1

我们正在使用以下代码来验证 NET 1.1 中的分离签名,该签名适用于 Windows XP 和 Windows Server 2003:

    [Test]
    public void should_validate_with_old_capicom()
    {
        string data = "GDNNOT172789407LGAR10277825619622017-01-0412.28.330000";
        string signed = "MIIJnAYJKoZIhvcNAQcCoIIJjTCCCYkCAQExCzAJBgUrDgMCGgUAME4GCSqGSIb3DQEHAaBBBD9HRE5OT1QxNzI3ODk0MDdMR0FSNzI3ODk0MDdMMTAyNzc4MjU2MTk2MjIwMTctMDEtMDQxMi4yOC4zMzAwMDCgggd8MIIHeDCCBmCgAwIBAgIQGpXb9B2s0/1VS3myyrb9sTANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNFUkVTMRIwEAYDVQQFEwlRMjgyNjAwNEoxJDAiBgNVBAMMG0FDIEFkbWluaXN0cmFjacOzbiBQw7pibGljYTAeFw0xNTA1MDcxNDQxNTRaFw0xODA1MDcxNDQxNTRaMIGnMQswCQYDVQQGEwJFUzEsMCoGA1UECgwjRkFCUklDQSBOQUNJT05BTCBERSBNT05FREEgWSBUSU1CUkUxGzAZBgNVBAsMEnNlbGxvIGVsZWN0csOzbmljbzESMBAGA1UEBRMJUTI4MjYwMDRKMTkwNwYDVQQDDDBTRVJWSUNJTyBERSBOT1RJRklDQUNJT05FUyBFTEVDVFJPTklDQVMgRk5NVC1SQ00wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuyGB85oj/EJlgqkvrS2NN7werC5AlKPiMqktqDOwpLyIlUFl0DhF9fHDX5CsWx7z4zriVB7jwDx7W7JJWir+yYvEPwrbly+FF3v+HlZBQrkDOvYBzDQW7FNEPeWoMxP0M09bCjmcU/QWB5DJo0B1mpdn9osLMqlxQ4VIWBJdajm3OoDJUj8DzTxUZMAfT/zcMzGSdYASLd022YDI3fzlQQ9C/f48Qb2y58pgEjgahcULuGxv+3HLoGT+qZO9ldg0aTtJxAPVuMVib7SjEnB1mQeiss/vJD4RKuBDVvZG3esREFKyQ2jJCrQjj0RL9BDU6zJn12VqzOS7onPN158M3AgMBAAGjggPaMIID1jCBxQYDVR0RBIG9MIG6pIG3MIG0MUAwPgYJYIVUAQMFAgIFDDFTRVJWSUNJTyBERSBOT1RJRklDQUNJT05FUyBFTEVDVFLDk05JQ0FTIEZOTVQtUkNNMRgwFgYJYIVUAQMFAgIDDAlRMjgyNjAwNEoxMzAxBglghVQBAwUCAgIMJEbDgUJSSUNBIE5BQ0lPTkFMIERFIE1PTkVEQSBZIFRJTUJSRTEhMB8GCWCFVAEDBQICAQwSc2VsbG8gZWxlY3Ryw7NuaWNvMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgTwMB0GA1UdDgQWBBSNvf02Tp/7zIX5RFYxYIHO09hJYzAfBgNVHSMEGDAWgBQUEeK1K7mMmK1o0zFUQORYXwMbfTAlBggrBgEFBQcBAwQZMBcwCAYGBACORgEBMAsGBgQAjkYBAwIBDzCB7wYDVR0gBIHnMIHkMIHhBgsrBgEEAaxmAwMDAjCB0TApBggrBgEFBQcCARYdaHR0cDovL3