如何在 TimeStampToken (Bouncy Castle) 中获取签名
How do I get the signature in a TimeStampToken (Bouncy Castle)
根据 RFC 3852(和 RFC 3161),我了解到签名值存储为 TimestampToken(这是一种签名数据内容类型)的 SignerInfo 类型的属性。
如何从 Bouncy Castle 的 TimeStampToken 实例(在 C# 中)获取签名值?
您可以将 class 与辅助方法一起使用:
public static class TimeStampTokenHelper
{
public static IEnumerable<SignedData> GetTimeStampTokensAsSignedData(byte[] input)
{
var cmsInputStream = new Asn1InputStream(input);
var asn1Object = cmsInputStream.ReadObject();
Assert.IsNotNull(asn1Object);
var rootSequence = Asn1Sequence.GetInstance(asn1Object);
var signedData = GetSignedData(rootSequence);
return GetTimeStampTokensFromSignedData(signedData);
}
private static SignedData GetSignedData(Asn1Sequence sequence)
{
var rootContent = ContentInfo.GetInstance(sequence);
Assert.That(rootContent.ContentType.Id, Is.EqualTo("1.2.840.113549.1.7.2")); // signedData
var signedData = SignedData.GetInstance(rootContent.Content);
return signedData;
}
private static IEnumerable<SignedData> GetTimeStampTokensFromSignedData(SignedData signedData)
{
return GetTimeStampTokensFromSignerInfos(signedData.SignerInfos);
}
private static IEnumerable<SignedData> GetTimeStampTokensFromSignerInfos(Asn1Set signerInfos)
{
var timestampTokens = signerInfos
.OfType<Asn1Sequence>()
.SelectMany(GetTimeStampTokensFromSignerInfo);
return timestampTokens;
}
private static IEnumerable<SignedData> GetTimeStampTokensFromSignerInfo(Asn1Sequence signerInfoSequence)
{
var signerInfo = SignerInfo.GetInstance(signerInfoSequence);
var result = signerInfo.UnauthenticatedAttributes.ToArray()
.Select(Asn1Sequence.GetInstance)
.Where(x => ((DerObjectIdentifier)x.GetObjectAt(0)).Id == "1.2.840.113549.1.9.16.2.14")
.Select(x => GetSignedData(Asn1Sequence.GetInstance(Asn1Set.GetInstance(x.GetObjectAt(1)).GetObjectAt(0))));
return result;
}
TimeStampTokenHelper.GetTimeStampTokensAsSignedData 辅助方法将提取时间戳标记作为 SignedData 结构。您可以使用返回的 SignedData 数据做任何您想做的事情。
以下是如何从 SignerInfo 中提取签名的示例:
var signatures = TimeStampTokenHelper.GetTimeStampTokensAsSignedData(cadesTBytes)
.SelectMany(token => token.SignerInfos.ToArray().Select(SignerInfo.GetInstance))
.Select(signerInfo => signerInfo.EncryptedDigest);
最后提示:
- 您可以使用 free online ASN.1 viewer 深入了解 Cades T 签名的结构
- 您可以使用
Org.BouncyCastle.Asn1.Utilities.Asn1Dump.DumpAsString 方法转储 Bouncycastle 的 ASN.1 对象的字符串表示形式
希望对您有所帮助。
我能够使用这个获得签名:
CmsSignedData tsTokenCms = timestampToken.ToCmsSignedData();
SignerInformationStore signerInfoStore = tsTokenCms.GetSignerInfos();
SignerInformation signerInfo = signerInfoStore.GetFirstSigner(timestampToken.SignerID);
byte[] signatureBytes = signerInfo.GetSignature();
string signatureString = BitConverter.ToString(signatureBytes);
Console.WriteLine("Signature is: " + signatureString);
根据 RFC 3852(和 RFC 3161),我了解到签名值存储为 TimestampToken(这是一种签名数据内容类型)的 SignerInfo 类型的属性。
如何从 Bouncy Castle 的 TimeStampToken 实例(在 C# 中)获取签名值?
您可以将 class 与辅助方法一起使用:
public static class TimeStampTokenHelper
{
public static IEnumerable<SignedData> GetTimeStampTokensAsSignedData(byte[] input)
{
var cmsInputStream = new Asn1InputStream(input);
var asn1Object = cmsInputStream.ReadObject();
Assert.IsNotNull(asn1Object);
var rootSequence = Asn1Sequence.GetInstance(asn1Object);
var signedData = GetSignedData(rootSequence);
return GetTimeStampTokensFromSignedData(signedData);
}
private static SignedData GetSignedData(Asn1Sequence sequence)
{
var rootContent = ContentInfo.GetInstance(sequence);
Assert.That(rootContent.ContentType.Id, Is.EqualTo("1.2.840.113549.1.7.2")); // signedData
var signedData = SignedData.GetInstance(rootContent.Content);
return signedData;
}
private static IEnumerable<SignedData> GetTimeStampTokensFromSignedData(SignedData signedData)
{
return GetTimeStampTokensFromSignerInfos(signedData.SignerInfos);
}
private static IEnumerable<SignedData> GetTimeStampTokensFromSignerInfos(Asn1Set signerInfos)
{
var timestampTokens = signerInfos
.OfType<Asn1Sequence>()
.SelectMany(GetTimeStampTokensFromSignerInfo);
return timestampTokens;
}
private static IEnumerable<SignedData> GetTimeStampTokensFromSignerInfo(Asn1Sequence signerInfoSequence)
{
var signerInfo = SignerInfo.GetInstance(signerInfoSequence);
var result = signerInfo.UnauthenticatedAttributes.ToArray()
.Select(Asn1Sequence.GetInstance)
.Where(x => ((DerObjectIdentifier)x.GetObjectAt(0)).Id == "1.2.840.113549.1.9.16.2.14")
.Select(x => GetSignedData(Asn1Sequence.GetInstance(Asn1Set.GetInstance(x.GetObjectAt(1)).GetObjectAt(0))));
return result;
}
TimeStampTokenHelper.GetTimeStampTokensAsSignedData 辅助方法将提取时间戳标记作为 SignedData 结构。您可以使用返回的 SignedData 数据做任何您想做的事情。
以下是如何从 SignerInfo 中提取签名的示例:
var signatures = TimeStampTokenHelper.GetTimeStampTokensAsSignedData(cadesTBytes)
.SelectMany(token => token.SignerInfos.ToArray().Select(SignerInfo.GetInstance))
.Select(signerInfo => signerInfo.EncryptedDigest);
最后提示:
- 您可以使用 free online ASN.1 viewer 深入了解 Cades T 签名的结构
- 您可以使用
Org.BouncyCastle.Asn1.Utilities.Asn1Dump.DumpAsString方法转储 Bouncycastle 的 ASN.1 对象的字符串表示形式
希望对您有所帮助。
我能够使用这个获得签名:
CmsSignedData tsTokenCms = timestampToken.ToCmsSignedData();
SignerInformationStore signerInfoStore = tsTokenCms.GetSignerInfos();
SignerInformation signerInfo = signerInfoStore.GetFirstSigner(timestampToken.SignerID);
byte[] signatureBytes = signerInfo.GetSignature();
string signatureString = BitConverter.ToString(signatureBytes);
Console.WriteLine("Signature is: " + signatureString);