public static String getSigndata(byte[] tbs, String path, String pin) throws Exception {
Security.addProvider(new BouncyCastleProvider());
FileInputStream fis = new FileInputStream(path);
KeyStore ks = KeyStore.getInstance("pkcs12");
ks.load(fis, pin.toCharArray());
String alias = ks.aliases().nextElement();
Certificate[] certificateChain = ks.getCertificateChain(alias);
PrivateKey privateKey = (PrivateKey) ks.getKey(alias, pin.toCharArray());
X509Certificate certificate = (X509Certificate) ks.getCertificate(alias);
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
generator.addSigner(privateKey, certificate, CMSSignedDataGenerator.DIGEST_SHA256);
ArrayList list = new ArrayList();
for (int i = 0; i < certificateChain.length; i++) {
list.add(certificateChain[i]);
}
CertStore chainStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(list), new BouncyCastleProvider());
generator.addCertificatesAndCRLs(chainStore);
CMSProcessable content = new CMSProcessableByteArray(tbs);
CMSSignedData signedData = generator.generate(content, true, new BouncyCastleProvider().getName());
String pkcs7Data = new String(Base64.encode(signedData.getEncoded()));
pkcs7Data = pkcs7Data.replaceAll("\\r|\\n", "");
return pkcs7Data;
}
.NET Code for All API Methods
public String Signeddataraca(String tbsData,String PFXFilePath, String pin)
{
string Signeddataraca = string.Empty; Encryption oEncryption = new Encryption();
CryptoConfig.AddAlgorithm(typeof(Security.Cryptography.RSAPKCS1SHA256SignatureDes cription), "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
X509Certificate2 Cert = new X509Certificate2(PFXFilePath, pin, X509KeyStorageFlags.Exportable);
byte[] tbsBytes = Encoding.ASCII.GetBytes(tbsData);
RSACryptoServiceProvider key1 = (RSACryptoServiceProvider)Cert.PrivateKey;
RSAParameters rasparam = key1.ExportParameters(true);
AsymmetricCipherKeyPair keypair = Org.BouncyCastle.Security.DotNetUtilities.GetRsaKeyPair(rasparam);
AsymmetricKeyParameter privateKey = keypair.Private; RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
Org.BouncyCastle.X509.X509Certificate ce = Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate(Cert);
AsymmetricKeyParameter publicKey = ce.GetPublicKey(); CmsSignedDataGenerator generator = new CmsSignedDataGenerator(); generator.AddSigner(privateKey, ce, CmsSignedDataGenerator.DigestSha256);
var storeCerts = new List<Org.BouncyCastle.X509.X509Certificate>(); storeCerts.Add(ce);
var storeParams = new X509CollectionStoreParameters(storeCerts);
var certStore = X509StoreFactory.Create("CERTIFICATE/COLLECTION", storeParams); generator.AddCertificates(certStore);
CmsProcessable content = new CmsProcessableByteArray(tbsBytes); CmsSignedData signeddata = generator.Generate(content, true); byte[] byteSignedData = signeddata.GetEncoded();
string encodedSigneddata = System.Convert.ToBase64String(byteSignedData); Signeddataraca = encodedSigneddata;
return Signeddataraca;
}