digital-signature

I am writing an assembly information application to be used in our software build process and am trying to read the digital signature information from a signed .Net assembly. I want to do in my C# code what Windows Explorer can do by right-clicking a signed assembly and selecting the "Digital Signatures" tab and then clicking the Details button. e.g. Has anyone got an idea how to do this programmatically in C#? I am currently using the Mono Cecil library to get the rest of the information from the assembly. Your help will be most appreciated. The Mono project provides source code for both

I'm working on a SAML gateway using Ruby/Rails and I'm attempting to write some code that validates the xml digital signature of the incoming SAML response against the x509 cert of the originating service. My problem: the signature depends on a canonicalized version of the XML that is hashed and then signed and I'm having trouble finding a ruby lib/gem that will canonicalize XML per the spec . I found a super old gem on rubyforge that is a mess but I'd be more interested if something like nokogiri supported this kind of functionality (from the nokogiri docs, it doesn't). I've googled

We produce a content management system. It's a database-based system, used only by businesses and organizations, and never downloadable from the Internet. That is, it's not the kind of software someone might stumble upon and wonder what it is and whether it's safe to run. Over the 20+ years our system is being sold, its executables have never been digitally signed. Is it time for us to start signing them? For starters, I can think of a few pros and cons: Pro: If using Verisign certificates, Windows Error Reporting can be used Pro: When Windows Vista and Windows 7 show one of those annoying UAC

I need to digitally sign a String using the SHA-1 digest algorithm first and then apply the RSA algorithm, using a PrivateKey to sign it. I already have the PrivateKey stored in my database as data type char(250) in base64. My problem is that I don't know how to convert it into a PrivateKey for using it for signing in: Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, privateKey); byte[] cipherText = cipher.doFinal(digest); Digest was an array of bytes to which I applied the SHA-1 digest algorithm: MessageDigest md = MessageDigest.getInstance("SHA-1"); byte [] ba =

I am trying to generate digital signatures on Windows (from XP SP3, but currently testing with Windows 7) with CryptoAPI that will be compatible with the following openssl commands: openssl dgst -sha256 -sign <parameters> (for signing) openssl dgst -sha256 -verify <parameters> (for validation) I want to use a private key from the Windows "MY" keystore for signing. I managed to sign files using the SHA1 digest algorithm by using the following CryptoAPI functions (omitting parameters for brevity): CertOpenStore CertFindCertificateInStore CryptAcquireCertificatePrivateKey CryptCreateHash (with

I am a newbie in using Digital Signatures. In one of the projects we are using Apache PdfBox for processing digitally signed pdf files. While we could test all features, verification of signed pdf files is something we are unable to crack. We are using BouncyCastle as the provider. Below is the code: //Get Digital Signature and Signed Content from pdf file byte[] signatureAsBytes = pdsignature.getContents(new FileInputStream(this.INPUT_FILE)); byte[] signedContentAsBytes = pdsignature.getSignedContent(new FileInputStream(this.INPUT_FILE)); //Digital Signature Verification Security.addProvider