d3dy5jZXJ0LmZubXQuZXMvZHBjcy8wgaMGCCsGAQUFBwICMIGWDIGTU3VqZXRvIGEgbGFzIGNvbmRpY2lvbmVzIGRlIHVzbyBleHB1ZXN0YXMgZW4gbGEgRGVjbGFyYWNpw7NuIGRlIFByw6FjdGljYXMgZGUgQ2VydGlmaWNhY2nDs24gZGUgbGEgRk5NVC1SQ00gKEMvSm9yZ2UgSnVhbiAxMDYtMjgwMDktTWFkcmlkLUVzcGHDsWEpMH8GCCsGAQUFBwEBBHMwcTA7BggrBgEFBQcwAYYvaHR0cDovL29jc3BhcC5jZXJ0LmZubXQuZXMvb2NzcGFwL09jc3BSZXNwb25kZXIwMgYIKwYBBQUHMAKGJmh0dHA6Ly93d3cuY2VydC5mbm10LmVzL2NlcnRzL0FDQVAuY3J0MCMGA1UdJQQcMBoGBFUdJQAGCCsGAQUFBwMCBggrBgEFBQcDBDCB7gYDVR0fBIHmMIHjMIHgoIHdoIHahoGqbGRhcDovL2xkYXBhcGUuY2VydC5mbm10LmVzL0NOPUNSTDE5OSxDTj1BQyUyMEFkbWluaXN0cmFjaSVGM24lMjBQJUZBYmxpY2EsT1U9Q0VSRVMsTz1GTk1ULVJDTSxDPUVTP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q7YmluYXJ5P2Jhc2U/b2JqZWN0Y2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnSGK2h0dHA6Ly93d3cuY2VydC5mbm10LmVzL2NybHNhY2FwL0NSTDE5OS5jcmwwDQYJKoZIhvcNAQELBQADggEBAJRImLcBB5vCmihD3uS0uPG+u+MepnKQ4I5xGDLmtPmKWDmK77JPDNHUrs+SHY/RhMUjYMdrumqN8zGEg9YsbMS7+2ZDrTYg4jyvTP2+NuAVG223wHAoTzxYKyTo+KAWvmd+om83vR/YYVDBpCcabGDPU1DyNeUYm/8BKzLhrd2QZ82v++SJD1p/CznwgoZufFHNiijjtDo3h1mxxuzR6WTTM7iEyBXpDyb+xnoBJ+/KmnIza0PYrs0oEfT2DilC+8a806XTfL9nz86iKPDlOSlnHYmPbqLsT79yXIZUZV35a/TZj77AWYgWOka1aEXjoeQczC9ZRgaFii7FN/tBQJ4xggGlMIIBoQIBATB+MGoxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEOMAwGA1UECwwFQ0VSRVMxEjAQBgNVBAUTCVEyODI2MDA0SjEkMCIGA1UEAwwbQUMgQWRtaW5pc3RyYWNpw7NuIFDDumJsaWNhAhAaldv0HazT/VVLebLKtv2xMAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEggEAKxwcLWLDbFBaaqhZE2PQe884oJbYUfHGsyDihWblLX1G5yNGrjD8NH934ojVOXuaHccMQUW28Z7sEEbRx7hI/5DVoKRoEggTXTd1tkHGBFpR6yDDaXiFnUV3zi1htXoV0BmoTjJTmibKUIRZGY7yPC6IuCDWtsdvgLtl3CUX7quuSsoeTJs0PNlMSiV3zXzCuDYD9EFfqTBS+Ine077tGWuKgTMTWtp/RVsGD4lnIQGx4YcRXIMT3R/CLmNoLAJMPzsLPUMCX2CkpG6gqEUDdtGYrwX8uOUfCpJdaAnZUHYSaM4pDnC6kW71M2ENg44sm7WM9l/RF9Ld3+sj66Ra7g==";

