/// <summary> /// The method performs file content encryption using specified public encryption key and sign the content with private signing key. /// </summary> /// <param name="commandArguments"></param> /// <param name="encyptCert">X509Certificate2 encryption certificate.</param> /// <param name="signCert">X509Certificate2 signing certificate.</param> public static void PerformEncryptAndSign(CommandArguments commandArguments, X509Certificate2 encyptCert, X509Certificate2 signCert) { string inputFilePath = commandArguments.InputFile.FullName; string outputFilePath = commandArguments.OutputFile.FullName; Tracing.InfoSecurity(String.Format("Loaded certificates:\r\nencyptCert:{0}\r\nsignCert:{1}", encyptCert.Subject, signCert.Subject)); var data = File.ReadAllBytes(inputFilePath); var encodedData = CmsEncrypt(data, encyptCert); var pkcs7SignedEncodedData = SignData(encodedData, signCert); File.WriteAllBytes(outputFilePath, pkcs7SignedEncodedData); Tracing.InfoSecurity(String.Format("Write File To Disk:{0}", outputFilePath)); }
/// <summary> /// The method performs file content descryption using specified private encryption key and verify signature using public key stored in PKS7 container. /// </summary> /// <param name="commandArguments"></param> /// <param name="encyptCert"></param> public static void PerformDecryptAndVerifySignature(CommandArguments commandArguments, X509Certificate2 encyptCert) { string inputFilePath = commandArguments.InputFile.FullName; string outputFilePath = commandArguments.OutputFile.FullName; //Console.WriteLine(String.Format("Loaded certificates:\r\nencyptCert {0} ", encyptCert.Subject)); //Console.WriteLine(String.Format("Load File From Disk:{0}", inputFilePath)); var newBytes = File.ReadAllBytes(inputFilePath); CmsSignedDataParser sp = new CmsSignedDataParser(newBytes); var cmsSignedContent = sp.GetSignedContent(); var contentStream = cmsSignedContent.ContentStream; var decodedData = CmsDecrypt(contentStream, encyptCert); cmsSignedContent.Drain(); bool isSignaturValid = VerifySignatures(sp); Tracing.InfoSecurity(String.Format("VerifySignatures isSignaturValid: {0}", isSignaturValid)); Tracing.InfoSecurity(String.Format("Write File To Disk:{0}", outputFilePath)); File.WriteAllBytes(outputFilePath, decodedData); }