();
}
}
順便說一句,您是否考慮過使用MimeKit而不是自己嘗試這樣做?
MimeKit使用BouncyCastle,因此是跨平台的,並且是完全開源的。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.