'Re: Validate PKCS7 Signed Message.'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: Validate PKCS7 Signed Message.
From:       Patrick Dolan <Patrick_Dolan () EFUNDS ! COM>
Date:       2001-09-28 14:47:15
[Download RAW message or body]


Try using CryptVerifyMessageSignature(...)






"Richard RL. Louapre" <richard.louapre@DOCFLOW.IT>@DISCUSS.MICROSOFT.COM>
on 28/09/2001 14:13:44

Please respond to Microsoft Cryptographic API
      <CryptoAPI@DISCUSS.MICROSOFT.COM>

Sent by:  Microsoft Cryptographic API <CryptoAPI@DISCUSS.MICROSOFT.COM>


To:   CryptoAPI@DISCUSS.MICROSOFT.COM
cc:
Subject:  Validate PKCS7 Signed Message.


I try to validate an PKCS7 Signed Message, but CryptVerifySignature turn
always NTE_BAD_SIGNATURE.
If I use an other tool to verify this message, I've no problem.
I dump an signed message with CryptoAPI (CryptSignMessage) and the
other.
There is any differences :
for example, messageDigest, signingTime are not in the CryptoAPI
message.
I've try this to validate this message:
CryptAcquireContext(&hCryptProv, NULL, MS_DEF_PROV, PROV_RSA_FULL, 0)

hStore = CertOpenStore(CERT_STORE_PROV_MEMORY,
                    X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, 0, 0, 0);

CertAddEncodedCertificateToStore(hStore, X509_ASN_ENCODING,
                    pbCertEncoded, cbCertEncoded,
                    CERT_STORE_ADD_REPLACE_EXISTING, &pCertContext))

CryptImportPublicKeyInfo(hCryptProv,  X509_ASN_ENCODING,
                    &(pCertContext->pCertInfo->SubjectPublicKeyInfo),
&hCryptKey))

CryptCreateHash(hCryptProv, CALG_MD5, 0, 0, &hHash)
CryptHashData(hHash, pbBuffer, dwBufferLen, 0)

CryptVerifySignature(hHash, pbSignature, dwSignatureLen, hCryptKey,
                    NULL, 0)

HELP !!

Richard LOUAPRE
Applications Developer
E-Mail : richard.louapre@docflow.it
Docflow Italia S.R.L.

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic