Digital Signature Mechanics
Applications sign/verify hash values by using the
CryptSignHash and
CryptVerifySignature functions. The application often specifies a description string, which must
added to the hash object before it is signed/verified.
The signature process typically goes something like this:
- The application creates a hash object using CryptCreateHash.
- The application adds data to the hash object using CryptHashData and/or CryptHashSessionKey.
- The application calls the CryptSignHash function to sign the hash value, specifying a description string.
- The operating system layer accepts the CryptSignHash invocation, converts the description string to Unicode (if it isn't Unicode
already) and then hands off the task to the CSP via the CPSignHash function.
- The CSP adds the Unicode description string to the hash object, via the CPHashData function. The terminating null character is not hashed in.
- The CSP completes the hash and obtains the hash value to be signed using the CPGetHashParam function.
- The CSP takes the hash value, pads it out to the size of the public key
modulus, and encrypts it using the signature private key.
The padding around the hash value must be in the format specified by the
Public-Key Cryptography Standards (PKCS), available from RSA Data Security. The hash
algorithm used must be encoded as described in PKCS #1, section 6.3.
- The signature block is then returned to the application, via the operating
system layer.
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database