Re: Digital signatures in ZIP files

From: Matt Lyons [MSFT] (mattlyon@online.microsoft.com)
Date: 01/04/03 

From: "Matt Lyons [MSFT]" <mattlyon@online.microsoft.com>
Date: Fri, 3 Jan 2003 17:30:06 -0800

I don't know the ZIP file format, but support for certificates in v1.0 of
the .NET Framework is limited to single DER (and I think BER) encoded
certificates. If the cert is stored in some other way, such as a PKCS #7,
you can't just plug it directly into the X509Certificate class. I'm not
sure what you want to do with the certificate, but you might try using
interop with CAPICOM and see if that solves your problem. You could also
PInvoke to the CryptoAPI 2.0 functions. 

--
Matt Lyons
.NET Framework Security, http://www.amazon.com/exec/obidos/ASIN/067232184X
[This posting is provided "AS IS" with no warranties, and confers no
rights.]
"Chris Morrison" <chris-[TRAP]morrison@dsl.[SPAM]pipex.com(Remove [TRAP] and
[SPAM] to reply)> wrote in message news:u3N2Um4sCHA.2124@TK2MSFTNGP12...
> I have developed a class in C# to extract ZIP files, but I am stumped on
how
> to deal with ZIP files which are digitally signed using X.509 Digital
> Certificates.
>
> I have tried extracting the data from the ZIP files digital certificate
> store into a byte array and use it to create an instance of the
> System.Security.Cryptography.X509Certificates.X509Certificate class but it
> throws an exception saying: Input data cannot be coded as a valid
> certificate.
>
> If anyone has any pointers or suggestions, I'm really stuck on this one.
>
> Kind Regards,
>
>
> Chris
>
>

Relevant Pages

  • Re: BUG: Failed to encrypt outgoing messages with non WSE2QuickStartClient certificate
    ... > I am still using one that is slightly earlier than the one on .NET Framework ... the WSE team tried hard to have the version in the .NET ... master version of makecert.exe can be found in the Platform SDK, ... certificates will then work with WSE. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: Extracting certificate from the smart card thru cryptoApi in c#
    ... there is good support for certificates in capi stores. ... See also "Using Cryptography with the .NET Framework" pp. 669 in ... ".NET Framework Security", ...
    (microsoft.public.dotnet.security)
  • CAPI Revocation checking PKCS#7 issues : CertDllVerifyRevocation dll
    ... I need to perfrom this operation in order to pass the X.509 ... certificates to a third party authentication server. ... I have a PKCS#7 and wish to extract the X509 Certificates ... BOOL WINAPI CertDllVerifyRevocation(IN DWORD dwEncodingType, ...
    (microsoft.public.platformsdk.security)
  • CAPI Revocation checking PKCS#7 issues : CertDllVerifyRevocation dll
    ... I need to perfrom this operation in order to pass the X.509 ... certificates to a third party authentication server. ... I have a PKCS#7 and wish to extract the X509 Certificates ... BOOL WINAPI CertDllVerifyRevocation(IN DWORD dwEncodingType, ...
    (microsoft.public.platformsdk.security)
  • Re: Certificate store
    ... Some questions about the microsoft certificate store: ... is there a way to extract certificates from a microsoft ... is there a way to extract the certificates from within a linux environment? ...
    (Pen-Test)