Pkcs7SignatureGenerator
Pkcs7SignatureGenerator copied to clipboard
jariq
Error building certpath
Hi, i got this error while building certpath while signing a file
List<byte[]> otherCertificates = pkcs7.GetAllCertificates(); ICollection<Org.BouncyCastle.X509.X509Certificate> certPath = CertUtils.BuildCertPath(CertCKA, otherCertificates,false);
thank you
CertUtils.BuildCertPath() method builds the whole certificate chain up to a root certificate which is always self-signed.
Hi, i try to write an example to explain my case:
I have 1 User Certificate and 2 User Keys (Public and Private)
this is my function to generate pkcs7
pkcs7=Pkcs7SignatureGenerator(Library,_selectedSlot.TokenInfo.SerialNumber,_selectedSlot.TokenInfo.Label,pin,PrivateKey.CkaLabel,PrivateKey.CkaId,HashAlgorithm.SHA256,SignatureScheme.RSASSA_PKCS1_v1_5);
now i take all certificate from pkcs7
List<byte[]> otherCertificates = pkcs7.GetAllCertificates();
and in the end
ICollection<Org.BouncyCastle.X509.X509Certificate> certPath = CertUtils.BuildCertPath(UserCertificate.CkaValue, otherCertificates ,true);
when i run my application i got this error
What should I do to correct this error?
thank you
In this case pkcs7.GetAllCertificates(); returns all certificates stored on your token/card. Import CA certificates on your card and let me know the result.
Hi, this is my code for import CA
List<byte[]> otherCertificates = new List<byte[]>();
byte[] certUnobyte = File.ReadAllBytes("C:\\temp\\InfoCert_Servizi_di_Certificazione.cer");
byte[] certDuebyte = File.ReadAllBytes("C:\\temp\\InfoCert_Servizi_di_Certificazione_2.cer");
otherCertificates.Add(certUnobyte);
otherCertificates.Add(certDuebyte);
ICollection<Org.BouncyCastle.X509.X509Certificate> certPath = CertUtils.BuildCertPath(CertCKA, otherCertificates,true);
this is the error i got
You are most likely not importing all CAs (up to root CA) forming the certification path or you are importing incorrect ones.