Databases
StackOverflow2013
Postsdbo
POAdding Response from TSA to CRYPT_SIGN_MESSAGE_PARA for CryptSignMessage (c++, Crypto Api)
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POAdding Response from TSA to CRYPT_SIGN_MESSAGE_PARA for CryptSignMessage (c++, Crypto Api)
    primarykey
    data
    text
    <p>I'm struggling how must I add the response from a TSA server to my CryptSignMessage?</p> <p>Using PKCS#7. I currently have my message digest and I successfully sign it with CryptSignMessage from crypto api. Like so: </p> <pre><code>// Initialize the signature structure. CRYPT_SIGN_MESSAGE_PARA SigParams; SigParams.cbSize = sizeof(CRYPT_SIGN_MESSAGE_PARA); SigParams.dwMsgEncodingType = MY_ENCODING_TYPE; SigParams.pSigningCert = hContext; SigParams.HashAlgorithm.pszObjId = szOID_RSA_SHA1RSA; SigParams.HashAlgorithm.Parameters.cbData = NULL; SigParams.cMsgCert = 1; SigParams.rgpMsgCert = &amp;hContext; SigParams.dwInnerContentType = 0; SigParams.cMsgCrl = 0; SigParams.cUnauthAttr = 0; SigParams.dwFlags = 0; SigParams.pvHashAuxInfo = NULL; SigParams.cAuthAttr = 0; SigParams.rgAuthAttr = NULL; // First, get the size of the signed BLOB. if(CryptSignMessage( &amp;SigParams, FALSE, 1, MessageArray, MessageSizeArray, NULL, &amp;cbSignedMessageBlob)) { printf("%d bytes needed for the encoded BLOB.", cbSignedMessageBlob); } else { MyHandleError(); fReturn = false; exit_SignMessage(); } // Allocate memory for the signed BLOB. if(!(pbSignedMessageBlob = (BYTE*)malloc(cbSignedMessageBlob))) { MyHandleError(); exit_SignMessage(); } // Get the signed message BLOB. if(CryptSignMessage( &amp;SigParams, TRUE, 1, MessageArray, MessageSizeArray, pbSignedMessageBlob, &amp;cbSignedMessageBlob)) { printf("The message was signed successfully. \n"); // pbSignedMessageBlob now contains the signed BLOB. fReturn = true; } else { MyHandleError(); fReturn = false; exit_SignMessage(); } </code></pre> <p>Now I want to use a TSA server to timestamp my digest, but I'm not really sure how to include this. Say I have a rfc3161 TimeStamp request; I send this to my TSA and I receive a rfc3161 TimeStamp response (probably using libcurl). How should incorporate the response into my SigParams? Must I extract the TimeStampToken and then store that as an unauthenticated counter signature? Something like:</p> <pre><code>CRYPT_ATTR_BLOB cablob[1]; CRYPT_ATTRIBUTE ca[1]; cablob[0].cbData = tstResponseSize; cablob[0].pbData = tstResponse; // the response from TSA ca[0].pszObjId = "1.2.840.113549.9.6"; // object identifier for counter signature ca[0].cValue = 1; ca[0].rgValue = cablob; </code></pre> <p>And then set the SigParams:</p> <pre><code>SigParams.cUnauthAtt = 1; SigParams.rgUnauthAttr = ca; </code></pre> <p>Any advice would be greatly appreciated. Thanks, Magda</p>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. This table or related slice is empty.
    1. USMagda
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload