static void Main(string[] args)
{
var certificateData = File.ReadAllBytes("YOUR_p7b_FILE");
var cert = new X509CertificateParser().ReadCertificate(certificateData);
//I just wanted to know if I can see the publicKey somehow
//var publicKey = cert.GetPublicKey();
var store = new Pkcs12Store(File.OpenRead("YOUR_p12_File"), "test".ToCharArray());
var privateKey = store.GetKey("THE_NAME_OF_KEY_YOU_WANT_TO_GET").Key;
var signedDataGen = new CmsSignedDataGenerator();
signedDataGen.AddSigner(privateKey, cert, CmsSignedDataGenerator.EncryptionRsa, CmsSignedDataGenerator.DigestSha512);
var zipContent = new CmsProcessableFile(new FileInfo("YOUR_DATA_FILE"));
//For me a zip
var signedData = signedDataGen.Generate(zipContent, true);
var envDataGen = new CmsEnvelopedDataGenerator();
envDataGen.AddKeyTransRecipient(cert);
var sData = new CmsProcessableByteArray(signedData.GetEncoded());
var enveloped = envDataGen.Generate(sData, CmsEnvelopedDataGenerator.DesEde3Cbc);
var dos = new DerOutputStream(File.OpenWrite("YOUR_DATA_FILE.zip.encrypted.sig)"));
var bytesToWrite = enveloped.GetEncoded();
dos.Write(bytesToWrite, 0, bytesToWrite.Length);
dos.Flush();
dos.Close();
}
/// <exception cref="System.IO.IOException"></exception>
public virtual byte[] GetArchiveTimestampData(int index, Document originalDocument
)
{
ByteArrayOutputStream toTimestamp = new ByteArrayOutputStream();
BcCms.ContentInfo contentInfo = cmsSignedData.ContentInfo;
BcCms.SignedData signedData = BcCms.SignedData.GetInstance(contentInfo.Content);
// 5.4.1
if (signedData.EncapContentInfo == null || signedData.EncapContentInfo.
Content == null)
{
if (originalDocument != null)
{
//jbonilla Hack para leer un InputStream en su totalidad.
toTimestamp.Write(Streams.ReadAll(
originalDocument.OpenStream()));
}
else
{
throw new RuntimeException("Signature is detached and no original data provided."
);
}
}
else
{
BcCms.ContentInfo content = signedData.EncapContentInfo;
DerOctetString octet = (DerOctetString)content.Content;
BcCms.ContentInfo info2 = new BcCms.ContentInfo(new DerObjectIdentifier("1.2.840.113549.1.7.1"
), new BerOctetString(octet.GetOctets()));
toTimestamp.Write(info2.GetEncoded());
}
if (signedData.Certificates != null)
{
DerOutputStream output = new DerOutputStream(toTimestamp);
output.WriteObject(signedData.Certificates);
output.Close();
}
if (signedData.CRLs != null)
{
toTimestamp.Write(signedData.CRLs.GetEncoded());
}
if (signerInformation.UnsignedAttributes != null)
{
Asn1EncodableVector original = signerInformation.UnsignedAttributes.ToAsn1EncodableVector();
IList <BcCms.Attribute> timeStampToRemove = GetTimeStampToRemove(index);
Asn1EncodableVector filtered = new Asn1EncodableVector();
for (int i = 0; i < original.Count; i++)
{
Asn1Encodable enc = original[i];
if (!timeStampToRemove.Contains(enc))
{
filtered.Add(original[i]);
}
}
SignerInformation filteredInfo = SignerInformation.ReplaceUnsignedAttributes(signerInformation
, new BcCms.AttributeTable(filtered));
toTimestamp.Write(filteredInfo.ToSignerInfo().GetEncoded());
}
return(toTimestamp.ToByteArray());
}
/**
* Creates a CertPath of the specified type.
* This constructor is protected because most users should use
* a CertificateFactory to create CertPaths.
*
* @param type the standard name of the type of Certificatesin this path
**/
public PkixCertPath(
Stream inStream,
String encoding)
// : base("X.509")
{
try
{
if (encoding.ToUpper().Equals("PkiPath".ToUpper()))
{
Asn1InputStream derInStream = new Asn1InputStream(inStream);
Asn1Object derObject = derInStream.ReadObject();
if (!(derObject is Asn1Sequence))
{
throw new CertificateException(
"input stream does not contain a ASN1 SEQUENCE while reading PkiPath encoded data to load CertPath");
}
IEnumerator e = ((Asn1Sequence)derObject).GetEnumerator();
Stream certInStream;
MemoryStream outStream;
DerOutputStream derOutStream;
certificates = new ArrayList();
while (e.MoveNext())
{
outStream = new MemoryStream();
derOutStream = new DerOutputStream(outStream);
derOutStream.WriteObject((Asn1Encodable)e.Current);
derOutStream.Close();
certInStream = new MemoryStream(outStream.ToArray(), false);
certificates.Insert(0, new X509CertificateParser().ReadCertificate(certInStream));
}
}
else if (encoding.ToUpper().Equals("PKCS7") ||
encoding.ToUpper().Equals("PEM"))
{
inStream = new BufferedStream(inStream);
certificates = new ArrayList();
X509CertificateParser certParser = new X509CertificateParser();
X509Certificate cert = null;
while ((cert = certParser.ReadCertificate(inStream)) != null)
{
certificates.Add(cert);
}
}
else
{
throw new CertificateException("unsupported encoding: " + encoding);
}
}
catch (IOException ex)
{
throw new CertificateException(
"IOException throw while decoding CertPath:\n"
+ ex.ToString());
}
this.certificates = SortCerts(certificates);
}
