Answer the question
In order to leave comments, you need to log in
V
V
Valery Osipov2013-04-03 11:43:49
Valery Osipov, 2013-04-03 11:43:49
Program work with EDS
Good afternoon. I use the Technocad-Express program, which works with an EDS issued by the Technocad CA.
The task is to sign the file with this signature in your program: for a binary file, create filename.sig, which will be its valid digital signature
. In cryptography, I am a complete zero, I don’t know where to start in order to quickly deal with this issue.
What is known about the subject:
1) Programming language: C#
2) Technocad-Express uses the Crypto-PRO program to work with certificates
3) The recipient site uses something like CAPICOM to work with EDS
4) EDS is stored in the registry
5) Exported to EDS flash drive consists of files: header.key masks.key masks2.key name.key primary.key primary2.key
6) Signature standard PKCS#7, DER encoding
7) Information from the documentation: Calculation of hash sums GOST R 34.11-94 www.w3.org/2001/04/xmldsig-more#gostr3411
Signature generation GOST R 34.10-2001 www.w3 .org/2001/04/xmldsig-more#gostr34102001-gostr3411
Exclusive XML Canonicalization from 18 July 2002 www.w3.org/2001/10/xml-exc-c14n#
Downloaded the
BouncyCasle library , trying to figure it out. It's embarrassing that not PKCS # 7 is implemented there, but PKCS # 12, are these standards backwards compatible?
Tell me, please, in which direction should I dig, any sites with examples?
2 answer(s)
@Namolem
Accordingly, there are bytes of the file and a string with a fingerprint at the input (Tumbprint, you can see it in the properties of the certificate, but if you want to copy directly from there, you need to remove the spaces)
Instead of sending a fingerprint, you can directly ask to select a certificate. The X509Certificate2UI class has a SelectFromCollection method that shows a standard certificate selection window and returns a collection with the selected certificates.
Regarding the fact that this is a crypto provider from CryptoPro - in general, in this case it does not matter.
Well, accordingly, it remains to read the file and save the signature bytes to filename.sig
J
Juralis, 2013-04-03 @Namolem
Unfortunately I don't know C#, I can share my IronPython function. The procedure, classes and methods will be the same.
from System.Security.Cryptography import Pkcs
from System.Security.Cryptography.X509Certificates import X509Store, OpenFlags, X509Certificate2Collection,\
X509Certificate2, X509Certificate2UI, StoreName
def sign(content, tp):
store = X509Store(StoreName.My)
store.Open(OpenFlags.ReadOnly)
storecollection = X509Certificate2Collection(store.Certificates)
myCert = None
for cert in storecollection:
if cert.Thumbprint.ToLower == tp.ToLower:
myCert = cert
if not myCert:
return None
else:
contentInfo = Pkcs.ContentInfo(content)
signedCms = Pkcs.SignedCms(contentInfo, True)
cmsSigner = Pkcs.CmsSigner(myCert)
signedCms.ComputeSignature(cmsSigner)
sign = signedCms.Encode()
return sign
Accordingly, there are bytes of the file and a string with a fingerprint at the input (Tumbprint, you can see it in the properties of the certificate, but if you want to copy directly from there, you need to remove the spaces)
Instead of sending a fingerprint, you can directly ask to select a certificate. The X509Certificate2UI class has a SelectFromCollection method that shows a standard certificate selection window and returns a collection with the selected certificates.
Regarding the fact that this is a crypto provider from CryptoPro - in general, in this case it does not matter.
Well, accordingly, it remains to read the file and save the signature bytes to filename.sig
Similar questions
A
T
B
BtchBetterHaveMyMoney2019-12-03 15:10:28
What books/other resources are good for learning C#?
2Reply
A
I
Ivan Murashkin2017-07-07 16:12:53
What knowledge do you need to pass the .NET Beginner interview?
2Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question