 Questions concerning verfication of PKCS7 signed data -
06-14-2007
, 03:20 AM
Hello community
I have written the following piece of (test)-code:
/////////////////////////////////////////////////////////////////////////////
// Try to verify PKCS7 signature
/////////////////////////////////////////////////////////////////////////////
private string VerifySignature(string filename, bool
checkOnlySignature)
{
string content = string.Empty;
try
{
FileStream fs = new FileStream(filename, FileMode.Open,
FileAccess.Read, FileShare.None);
byte[] buffer = new byte[(int)fs.Length];
buffer = new BinaryReader(fs).ReadBytes((int)fs.Length);
fs.Close();
SignedCms signedCms = new SignedCms();
signedCms.Decode(buffer);
signedCms.CheckSignature(checkOnlySignature);
content =
System.Text.Encoding.Default.GetString(signedCms.C ontentInfo.Content);
}
catch (System.Exception ex)
{
string msg = string.Format("Source: {0}\nMessage:
{1}\nStacktrace:\n{2}", ex.Source, ex.Message, ex.StackTrace);
Debug.WriteLine(ex.Message);
MessageBox.Show(msg, "Error", MessageBoxButtons.OK,
MessageBoxIcon.Error);
}
return content;
}
When i use this method with parameter checkOnlySignature := false, the
Method CheckSignature from the class SignedCms also additionaly tries
to verify the signers certificate - right? I've tried to figure out
what exactly is verified, so i found out, that this routine also
checks the revocation of the signers certificate (I've seen some http
requests with Ethereal). Running this code on Workstation AA (behind a
Proxy) i get an exception (sorry, in german..):
"Die Sperrfunktion konnte keine Sperrprüfung für das Zertifikat
durchführen."
The same code running on Workstation BB (not behind a firewall) works
fine (no Exception).
So my question is: How can i influence the behavour of the Method
CheckSignature? I mean the code behind this Method is doing great work
(no question), but it is not well documented and i have no clue, what
exactly is verified and how i can set properties (use proxy, get some
log messages, ...).
@Microsoft:
It's a pity, great work, but documentation is poor...
Feedback is appreciated. Thanks!
Regards, Chris
 |
Linear Mode
