digital-certificate

I want to manually verify the integrity of a signed pdf. I have been able to reach at:- got the value of '/Content' node from pdf(using PyPDF2 ). This is a der encoded PKCS#7 certificate. Now as per pdf specifications , the message digest of the pdf data is stored along with the certificate in /Content node. Tried a lot but I am not able to get the digest value which I would eventually compare with hashed pdf content(specified by /ByteRange ). PDF specification snapshot:- Don't understand the last part that says write signature object data into the dictionary . where does this write actually

I'd like to check programatically if a file has been digitally signed or not. For the moment, I found a rather obscure code in MSDN , that doesn't compile... Any idea on the subject? An external tool with command line would also be great, by the way. The important missing part of the answer mentioning signtool is: Yes, with the well known signtool.exe you can also find out, if a file is signed. No need to download another tool! E.g. with the simple line: signtool verify /pa myfile.exe if %ERRORLEVEL% GEQ 1 echo This file is not signed. (For verbose out put, add a '/v' after '/pa'.) One may ask

I'm trying to sign an XML file using a x.509 certificate, I can use the private key to sign the document and then use the CheckSignature method (it has an overload that receives a certificate as parameter) to verify the signature. The problem is that the user who validates the signature must have the certificate, my concern is, if the user has the certificate then he has access to the private key, and as I understand, this is private and should be available only to the user who signs. What am I missing? Thanks for your help. In .NET, If you get your X509 cert from a .pfx file, like this:

I have a valid certificate issued by the spanish authority (FNMT) and I want to play with it to learn more about it. The file has extension .p12 I would like to read the information in it (first and last name) and check if the certificate is valid. Is it possible to do that with pyOpenSSL? I guess I have to use the crypto module in OpenSSL. Any help or useful link? Trying reading here: http://packages.python.org/pyOpenSSL/openssl-crypto.html but not much information :-( It's fairly straight-forward to use. This isn't tested, but should work: # load OpenSSL.crypto from OpenSSL import crypto #

I'm trying to sign data using the WebCrypto API, but instead of creating a private/public key and exporting it to pkcs#1 or 8, I would really like to use a user's PKCS#12 to sign data. I've read the W3C spec, but cannot make much of it and can't find any good material on how to do this. Right now I want to leave ActiveX and Java Applets aside. Is there a way to tweak the following: var buffer = encode(prompt("Please enter your password")); //TODO: //implement a prompt for a pfx or cert return crypto.subtle.importKey("raw", buffer, "PBKDF2", false, usages); //TODO: //instead of importing it,