[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-capicom
Subject:    Re: Viewing and verifying signed data
From:       "Michel Gallant (MVP)" <neutron () ISTAR ! CA>
Date:       2003-03-14 4:14:04
[Download RAW message or body]

Dave,
You can sign the data as "included" or "detached" as specified by
second argument of SignedData.Sign method:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/signeddata_sign.asp

If you include the data (second argument false), the data is encoded into the
CMS/pkcs7 signature block. In this case, your client application will need
to extract that content from the signed-data file that is downloaded (or
on the server) and simply extract the data for display.
A simple client-side vbs example of this is:
    http://pages.istar.ca/~neutron/clientsign
While the included-data signature is generated here on the client, for you
case you would deploy this encoded signature block the server and have
the client script simply verify the signature and extract the raw content.

 - Michel Gallant
   MVP Security
   http://www.jensign.com


Dave Mentzer wrote:

> Using CAPICOM/IIS/ASP, I have a file containing text that I have
> successfully signed.  For now, I have stored the signature in a separate
> file. Is it necessary or required for the source file containing the text
> and the signature to be stored in separate files? I can't seem to find in
> the documentation where you can store the source file text and the
> signature in one file.  My users want to view and/or download the signed
> file from an ASP intranet site. Thanks.
[prev in list] [next in list] [prev in thread] [next in thread]