EldoS | Feel safer!

Software components for data protection, secure storage and transfer

CreateBES with Signing Time

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
Posted: 08/14/2014 03:16:16
by Somer B. (Basic support level)
Joined: 08/07/2014
Posts: 7

I'm trying to create a Cades-BES message with signing time with no success (Message does not contain signing time).
How can i add it?

            TElPKCS11CertStorage PKCS11CertStorage;
            TElX509Certificate cert;
            TElPKCS11SessionInfo session;

            PKCS11CertStorage = new TElPKCS11CertStorage();
            PKCS11CertStorage.DLLName = @"C:\Windows\SysWOW64\eTPKCS11.dll";
            session = PKCS11CertStorage.OpenSession(0, true);
            session.Login((int)SBPKCS11Base.Unit.utUser, "xxxx");
            cert = PKCS11CertStorage.get_Certificates(0);

            TElSignedCMSMessage cms = new TElSignedCMSMessage();
            var plainBytes = Encoding.UTF8.GetBytes(plainText);
            cms.CreateNew(plainBytes, 0, plainBytes.Length);

            TElCMSSignature sig = cms.get_Signatures(cms.AddSignature());
            sig.DigestAlgorithm = SBConstants.__Global.SB_ALGORITHM_DGST_SHA256;
            sig.SigningTime = System.DateTime.UtcNow;

            TElCAdESSignatureProcessor processor = new TElCAdESSignatureProcessor();
            processor.Signature = sig;

            MemoryStream cmsStream = new MemoryStream();
            var result = cmsStream.ToArray();
Posted: 08/14/2014 03:21:51
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

How do you check that message doesn't contain the time? Also you don't need to set sig.SigningTime manually as CreateBES method will set it to current UTC time.
Posted: 08/14/2014 03:34:23
by Somer B. (Basic support level)
Joined: 08/07/2014
Posts: 7

with "P7S viewer", please see attached message.
I have tried both ways (with or without setting SigningTime)
Not: I renamed file to be able to upload
Posted: 08/14/2014 03:42:41
by Eugene Mayevski (EldoS Corp.)

Attachments are restricted for a reason, I have removed your attachment.

I suspect that this tool doesn't work right. If you have a link to the web page where it was taken from, you are welcome to post it.

Sincerely yours
Eugene Mayevski
Posted: 08/14/2014 03:44:55
by Vsevolod Ievgiienko (EldoS Corp.)

I've just checked the file using our CMS manager sample and it shows that signing time is on its place. Most likely P7S viewer doesn't work correctly.
Posted: 08/14/2014 04:11:42
by Somer B. (Basic support level)
Joined: 08/07/2014
Posts: 7

Please attached zip which contains signed messages with SecureBlackbox and with another .net library.
With CMS manager sample, i can signing time of both signatures.
With P7S Viewer(http://www.signfiles.com/p7s-viewer): I can see signing time of other signed message, but not SecureBlackBox's.
Also, REM provider in Turkey accepts signature of other but not SecureBlackBox's.(Main purpose)

Do you have any idea?
Posted: 08/14/2014 04:12:25
by Somer B. (Basic support level)
Joined: 08/07/2014
Posts: 7

Sorry, zip is attached
Posted: 08/14/2014 04:16:11
by Eugene Mayevski (EldoS Corp.)

Please do NOT post anything not accepted by the forum. We don't welcome EXE, ZIP and other files unless we explicitly ask for them.

In your case you see not "Signing time" but a Timestamp (as per RFC 3161), which is a different thing. Timestamping is a separate procedure which can be or be not performed during signing. It involves connecting to the third-party timestamping server.

Sincerely yours
Eugene Mayevski
Posted: 08/14/2014 04:18:43
by Vsevolod Ievgiienko (EldoS Corp.)

Its possible that the program shows timestamp, but not the signing time.
Posted: 08/14/2014 04:46:56
by Somer B. (Basic support level)
Joined: 08/07/2014
Posts: 7

Sorry for the attachments.
Both of them are not timestamped, side by side screenshot is attached.

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.



Topic viewed 1189 times

Number of guests: 2, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!