Re: CryptSignMessage on very large files

One simple solution is to incrementally compute the SHA-1 hash of the large
pdf and then digitally sign that hash with CryptSignMessage (the message now
being the 20 byte hash).
- Mitch

"patrickc" <patrickc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4E53A5E6-CEF9-411D-9255-E0B0E44D7B3F@xxxxxxxxxxxxxxxx

Then why are you replying to my post about CryptSignMessage???

(other than to solicit your own commercial software package.........)



"Stefan Engelbert" wrote:

Our own methods


"patrickc" <patrickc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:15F577AC-4AFE-47AD-91E6-84C410FE7F98@xxxxxxxxxxxxxxxx

What Crypt* methods did you use to hash these 'chunks'?


"Stefan Engelbert" wrote:

No, I'm certain that the PDF is being assembled correctly.

OK

Why doesn't CryptSignMessage provide the ability to call into
multiple
times
to sign large amounts of data?

Well, there might be several reasons behind it. But you dont have to
ask
me
:-)

I dont know if it would help you. Our Software does internally suppot
hashing of chunks.
Since we are currently opening our APIs to the public and document
them
on
http://www.aloaha.com/software-development/smart-card-api.php
we could do that next with our HASH function.

But what kind of application are you coding? Would you be able to use
3rd
party software?

Stefan



"Stefan Engelbert" wrote:

Hi,

probably you are not missing only a step while signing but also
several
steps while rebuilding the PDF. Why dont you simply take an
existing
solution?

Stefan

"patrickc" <patrickc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7B6B315B-81F8-4713-A0F9-6E9520060704@xxxxxxxxxxxxxxxx
Hello,

I'm using CryptSignMessage to sign PDF files and it works fine
for
the
most
part. However, I really don't want to have to buffer up the
entire
PDF
file
(they could be huge!) to pass in the MessageArray. I've looked
at
using
CryptMsgCalculateEncodedLength/CryptMsgOpenToEncode/CryptMsgUpdate
with
the
appropriate SHA1 algo and CMSG_DETACHED_FLAG and CMSG_SIGNED
flags
turned
on
- but the resulting PKCS7 is smaller than what I get out of
CryptSignMessage,
and Acrobat rejects the signed PDF as 'corrupted'. This is the
sample
code
I started with:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/example_c_program_encoding_and_decoding_an_enveloped_message.asp

Am I missing a step? I can't find any solid doc on how to
simulate
CryptSignMessage using the lower-level Crypt* calls.













.

Relevant Pages

  • Re: CryptSignMessage on very large files
    ... That is why I was feeding the 2 large PDF content values to ... CryptSignMessage and setting the detached flag to true... ... Doing the same thing in this case (passing the SHA1 hash) to ... I dont know if it would help you. ...
    (microsoft.public.platformsdk.security)
  • Re: CryptSignMessage on very large files
    ... What Crypt* methods did you use to hash these 'chunks'? ... "Stefan Engelbert" wrote: ... I'm using CryptSignMessage to sign PDF files and it works fine for the ...
    (microsoft.public.platformsdk.security)
  • Re: CryptSignMessage on very large files
    ... What Crypt* methods did you use to hash these 'chunks'? ... "Stefan Engelbert" wrote: ... steps while rebuilding the PDF. ...
    (microsoft.public.platformsdk.security)
  • Re: PDF problem..
    ... Gnostice PDFtoolkit does not support digital signing at this time but what you ... Stamping PDF ... including hash, time stamp, etc. ... > via the USPS Electronic Postmark (EPM) SDK. ...
    (borland.public.delphi.thirdpartytools.general)
  • Re: FC5 mozilla/firefox cant openb .pdf files
    ... Hash: SHA1 ... Paul Erickson wrote: ... As far as I can tell, it happens to every pdf. ...
    (Fedora)