Reputation: 1190
How to decode timestamp from digital PKCS7 signature?
I have a signature with timestamp. I am trying to decode the timestamp and decode its properties.
var contentInfo = new ContentInfo(Convert.FromBase64String(data));
var signedCms = new SignedCms(contentInfo, true);
signedCms.Decode(Convert.FromBase64String(signature));
signedCms.CheckSignature(true);
foreach (var signerInfo in signedCms.SignerInfos)
{
foreach (var unsignedAttribute in signerInfo.UnsignedAttributes)
{
if (unsignedAttribute.Oid.Value == "1.2.840.113549.1.9.16.2.14")
{
AsnEncodedData asnData = unsignedAttribute.Values[0];
byte[] asnBinary = asnData.RawData;
}
}
}
But I dont understand how can I decode asnData.RawData
At least I need to get date and verify that the timstamp is correct(it's signature is valid)
Do you have any ideas or expirience? Thanks
Upvotes: 3
Views: 3408
Answers (1)
Reputation: 29
A timestamp is nothing else than a counter-signature (a signature of your authenticated attributes). You would to look into the counter signatures within the SignerInfo structure.
signerInfo.CounterSignerInfos contains a collection of SignerInfo and will be used by most Authenticode signatures schemes (may be implementation specific). If your timestamp is based off of RFC-3161, then it may be elsewhere. I have found it as an unauthenticated attribute under the SignerInfo.UnsignedAttributes property with OID
1.3.6.1.4.1.311.3.3.1
With this OID, you can trivially find the timestamp.
foreach (CryptographicAttributeObject cryptoAttribute in primarySigner.UnsignedAttributes)
{
if (cryptoAttribute.Oid.Value == szOID_RFC3161_TIMESTAMP.Value)
{
Pkcs9AttributeObject rfcTimestampObj = new Pkcs9AttributeObject(cryptoAttribute.Values[0]);
//Decode the attribute
SignedCms rfcTimestampMessage = new SignedCms();
rfcTimestampMessage.Decode(rfcTimestampObj.RawData);
//At this point you are obtained the timestamp message as a SignedCMS object - rfcTimestampMessage.SignerInfos.Count > 1
}
}
Upvotes: 2
Related Questions
- How can I convert a Unix timestamp to DateTime and vice versa?
- How can one change the timestamp of an old commit in Git?
- How to call asynchronous method from synchronous method in C#?
- How do I get a timestamp in JavaScript?
- How do I encode and decode a base64 string?
- How to get the unix timestamp in C#
- How do I update the GUI from another thread?
- How can I check signature of a SignedCms envelope?
- C# How to Verify Digital Signature from email ( Encoding SeveBit )
- How to create an pkcs7 block for key exchange only (bouncy castle)