digital-signature

I have an API endpoint where external websites can submit a POST request. What would be the best method to make sure the requests are authentic and also are not tampered with, so they respect the principle of integrity ? Since the data is not valuable such as credit card information, I do not require HTTPS integration. I have had a look at both HMACs and Digital Signatures, and I believe the second option would be better, yet I am unsure if this is the way to go? Similarly, would hashing the request and verifying it on my server be enough? Both HMAC and Digital signature provides integrity and

I am using WinVerifyTrust to verify the validity of some Windows executables with the following function, called in a loop from _tmain : int signature_is_valid(const wchar_t *filepath) { GUID guid = WINTRUST_ACTION_GENERIC_VERIFY_V2; WINTRUST_FILE_INFO file_info = { 0 }; WINTRUST_DATA wd; file_info.cbStruct = sizeof(file_info); file_info.pcwszFilePath = filepath; file_info.hFile = NULL; file_info.pgKnownSubject = NULL; ZeroMemory(&wd, sizeof(wd)); wd.cbStruct = sizeof(wd); wd.dwUIChoice = WTD_UI_NONE; wd.fdwRevocationChecks = WTD_REVOCATION_CHECK_NONE; wd.dwUnionChoice = WTD_CHOICE_FILE; wd

I would like to remove the digital signature from a Mac app that has been signed with codesign. There is an undocumented option to codesign, --remove-signature, which by it's name seems to be what I need. However, I can't get it to work. I realize it is undocumented, but I could really use the functionality. Maybe I'm doing something wrong? codesign -s MyIdentity foo.app works normally, signing the app codesign --remove-signature foo.app does disk activity for several seconds, then says foo.app: invalid format for signature and foo.app has grown to 1.9 GB!!! (Specifically, it is the executable

This question already has an answer here : PHP JWT Token Invalid Signature (1 answer) Closed 2 years ago . I am using JWT in my application for login authentication process. To generate the token I am using: Jwts.builder().setSubject(username).signWith(SignatureAlgorithm.HS512, MacProvider.generateKey()).compact(); Generated Token: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJlaG91c2VAZGV2ZXJldXgub3JnIn0.5SX-aU-p_RlfC3CZa-YXnQu_YR7RsG2Xfim3LOmlqxjAZrIyZiz0fYZwViHr113ms8TNvngcJcV07U4hK-RBZQ When I decode this token in jwt.io debugger it tells me an invalid Signature. I am not able to find the reason of this

Here I'm implementing digital signature using RSA. I read a plain text from a file and get MD5 i.e instance of a MessageDigest of the plain text and converting that plain text to BigInteger here this bigInteger should be signed. MessageDigest m1 = MessageDigest.getInstance("MD5"); m1.update(bFile); byte [] digest1 = m1.digest(); for(int i=0; i < digest1.length ; i++){ System.out.println("b["+i+"]="+digest1[i]); } BigInteger bi = new BigInteger(digest1); //here I dont know how to pass BigInteger to Signature function. Could someone please help me with it. You don't. You get the bytes out of the

I have been working with itextpdf-5.5.5, and the Integrity check return false. PdfPKCS7 pkcs7 = fields.verifySignature(name); pkcs7.verify();<------ HERE return false But Adobe Acrobat Reader say: Signed and all signatures are valid. :( This is the document: Test.pdf . Could someone explain what is happening?. Thanks in advance The CMS signature container embedded in your PDF has some questionable properties. In particular it has an encapsulated content, even though it merely is a byte array of length 0. This makes iText include this value in a test which then fails. I would propose creating

I need to append a pdf file to a digital signed pdf file, keeping valid the signature ...maybe using revision? ...using iTextSharp? How can I do it? Please help me with some sample. You can't as that invalidates the whole point of digital signatures, namely to detect when something exactly as you describe occurs and therefore ensure the validity of the original document. To do as you want, you will need to add the extra PDF to the unsigned original PDF and then resign the new conglomerate PDF. You can use Increment Update to do that, as long as the original signature allows you. Take look at