数字签名显示错误的签名日期问 [英] Digital signature show wrong sign date Ask

问题描述

我正在学习数字签名以及如何在c＃中签名。这是我的代码：

I am learning digital signature and how to sign it in c#.Here is my code:

Signature .cs

Signature.cs

public class Signature
    {
    static readonly string RT_OfficeDocument = "http://schemas.openxmlformats.org/officeDocument/2006/relationships/officeDocument";
    static readonly string OfficeObjectID = "idOfficeObject";
    static readonly string SignatureID = "idPackageSignature";
    static readonly string ManifestHashAlgorithm = "http://www.w3.org/2000/09/xmldsig#sha1";

    // Entry Point
    public static void DigiSign(string tempfile)
    {
    // Open the Package    
        using (Package package = Package.Open(tempfile))
        {
            // Get the certificate
            X509Certificate2 certificate = GetCertificate();
            SignAllParts(package, certificate);
        }
    }

    private static void SignAllParts(Package package, X509Certificate certificate)
    {
        if (package == null) throw new ArgumentNullException("SignAllParts(package)");
        List<Uri> PartstobeSigned = new List<Uri>();
        List<PackageRelationshipSelector> SignableReleationships = new List<PackageRelationshipSelector>();

        foreach (PackageRelationship relationship in package.GetRelationshipsByType(RT_OfficeDocument))
        {
            // Pass the releationship of the root. This is decided based on the RT_OfficeDocument (http://schemas.openxmlformats.org/officeDocument/2006/relationships/officeDocument)
            CreateListOfSignableItems(relationship, PartstobeSigned, SignableReleationships);
        }
        // Create the DigitalSignature Manager
        PackageDigitalSignatureManager dsm = new PackageDigitalSignatureManager(package);
        dsm.CertificateOption = CertificateEmbeddingOption.InSignaturePart;

        string signatureID = SignatureID;
        string manifestHashAlgorithm = ManifestHashAlgorithm;
        System.Security.Cryptography.Xml.DataObject officeObject = CreateOfficeObject(signatureID, manifestHashAlgorithm);
        Reference officeObjectReference = new Reference("#" + OfficeObjectID);

        try
        {
            dsm.Sign(PartstobeSigned, certificate, SignableReleationships, signatureID, new System.Security.Cryptography.Xml.DataObject[] { officeObject }, new Reference[] { officeObjectReference });
        }
        catch (CryptographicException ex)
        {
            Console.WriteLine(ex.InnerException.ToString());
        }

    }// end:SignAllParts()

    /**************************SignDocument******************************/
    //  This function is a helper function. The main role of this function is to 
    //  create two lists, one with Package Parts that you want to sign, the other 
    //  containing PacakgeRelationshipSelector objects which indicate relationships to sign.
    /*******************************************************************/
    static void CreateListOfSignableItems(PackageRelationship relationship, List<Uri> PartstobeSigned, List<PackageRelationshipSelector> SignableReleationships)
    {
        // This function adds the releation to SignableReleationships. And then it gets the part based on the releationship. Parts URI gets added to the PartstobeSigned list.
        PackageRelationshipSelector selector = new PackageRelationshipSelector(relationship.SourceUri, PackageRelationshipSelectorType.Id, relationship.Id);
        SignableReleationships.Add(selector);
        if (relationship.TargetMode == TargetMode.Internal)
        {
            PackagePart part = relationship.Package.GetPart(PackUriHelper.ResolvePartUri(relationship.SourceUri, relationship.TargetUri));
            if (PartstobeSigned.Contains(part.Uri) == false)
            {
                PartstobeSigned.Add(part.Uri);
                // GetRelationships Function: Returns a Collection Of all the releationships that are owned by the part.
                foreach (PackageRelationship childRelationship in part.GetRelationships())
                {
                    CreateListOfSignableItems(childRelationship, PartstobeSigned, SignableReleationships);
                }
            }
        }
    }
    /**************************SignDocument******************************/
    //  Once you create the list and try to sign it, Office will not validate the Signature.
    //  To allow Office to validate the signature, it requires a custom object which should be added to the 
    //  signature parts. This function loads the OfficeObject.xml resource.
    //  Please note that GUID being passed in document.Loadxml. 
    //  Background Information: Once you add a SignatureLine in Word, Word gives a unique GUID to it. Now while loading the
    //  OfficeObject.xml, we need to make sure that The this GUID should match to the ID of the signature line. 
    //  So if you are generating a SignatureLine programmtically, then mmake sure that you generate the GUID for the 
    //  SignatureLine and for this element. 
    /*******************************************************************/

    static System.Security.Cryptography.Xml.DataObject CreateOfficeObject(
       string signatureID, string manifestHashAlgorithm)
    {
        XmlDocument document = new XmlDocument();
        document.LoadXml(String.Format(Properties.Resources.OfficeObject, signatureID, manifestHashAlgorithm, "{3CF6B91E-C5F6-46A4-B036-72597274FCC0}"));
        System.Security.Cryptography.Xml.DataObject officeObject = new System.Security.Cryptography.Xml.DataObject();
        // do not change the order of the following two lines
        officeObject.LoadXml(document.DocumentElement); // resets ID
        officeObject.Id = OfficeObjectID; // required ID, do not change
        return officeObject;
    }
    /********************************************************/

    static X509Certificate2 GetCertificate()
    {
        X509Store certStore = new X509Store(StoreLocation.CurrentUser);
        certStore.Open(OpenFlags.ReadOnly);
        X509Certificate2Collection certs = X509Certificate2UI.SelectFromCollection(certStore.Certificates, "Select a certificate", "Please select a certificate",
                X509SelectionFlag.SingleSelection);
        return certs.Count > 0 ? certs[0] : null;
    }
}

Program.cs

class Program
{
    static void Main(string[] args)
    {
            Signature.DigiSign(@"D:\abc.docx");
    }
}

签名后，在签名的附加信息中，系统日期/时间（签名时间）与我的当地时间和日期/时间格式.I
尝试更改我的本地时区并重置日期/时间但仍然无效。我错过了什么？

我无法上传图片，所以我提供了一个链接：  https://i.stack.imgur.com/hPHJk.png

I can't upload image so i provide a link to it : https://i.stack.imgur.com/hPHJk.png

推荐答案

签名后，在签名的附加信息中，系统日期/时间（签名时间）与我的当地时间和日期/时间格式。我尝试更改我的本地时区并重置日期/时间，但它仍然无法正常工作。我错过了什么？

After signed ,in the Additional Information of the signature , the system date/time(sign time) is diferrent from my local time and the date/time format too.I try to change my local time zone and reset date/time but it still not work. What am i missing?

我无法上传图片，因此我提供了一个链接：  https://i.stack.imgur.com/hPHJk.png

I can't upload image so i provide a link to it : https://i.stack.imgur.com/hPHJk.png

我猜你是在美国西海岸。 这些签名字段的内容和格式由标准规定。 时间以UTC格式存储，因为阅读签名的人很可能不会在
相同的时区内。 日期/时间的格式也取决于标准，而不是您的偏好。

I'm guessing you're on the west coast of the United States.  The content and format of these signature fields are dictated by standards.  The time is stored in UTC, because the person reading the signature is very likely not going to be in the same time zone.  The format of the date/time is also dictated by the standards, not by your preferences.

换句话说，它一切正常。

In other words, it is all working fine.

这篇关于数字签名显示错误的签名日期问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！