I'm working with CAPICOM libary, but it is not available on Android and iOS. As far as i know, CAPICOM signed message is in PKCS#7 format, then i want to use OpenSSL to create signed message like CAPICOM did.
The OpenSSL commands i used:
iconv -f utf-8 -t utf-16le data.bin > data-utf16le.bin
openssl smime -sign -binary -noattr -in data-utf16le.bin -signer demo.pem -inkey demo.key -out sign.txt -outform PEM
then i verified with CAPICOM as this sample: http://www.codeproject.com/Articles/9691/Using-CAPICOM-in-NET-for-Digital-Signatures-with-A
The verify method is:
public bool VerifyDetachedSignature(string plaintextMessage, string signedContent, Encoding encodingType)
{
try
{
this._clearText = plaintextMessage;
this._signedContent = signedContent;
CAPICOM.SignedData signedData = new CAPICOM.SignedDataClass();
CAPICOM.Utilities u = new CAPICOM.UtilitiesClass();
IntPtr _content = u.ByteArrayToBinaryString(encodingType.GetBytes(plaintextMessage));
signedData.set_Content(_content);
int len = _signedContent.Length;
signedData.Verify(_signedContent,true, CAPICOM.CAPICOM_SIGNED_DATA_VERIFY_FLAG.CAPICOM_VERIFY_SIGNATURE_ONLY);
SignerCert=null;
CAPICOM.Signer s = (CAPICOM.Signer) signedData.Signers[1];
SignerCert = (CAPICOM.Certificate)s.Certificate;
return true;
}
catch(COMException e)
{
return false;
}
}
encodingType is System.Text.Encoding.UTF8.
The result is invalid.
I sign again with CAPICOM and i saw that the length of signed message in this case is longer than the length of signed message created by OpenSSL.
Please help me to understand!