        var signedData = new SignedDataClass();
        var utilities = new UtilitiesClass();

        signedData.set_Content(utilities.ByteArrayToBinaryString(
            Encoding.Default.GetBytes(data)
            ));
        signedData.Verify(
            signed,
            true,
            CAPICOM_SIGNED_DATA_VERIFY_FLAG.CAPICOM_VERIFY_SIGNATURE_ONLY
            );
        var signer = (Signer)signedData.Signers[1];

        Assert.Pass("It was verified with capicom.");
    }

我们在具有构建配置的 Windows 7 机器NET45上的项目中使用相同的代码,但它以.x64x86Invalid Signature System.Runtime.InteropServices.COMException

我们也尝试过验证System.Cryptography,但没有成功。我们添加证书的公钥以防万一。证书可以在这里下载

    [Test]
    public void should_validate_against_dot_net_implementation()
    {
        string data = "GDNNOT172789407LGAR10277825619622017-01-0412.28.330000";
        string signed = "MIIJnAYJKoZIhvcNAQcCoIIJjTCCCYkCAQExCzAJBgUrDgMCGgUAME4GCSqGSIb3DQEHAaBBBD9HRE5OT1QxNzI3ODk0MDdMR0FSNzI3ODk0MDdMMTAyNzc4MjU2MTk2MjIwMTctMDEtMDQxMi4yOC4zMzAwMDCgggd8MIIHeDCCBmCgAwIBAgIQGpXb9B2s0/1VS3myyrb9sTANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNFUkVTMRIwEAYDVQQFEwlRMjgyNjAwNEoxJDAiBgNVBAMMG0FDIEFkbWluaXN0cmFjacOzbiBQw7pibGljYTAeFw0xNTA1MDcxNDQxNTRaFw0xODA1MDcxNDQxNTRaMIGnMQswCQYDVQQGEwJFUzEsMCoGA1UECgwjRkFCUklDQSBOQUNJT05BTCBERSBNT05FREEgWSBUSU1CUkUxGzAZBgNVBAsMEnNlbGxvIGVsZWN0csOzbmljbzESMBAGA1UEBRMJUTI4MjYwMDRKMTkwNwYDVQQDDDBTRVJWSUNJTyBERSBOT1RJRklDQUNJT05FUyBFTEVDVFJPTklDQVMgRk5NVC1SQ00wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuyGB85oj/EJlgqkvrS2NN7werC5AlKPiMqktqDOwpLyIlUFl0DhF9fHDX5CsWx7z4zriVB7jwDx7W7JJWir+yYvEPwrbly+FF3v+HlZBQrkDOvYBzDQW7FNEPeWoMxP0M09bCjmcU/QWB5DJo0B1mpdn9osLMqlxQ4VIWBJdajm3OoDJUj8DzTxUZMAfT/zcMzGSdYASLd022YDI3fzlQQ9C/f48Qb2y58pgEjgahcULuGxv+3HLoGT+qZO9ldg0aTtJxAPVuMVib7SjEnB1mQeiss/vJD4RKuBDVvZG3esREFKyQ2jJCrQjj0RL9BDU6zJn12VqzOS7onPN158M3AgMBAAGjggPaMIID1jCBxQYDVR0RBIG9MIG6pIG3MIG0MUAwPgYJYIVUAQMFAgIFDDFTRVJWSUNJTyBERSBOT1RJRklDQUNJT05FUyBFTEVDVFLDk05JQ0FTIEZOTVQtUkNNMRgwFgYJYIVUAQMFAgIDDAlRMjgyNjAwNEoxMzAxBglghVQBAwUCAgIMJEbDgUJSSUNBIE5BQ0lPTkFMIERFIE1PTkVEQSBZIFRJTUJSRTEhMB8GCWCFVAEDBQICAQwSc2VsbG8gZWxlY3Ryw7NuaWNvMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgTwMB0GA1UdDgQWBBSNvf02Tp/7zIX5RFYxYIHO09hJYzAfBgNVHSMEGDAWgBQUEeK1K7mMmK1o0zFUQORYXwMbfTAlBggrBgEFBQcBAwQZMBcwCAYGBACORgEBMAsGBgQAjkYBAwIBDzCB7wYDVR0gBIHnMIHkMIHhBgsrBgEEAaxmAwMDAjCB0TApBggrBgEFBQcCARYdaHR0cDovL3d3dy5jZXJ0LmZubXQuZXMvZHBjcy8wgaMGCCsGAQUFBwICMIGWDIGTU3VqZXRvIGEgbGFzIGNvbmRpY2lvbmVzIGRlIHVzbyBleHB1ZXN0YXMgZW4gbGEgRGVjbGFyYWNpw7NuIGRlIFByw6FjdGljYXMgZGUgQ2VydGlmaWNhY2nDs24gZGUgbGEgRk5NVC1SQ00gKEMvSm9yZ2UgSnVhbiAxMDYtMjgwMDktTWFkcmlkLUVzcGHDsWEpMH8GCCsGAQUFBwEBBHMwcTA7BggrBgEFBQcwAYYvaHR0cDovL29jc3BhcC5jZXJ0LmZubXQuZXMvb2NzcGFwL09jc3BSZXNwb25kZXIwMgYIKwYBBQUHMAKGJmh0dHA6Ly93d3cuY2VydC5mbm10LmVzL2NlcnRzL0FDQVAuY3J0MCMGA1UdJQQcMBoGBFUdJQAGCCsGAQUFBwMCBggrBgEFBQcDBDCB7gYDVR0fBIHmMIHjMIHgoIHdoIHahoGqbGRhcDovL2xkYXBhcGUuY2VydC5mbm10LmVzL0NOPUNSTDE5OSxDTj1BQyUyMEFkbWluaXN0cmFjaSVGM24lMjBQJUZBYmxpY2EsT1U9Q0VSRVMsTz1GTk1ULVJDTSxDPUVTP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q7YmluYXJ5P2Jhc2U/b2JqZWN0Y2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnSGK2h0dHA6Ly93d3cuY2VydC5mbm10LmVzL2NybHNhY2FwL0NSTDE5OS5jcmwwDQYJKoZIhvcNAQELBQADggEBAJRImLcBB5vCmihD3uS0uPG+u+MepnKQ4I5xGDLmtPmKWDmK77JPDNHUrs+SHY/RhMUjYMdrumqN8zGEg9YsbMS7+2ZDrTYg4jyvTP2+NuAVG223wHAoTzxYKyTo+KAWvmd+om83vR/YYVDBpCcabGDPU1DyNeUYm/8BKzLhrd2QZ82v++SJD1p/CznwgoZufFHNiijjtDo3h1mxxuzR6WTTM7iEyBXpDyb+xnoBJ+/KmnIza0PYrs0oEfT2DilC+8a806XTfL9nz86iKPDlOSlnHYmPbqLsT79yXIZUZV35a/TZj77AWYgWOka1aEXjoeQczC9ZRgaFii7FN/tBQJ4xggGlMIIBoQIBATB+MGoxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEOMAwGA1UECwwFQ0VSRVMxEjAQBgNVBAUTCVEyODI2MDA0SjEkMCIGA1UEAwwbQUMgQWRtaW5pc3RyYWNpw7NuIFDDumJsaWNhAhAaldv0HazT/VVLebLKtv2xMAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEggEAKxwcLWLDbFBaaqhZE2PQe884oJbYUfHGsyDihWblLX1G5yNGrjD8NH934ojVOXuaHccMQUW28Z7sEEbRx7hI/5DVoKRoEggTXTd1tkHGBFpR6yDDaXiFnUV3zi1htXoV0BmoTjJTmibKUIRZGY7yPC6IuCDWtsdvgLtl3CUX7quuSsoeTJs0PNlMSiV3zXzCuDYD9EFfqTBS+Ine077tGWuKgTMTWtp/RVsGD4lnIQGx4YcRXIMT3R/CLmNoLAJMPzsLPUMCX2CkpG6gqEUDdtGYrwX8uOUfCpJdaAnZUHYSaM4pDnC6kW71M2ENg44sm7WM9l/RF9Ld3+sj66Ra7g==";

        var contentInfo = new ContentInfo(
            Encoding.Default.GetBytes(data));

        var signedCms = new SignedCms(contentInfo, true);

        signedCms.Decode(Convert.FromBase64String(signed));

        var certs = new X509Certificate2Collection();
        certs.Import(_validatingCertPart);

       signedCms.CheckSignature(certs, true);

        Assert.Pass("Verified with DotNet");
    }

在这种情况下,我们还会收到一条Invalid Signature异常消息System.Security.Cryptography.CryptographicException

4

0 回答 0