private void SetSignature(SignedCms cms) { TrustedSigningTimeUtc = null; Payload = SignaturePayload.Decode(cms.ContentInfo.Content); _signature = cms; // Load the encrypted digest using the native APIs using (var nativeCms = NativeCms.Decode(cms.Encode(), detached: false)) { _encryptedDigest = nativeCms.GetEncryptedDigest(); } var signerInfo = _signature.SignerInfos.Cast <SignerInfo>().FirstOrDefault(); if (signerInfo != null) { Signer = Signer.FromSignerInfo(signerInfo); // Check for a timestamper var attr = signerInfo .UnsignedAttributes .Cast <CryptographicAttributeObject>() .FirstOrDefault(c => c.Oid.Value.Equals(Constants.SignatureTimeStampTokenAttributeOid.Value, StringComparison.OrdinalIgnoreCase)); if (attr != null && attr.Values.Count > 0) { var timestamp = new SignedCms(); timestamp.Decode(attr.Values[0].RawData); // Check the timestamp against the data var token = RFC3161.VerifyTimestamp(_encryptedDigest, timestamp); _timestamp = token; if (_timestamp.IsTrusted) { TrustedSigningTimeUtc = _timestamp.TimestampUtc; } } } }
private static Signature DecodeRequest(byte[] data) { var payload = SignaturePayload.Decode(data); return(new Signature(payload)); }