none
C# - Add OIDs to PKCS7 signed CMS RRS feed

  • Question

  • Hi everybody,

    I use “CmsSigner” class to sign a XML document with C#. For the moment, it’s works fine. I would add some signed attributes. I’ve already added, with success, the “Pkcs9SigningTime”. But now, I search to add the “SMIMECapabilities” and several others OIDs by following this hierarchy:

    SEQUENCE {
    	OBJECT IDENTIFIER sMIMECapabilities (1 2 840 113549 1 9 15)
    	SET {
    		SEQUENCE {
    			SEQUENCE {
    				OBJECT IDENTIFIER aes256-CBC (2 16 840 1 101 3 4 1 42)
    			}
    			SEQUENCE {
    				OBJECT IDENTIFIER aes192-CBC (2 16 840 1 101 3 4 1 22)
    			}
    			SEQUENCE {
    				OBJECT IDENTIFIER aes128-CBC (2 16 840 1 101 3 4 1 2)
    			}
    			SEQUENCE {
    				OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
    			}
    			SEQUENCE {
    				OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
    				INTEGER 128
    			}
    			SEQUENCE {
    				OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
    				INTEGER 64
    			}
    			SEQUENCE {
    				OBJECT IDENTIFIER desCBC (1 3 14 3 2 7)
    			}
    			SEQUENCE {
    				OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
    				INTEGER 40
    			}
    		}
    	}
    }

    My current code:

    String msg = System.IO.File.ReadAllText("filetosign.xml");
    byte[] msgBytes = Encoding.UTF8.GetBytes(msg);
    ContentInfo content = new ContentInfo(msgBytes);
    SignedCms signedMessage = new SignedCms(SubjectIdentifierType.SubjectKeyIdentifier, content);
    CmsSigner signer = new CmsSigner(myCert);
    signer.SignedAttributes.Add(new Pkcs9SigningTime());
    signer.DigestAlgorithm = new Oid("SHA1");
    signer.IncludeOption = X509IncludeOption.EndCertOnly;
    
    // sign the message
    signedMessage.ComputeSignature(signer, false);
    byte[] myCmsMessage = signedMessage.Encode();

    Have you got an idea to add all this OID's hierarchy in my document signed?

    Any help will be appreciated.

    Best regards

    • Moved by Barry Wang Friday, December 12, 2014 6:14 AM BCL forum related
    Thursday, December 11, 2014 5:13 PM

Answers

  • Hello John,

    As far as I know, there is not support for the SMIMECapabilities property in .NET, for touching this property, the IX509CertificateRequestPkcs10::SmimeCapabilities in Certificate Enrollment API seems to be support it, you could check it:

    http://msdn.microsoft.com/en-us/library/windows/desktop/aa377586(v=vs.85).aspx

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, December 15, 2014 1:51 AM
    Moderator

All replies

  • Hello John,

    Your case may more related to BCL forum so I moved it from C# to here.

    Best regards,



    Barry
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, December 12, 2014 6:15 AM
  • Hello John,

    As far as I know, there is not support for the SMIMECapabilities property in .NET, for touching this property, the IX509CertificateRequestPkcs10::SmimeCapabilities in Certificate Enrollment API seems to be support it, you could check it:

    http://msdn.microsoft.com/en-us/library/windows/desktop/aa377586(v=vs.85).aspx

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, December 15, 2014 1:51 AM
    Moderator