微软CNG与CMS / PKCS#7签署无处可寻 [英] Microsoft CNG with CMS/PKCS#7 signing nowhere to be found
问题描述
以下页面介绍了Microsoft CNG功能,包括术语"CMS(S / MIME)":
The following page describes the Microsoft CNG features, including the term "CMS (S/MIME)":
https://msdn.microsoft.com/ en-us / library / windows / desktop / bb204775(v = vs.85).aspx
https://msdn.microsoft.com/en-us/library/windows/desktop/bb204775(v=vs.85).aspx
但是,我还没有找到有关使用CNG创建CMS的任何文档(PKCS# 7)签名结构。 为什么CNG不支持开箱即用的CMS签名? 我知道Crypto API确实通过CmsSigner类提供了这个,但是我不能使用
,因为它不支持Sha2摘要,它似乎也不提供PSS填充支持。
However, I have yet to find any documentation on using CNG to create a CMS (PKCS#7) signed structure. Why doesn't CNG support CMS signing out of the box? I understand that Crypto API does provide this via the CmsSigner class, but I cannot use that because it doesn't support Sha2 digests, nor does it seem to provide PSS padding support.
Microsoft CNG是否为CMS签名提供任何开箱即用的支持? 如果没有,为什么上面提到的页面说它确实?
Does Microsoft CNG provide any out-of-the-box support for CMS signatures? If not, why does the page mentioned above say that it does?
我需要能够使用带有PSS填充的Sha256摘要算法创建CMS签名结构。
I need to ability to create a CMS signed structure using a Sha256 digest algorithm with PSS padding.
谢谢,
Bob
推荐答案
嗨Bobaks,
Hi Bobaks,
感谢您发布此处。
据我所知,.NET Framework中的CNG支持仅扩展到具有CNG后缀的显式算法包装器(ECDsaCng,SHA256Cng,等等。)。没有更高级别的服务有CNG检测通过(例如,CMS,SignedXml,X509Certificate等)。
As I know, CNG support in the .NET Framework extends only to explicit algorithm wrappers with CNG suffixes (ECDsaCng, SHA256Cng, etc.). None of the higher level services have CNG plumbed through (for instance, CMS, SignedXml, X509Certificate, etc).
有关详细信息,您可以参考以下链接。
For more details, you could refer to the following link.
>> 我需要能够使用Sha256摘要算法创建CMS签名结构使用PSS填充。
如果您想使用SHA256,SHA384& SHA512算法,您将需要一个CNG提供商。
If you want to work with i.e. SHA256, SHA384 & SHA512 algorithms, you will need a CNG provider.
有关更多信息和示例,您可以参考MSDN文章。
For more information and examples, you could refer to the MSDN article.
https://blogs .msdn.microsoft.com / alejacma / 2010/06/02 / an-internal-error-ocurred-when-using-sha-2-algorithms-with-signedcms /
最好的问候,
Wendy
这篇关于微软CNG与CMS / PKCS#7签署无处可寻的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
