Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include CmsSigner or other SignedAttributes in Signed Message #101

Closed
xtomas opened this issue Feb 16, 2015 · 5 comments
Closed

Include CmsSigner or other SignedAttributes in Signed Message #101

xtomas opened this issue Feb 16, 2015 · 5 comments
Labels
question A question about how to do something

Comments

@xtomas
Copy link

xtomas commented Feb 16, 2015

Hello again.

I'm facing problem with missing required SignedAttributes in signed/non-encrypted/non-compressed mime message. Is there any way, how to include for example SigningTime attribute for CmsSigner? I have solved this only by creating own derived classes for WindowsSecureMimeContext and MultipartSigned but it's a lot of duplicate code from MimeKit...

public MimePart Sign(string certificateThumbprint, DigestAlgorithm digestAlgo, Stream content)
{
if (string.IsNullOrEmpty(certificateThumbprint))
throw new ArgumentNullException("certificateThumbprint");

        if (content == null)
            throw new ArgumentNullException("content");

        var contentInfo = new ContentInfo(ReadAllBytes(content));
        var cmsSigner   = GetRealCmsSigner(certificateThumbprint, digestAlgo);

        // add signingTime attribute
        cmsSigner.SignedAttributes.Add(new Pkcs9SigningTime());

        var signed      = new SignedCms(contentInfo, true);

        signed.ComputeSignature(cmsSigner);
        var signedData = signed.Encode();

        return new ApplicationPkcs7Signature(new MemoryStream(signedData, false));
    }

Regards,

Tomas
jstedfast added a commit that referenced this issue Feb 16, 2015
@jstedfast
Added a Pkcs9SigningTime attribute to the CmsSigner for WindowsSecure…
2c480c9 
…MimeContext

Fixes issue #101
@jstedfast
Copy link
Owner

What you can do instead is this:

var mailbox = new SecureMailboxAddress ("Joe Sixpack", "[email protected]", fingerprint);
var signed = ctx.Sign (mailbox, digestAlgo, content);

I've added the Pkcs9SigningTime as a standard attribute.

I haven't really spent a lot of time on the WindowsSecureMimeContext as almost all of my effort has been on the other implementation because my interest has been on making it work cross-platform using Bouncy Castle, so there may be other issues you'll encounter. I do appreciate the bug reports tho, as the WindowsSecureMimeContext should get polished to the same level as the Bouncy Castle backend.

In the other backend, the reason you can override GetCmsSigner(MailboxAddress, DigestAlgorithm) is so that you can add custom attributes. However, with the Windows backend, it uses GetRealCmsSigner() instead which isn't virtual.

@xtomas
Copy link
Author

xtomas commented Feb 17, 2015

I've tried your fixed code and it works for my case as well. (Btw, I'm implementing As2 Protocol communication)

When will be this fix available on MimeKit Nuget Package?

Tomas

@jstedfast
Copy link
Owner

I've just released a 1.0.7 NuGet with this fix.

@xtomas
Copy link
Author

xtomas commented Feb 18, 2015

Thank you. It works now for me 👍

@jstedfast
Copy link
Owner

Awesome :-)

@jstedfast jstedfast added the question A question about how to do something label Mar 10, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question A question about how to do something
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jstedfast @xtomas