digital-signature

I need to know if any kind of file can be signed digitally, using RSA, a certificate, and that stuff, or if only certain kind of files can be signed. All this, using PHP. In example: Can a plain text file be signed digitally?, What about images (png, jpeg, bmp)? I don't need to "attach" an image with a graphic signature. Thank you for your help. neubert Using phpseclib, a pure PHP RSA implementation (updated here ): <?php include('Crypt/RSA.php'); $rsa = new Crypt_RSA(); extract($rsa->createKey()); $plaintext = 'terrafrost'; $rsa->loadKey($privatekey); $signature = $rsa->sign($plaintext); $rsa

In my build process, I want to include a timestamp from an RFC-3161-compliant TSA. At run time, the code will verify this timestamp, preferably without the assistance of a third-party library. (This is a .NET application, so I have standard hash and asymmetric cryptography functionality readily at my disposal.) RFC 3161, with its reliance on ASN.1 and X.690 and whatnot, is not simple to implement, so for now at least, I'm using Bouncy Castle to generate the TimeStampReq (request) and parse the TimeStampResp (response). I just can't quite figure out how to validate the response. So far, I've

What is the difference between compute a signature with the following two methods? Compute a signature with Signature.getInstance("SHA256withRSA") Compute SHA256 with MessageDigest.getInstance("SHA-256") and compute the digest with Signature.getInstance("RSA"); to get the signature? If they are different, is there a way to modify the method 2 so that both methods give the same output? I tried the following code: package mysha.mysha; import java.security.MessageDigest; import java.security.PrivateKey; import java.security.Security; import java.security.Signature; import org.bouncycastle.jce

I am trying to create a signature using the HMAC-SHA256 algorithm and this is my code. I am using US ASCII encoding. final Charset asciiCs = Charset.forName("US-ASCII"); final Mac sha256_HMAC = Mac.getInstance("HmacSHA256"); final SecretKeySpec secret_key = new javax.crypto.spec.SecretKeySpec(asciiCs.encode("key").array(), "HmacSHA256"); final byte[] mac_data = sha256_HMAC.doFinal(asciiCs.encode("The quick brown fox jumps over the lazy dog").array()); String result = ""; for (final byte element : mac_data) { result += Integer.toString((element & 0xff) + 0x100, 16).substring(1); } System.out

Please, could someone point me in the right direction to digitally sign an MS-Office document (docx, xlsx, pptx) in Apache POI, or any other open source library? I have already reviewed the classes under org.apache.poi.openxml4j.opc.signature but I cannot understand how I could add a signature to a document. Check this sample code .. this sample code uses a file keystore PFX (PKCS12) .. Signs the Document and verify it. // loading the keystore - pkcs12 is used here, but of course jks & co are also valid // the keystore needs to contain a private key and it's certificate having a //

I have this scenario. I have an application that generates a PDF, and that needs to be signed. We have not the certificates to sign the document, because they're in a HSM, and the only way we could make use of the certificates is using a webservice. This webservice, offers two options, send the PDF document, and it returns a signed pdf, or send a hash that will be signed. The first option, is not viable, because the PDF is signed without a timestamp (this is a very important requisite), so the second option is chosen. This is our code, first, we get the signature appearance, and calculate the

We want our users to download preconfigured installers of our software for Windows. Pre-configured data consists of settings based on user account data. The customization is to be done in a Java server running on Linux. We need to have those installers digitally signed. Unfortunately we cannot have private signing key on those servers, due to security policy. Can you think of ways to put some metadata into either MSI or EXE while preserving digital signature or other approaches to fulfill the use case? EDIT : The requirement is to have a single file download, so unfortunately parallel ini file

I want to manually verify the integrity of a signed pdf. I have been able to reach at:- got the value of '/Content' node from pdf(using PyPDF2 ). This is a der encoded PKCS#7 certificate. Now as per pdf specifications , the message digest of the pdf data is stored along with the certificate in /Content node. Tried a lot but I am not able to get the digest value which I would eventually compare with hashed pdf content(specified by /ByteRange ). PDF specification snapshot:- Don't understand the last part that says write signature object data into the dictionary . where does this write actually