private void SetSignature(SignedCms cms)
{
TrustedSigningTimeUtc = null;
Payload = SignaturePayload.Decode(cms.ContentInfo.Content);
_signature = cms;
// Load the encrypted digest using the native APIs
using (var nativeCms = NativeCms.Decode(cms.Encode(), detached: false))
{
_encryptedDigest = nativeCms.GetEncryptedDigest();
}
var signerInfo = _signature.SignerInfos.Cast<SignerInfo>().FirstOrDefault();
if (signerInfo != null)
{
Signer = Signer.FromSignerInfo(signerInfo);
// Check for a timestamper
var attr = signerInfo
.UnsignedAttributes
.Cast<CryptographicAttributeObject>()
.FirstOrDefault(c => c.Oid.Value.Equals(Constants.SignatureTimeStampTokenAttributeOid.Value, StringComparison.OrdinalIgnoreCase));
if (attr != null && attr.Values.Count > 0)
{
var timestamp = new SignedCms();
timestamp.Decode(attr.Values[0].RawData);
// Check the timestamp against the data
var token = RFC3161.VerifyTimestamp(_encryptedDigest, timestamp);
_timestamp = token;
if (_timestamp.IsTrusted)
{
TrustedSigningTimeUtc = _timestamp.TimestampUtc;
}
}
}
}
