使用X509证书签名留言 [英] Message Signing using X509 certificate
问题描述
我在使用下面的代码一个asp.net web服务使用数字证书签名的消息。
签名是工作的罚款期待signedMessage.ComputeSignature线最多服用,因为这30到40秒我是脸超时异常。当我在Windows下运行相同的代码构成的应用程序产生的结果在几分之一秒。任何线索或帮助。
公共静态字符串加密(字符串fullMessage,串certificateName,布尔deAttch)
{
X509Certificate2签名= GetCertificate(certificateName);
字节[] = contentBytes Encoding.ASCII.GetBytes(fullMessage);
Oid的contentOid =新的Oid(1.2.840.113549.1.7.1,PKCS 7数据);
SignedCms signedMessage =新SignedCms(新ContentInfo(contentOid,contentBytes),deAttch);
signedMessage.ComputeSignature(新CmsSigner(签名者));
字节[] = signedBytes signedMessage.Encode();
返回Convert.ToBase64String(signedBytes).Trim();
}
我不知道这是否应该是一个答案(我不知道它会造成什么样的影响,但我会找到)。只需设置一个属性。
cert.IncludeOption = X509IncludeOption.EndCertOnly;
的
CmsSigner证书=新CmsSigner(签名者);
而之前我创建的对象使用构造函数,直接传递给方法。现在,它工作正常,并没有考虑那么多时间。
公共静态字符串加密(字符串fullMessage,串certificateName,布尔deAttch)
{
X509Certificate2签名= GetCertificate(certificateName);
字节[] = contentBytes Encoding.ASCII.GetBytes(fullMessage);
Oid的contentOid =新的Oid(1.2.840.113549.1.7.1,PKCS 7数据);
SignedCms signedMessage =新SignedCms(新ContentInfo(contentOid,contentBytes),deAttch);
CmsSigner证书=新CmsSigner(签名者);
cert.IncludeOption = X509IncludeOption.EndCertOnly;
signedMessage.ComputeSignature(CERT);
字节[] = signedBytes signedMessage.Encode();
返回Convert.ToBase64String(signedBytes).Trim();
}
私有静态X509Certificate2 GetCertificate(字符串certificateName)
{
的X509Store店=新的X509Store(StoreName.My,StoreLocation.LocalMachine);
store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadOnly);
X509Certificate2证书= store.Certificates.Cast&所述; X509Certificate2方式>()如(CERT = GT; cert.Subject.IndexOf(certificateName)GT; = 0).FirstOrDefault();
如果(证书== NULL)
抛出新的异常(证书+ certificateName +没找到。);
返回证书;
}
I am signing message using digital certificate in a asp.net web service using below code. Signing is working fine expect signedMessage.ComputeSignature line is taking up to 30 to 40 seconds because of this i am face timeout exception. The same code when i am running under windows forms application is producing result in fraction of second. Any clue or help.
public static string Encrypt(string fullMessage, string certificateName, bool deAttch)
{
X509Certificate2 signer = GetCertificate(certificateName);
byte[] contentBytes = Encoding.ASCII.GetBytes(fullMessage);
Oid contentOid = new Oid("1.2.840.113549.1.7.1", "PKCS 7 Data");
SignedCms signedMessage = new SignedCms(new ContentInfo(contentOid, contentBytes), deAttch);
signedMessage.ComputeSignature(new CmsSigner(signer));
byte[] signedBytes = signedMessage.Encode();
return Convert.ToBase64String(signedBytes).Trim();
}
I am not sure whether this should be a answer (I don't know what impact it cause, but i will find out). Just setting a property
cert.IncludeOption = X509IncludeOption.EndCertOnly;
of
CmsSigner cert = new CmsSigner(signer);
where previously i was creating object using constructor and passing directly to method. Now it is working fine and not taking that much time.
public static string Encrypt(string fullMessage, string certificateName, bool deAttch)
{
X509Certificate2 signer = GetCertificate(certificateName);
byte[] contentBytes = Encoding.ASCII.GetBytes(fullMessage);
Oid contentOid = new Oid("1.2.840.113549.1.7.1", "PKCS 7 Data");
SignedCms signedMessage = new SignedCms(new ContentInfo(contentOid, contentBytes), deAttch);
CmsSigner cert = new CmsSigner(signer);
cert.IncludeOption = X509IncludeOption.EndCertOnly;
signedMessage.ComputeSignature(cert);
byte[] signedBytes = signedMessage.Encode();
return Convert.ToBase64String(signedBytes).Trim();
}
private static X509Certificate2 GetCertificate(string certificateName)
{
X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadOnly);
X509Certificate2 certificate = store.Certificates.Cast<X509Certificate2>().Where(cert => cert.Subject.IndexOf(certificateName) >= 0).FirstOrDefault();
if (certificate == null)
throw new Exception("Certificate " + certificateName + " not found.");
return certificate;
}
这篇关于使用X509证书签名留言的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
