Hi, After some searching how I could digital sign a PDF document with PHP I couldn't really find a working solution. Does anybody know how to do this? Or do you know a third-party service which can sign PDF's for us? ...
Hi, Im devloping a system that needs to sign files. I already have a function that receive the byte[] of data to sign and the X509 Certificate and computes the signature using System.Security.Cryptography.Pkcs namespace. Its important to note that we need the signature to be dettached, so for verification we use the file, the dettached ...
As explained in the MSDN, it is possible to generate new public/private keys by calling the method DSACryptoServiceProvider.ExportParameters. The result of this method is of type DSAParameters. What is the de facto standard on dealing with these keys? Should I generate new keys for each transaction or should I generate keys once, store ...
I need to send signed emails from within my C# .NET application. Which is the easiest way to do this? ...
I'm posting data to REST URI, in the form of xml snippet with header and body. The body is encrypted, and then the header includes a digital signature (which is the encypted body hashed with SHA1 and then encrypted. My question is, how do I create the signature. What is the method used to encrypt - I have been told to use the same share...
I'm considering using an XML dsig for basic app licensing. The app is native windows code (no .net). I can easily use .net to create a dsig offline, but then I want to verify it in native c++. From what I've found so far MSXML V5 will do the job, but musn't be used and V6 removes support for dsigs. So how can I easily verify an XML dsig...
Hi, How can I sign digitally a string with SHA-2 by PowerShell script, not using OpenSSL? I know how to do it with OpenSSL, but I'm wondering if there is a way to do it with .Net classes. Thank you. ...
I created a simple file browser in PHP that links to the files through generation expiring query URLs. So for each access to a directory, a link to each file is generated that is valid for say 900 seconds. I now have the problem that the generated signatures seem to fail sometimes. Which is strange, since I intentionally used external S...
As displayed by rpm -qi package? I don't really want to parse the output of rpm -qi. I'd much rather use rpm -q --qf, of which I can control the format and is not subjected to a future version's aesthetic whims. But the only useful tag I can find in the man page is SIGPGP, which gets me the entire signature, not only the short key id. ...
After signing exe by using VeriSign, if we right click to exe we can see "digital signature" tab which gives information about certificate. Where exactly this information will be stored? I mean how operating system will come to know which certificate is related to which file? Is there anything embed inside exe while signing? How can I wr...
Hi, I use Axis 1 (v1.4) web service client to access a web service that exchanges XML data containing elements of xsd:any type. The XML as a whole is signed with an enveloped digital signature. The problem I experience is that Axis transforms the XML elements of xsd:any type by replacing the sign > with >, < with <, etc. Once I g...
In our application logs must be signed in order to prove that they have not been changed after they happened. This means that they must be signed using some sort of timestamp that links the signature with the time at which the log was written and signed. This way the log cannot be modified and signed again without changing that timesta...
Hi. I'm developing an Android application, but I want to restrict my application to only be accessible by hardware that is not running a rooted/custom ROM. I know about Android's Forward Locking content protection, but would like to double check this protection from within my app. Is there any way to get the signature of the device along...
Hi I have a x.crt file which is used to sign certain contents and a signature file is generated x.sig the x.crt is having a Certificate part which contains a public key a content signature field etc. when i try to parse the x,crt and when i try to generate a x509 certificate its showing invalid DER format if try to extract public key alo...
Hi, I created "email management" tool that does bulk email management(standalone exe C# .NET4 application that "connects" to Oulook 2007 and via Microsoft.Office.Interop.Outlook "monitors" all user emails; not Outlook Add-in but standalone exe app + there are reasons why it's not addin architecture). Now, during testing phase I realise...
I just noticed that when I use DSACryptoServiceProvider class on IIS it triggers a CryptographicException saying it can't load a file. It doesn't specify the file. After hours I found that this exception is not triggered when the IIS Application Pool Identity is set to Local System which is the most privileged account available. This me...
I have a client who wants to upload pdf document in the system and have certain pages signed online without downloading anything. Here is little bit more description: Upload a Pdf of 5 pages On page 2 and 4, he needs to print/sign name online. I told him that there are services like docusign but he wants us to develop something like t...
WSLK requires that the unins000.exe, generated by Inno, is signed. The only way I devised to do that is by unpacking the installer, signing and then repacking it again. Isn't there an easier way? I have found an Inno Unpacker, but I'm not sure about how to repack it. ...
I receive smime message with content-type 'Application/EDI'. It is non-standard mime type and content should be interpreted as binary. But OpenSSL during verifying signature treats it as text and changes line breaks from '\n' to '\r\n' (as needed by spec for content-type 'text'). So digest becomes wrong and verification fails. Is there ...
Hi, I have a problem to merge assemblies and signing the combined assembly with password automatically when building the project. The visual studio built-in sign in function is pretty good that once you entered the password for the .pfx, you don't have to enter it anymore and the password seems to be well hidden (that's what I think at...