0

I have a set of questions:

  1. What does a .p7s file contain? I read that it usually is an encrypted message sent to an e-mail, but in my case I have a file and a .p7s file on my hdd. The file is much larger than the .p7s, so I am wondering what is in it (and of course how to later use it).

2.this question occurs mostly because I have no naswer for 1. - If I have my public key in the form of a byte array, how can I verify the signature in C#? I found this on the internet, but again, it uses some text gotten from an e-mail and I honestly don't know what is happening:

public static bool Verify(byte[] signature, string text)
        {
            X509Certificate2 certificate = new X509Certificate2(@"D:\My-CV.docx.p7s");

            if (signature == null)
                throw new ArgumentNullException("signature");
            if (certificate == null)
                throw new ArgumentNullException("certificate");

            //hash the text 
            // Methode 3 for Hashing
            System.Security.Cryptography.SHA1 hash3 = System.Security.Cryptography.SHA1.Create();
            System.Text.UnicodeEncoding encoder = new System.Text.UnicodeEncoding();
            byte[] combined = encoder.GetBytes(text);
            byte[] hash3byte = hash3.ComputeHash(combined);

            //Adding the text from the email, to a contentInfo 
            ContentInfo content = new ContentInfo(hash3byte);

            // decode the signature
            SignedCms verifyCms = new SignedCms(content, true);
            verifyCms.Decode(signature);

            // verify it
            try
            {
                verifyCms.CheckSignature(new X509Certificate2Collection(certificate), false);
                return true;
            }
            catch (CryptographicException)
            {
                return false;
            }
        }

Can someone help me with this?

Mario Stoilov
  • 3,411
  • 5
  • 31
  • 51

1 Answers1

0

The .p7s file is containing the signature of your document. The content is not encrypted, but it's look like.

The document file is much larger, because it contains the date, the .p7s the signature.

To check the signature, you need the public part of the certificate with which the document was signed.

You can check this two posts to check the signature :

The last thing is to load the signature data, from the p7s file. I make some search, and come back to you.

Community
  • 1
  • 1
Rom Eh
  • 1,981
  • 1
  • 16
  • 33
  • Well I have the public part of the certificate, but how can I use it? The .p7s file has a lot of properties, but which one of them is the document signature? – Mario Stoilov Oct 24 '13 at 09:46
  • Can you display this file content ? – Rom Eh Oct 24 '13 at 11:58
  • Which one? The .p7s file? If I could display it's content I wouldn't be asking this question. The other file is an ordinary .docx file. – Mario Stoilov Oct 24 '13 at 13:08
  • You can open it with a text editor, like notepad or notepad++. – Rom Eh Oct 24 '13 at 21:07
  • When opened with notepad++ I see mostly gibberish (like when you open an .exe with notepad++). There are readable bits (the signature provider, my phonenumber, my name and a link. Would love to paste it in pastebin, but when i try to copy it only the first 3 lines get copied :/ – Mario Stoilov Oct 24 '13 at 22:47