CryptoSys PKI Toolkit Manual

CMS_MakeSigDataFromSigValue

CMS_MakeSigDataFromSigValue creates a CMS object of type SignedData using a pre-computed signature value.

VB6/VBA Syntax

Public Declare Function CMS_MakeSigDataFromSigValue Lib "diCrPKI.dll" (ByVal strFileOut As String, ByRef abSigValue As Byte, ByVal nSigLen As Long, ByRef abData As Byte, ByVal nDataLen As Long, ByVal strCertList As String, ByVal nOptions As Long) As Long

nRet = CMS_MakeSigDataFromSigValue(strFileOut, abSigValue(0), nSigLen, abData(0), nDataLen, strCertList, nOptions) As Long

Parameters

strFileOut
[in] String with name of output file to be created.
abSigValue
[in] Byte array containing the pre-computed signature.
nSigLen
[in] Long specifying the length of the signature value in bytes.
abData
[in] Byte array containing the data that has been signed (required).
nSigLen
[in] Long specifying the length of the data in bytes.
strCertList
[in] String containing the filename of the signer's certificate and (optionally) a list of other certificates to be included in the output, separated by semi-colons(;)
nOptions
[in] Long Option flags. Select one of:
PKI_HASH_SHA1 (0) to use the SHA-1 algorithm (default)
PKI_HASH_MD5 to use the MD5 algorithm
PKI_HASH_SHA256 to use the SHA-256 algorithm
PKI_HASH_SHA384 to use the SHA-384 algorithm
PKI_HASH_SHA512 to use the SHA-512 algorithm
PKI_HASH_SHA224 to use the SHA-224 algorithm
and optionally add
PKI_CMS_EXCLUDE_CERTS to exclude signer's certificate
PKI_CMS_FORMAT_BASE64 to format the output with base64 encoding (default output is binary)
PKI_CMS_NO_OUTER to create a "naked" SignedData object with no outerContentInfo as permitted by PKCS#7 v1.6
PKI_CMS_ALT_ALGID to use alternative signature algorithm identifiers (see Remarks for CMS_MakeSigData)

C/C++ Syntax

long _stdcall CMS_MakeSigDataFromSigValue(const char *szFileOut, const unsigned char *pSigValue, long nSigLen, const unsigned char *pData, long nDataLen, const char *szCertList, long nOptions);

Returns (VB6/C)

Long: If successful, the return value is zero; otherwise it returns a non-zero error code. Further error information may be available by calling PKI_LastError.

.NET Equivalent

Cms.MakeSigDataFromSigValue Method

Remarks

A SignedData CMS object with a single SignerInfo is created with the message data included in the eContent. The content must be included. The signer's certificate must be the first certificate in the certificate list and is included in the output by default. Any other certificates in the list will be included. Signed attributes cannot be added. Unsigned attributes and attribute certificates are not supported. Only one message digest algorithm is used in each object. SHA-1 is used by default. Alternative hash algorithms can be used instead by adding the appropriate PKI_HASH_ option flag. The content and the signature are checked before the output file is created. If the signature data is not valid, or the data is not the data signed, or the certificate specified is not that of the signer, then it will return SIGNATURE_ERROR (-22). VB6 users should note the "(0)" after the byte array parameters.

Example

This example creates an identical SignedData file to example 4.2 from [SMIME-EX]. In this case, the signature value has been generated separately, perhaps by a smart card with Alice's private key details in it. The resulting file should be identical to the file 4.2.bin. 

Dim strDataHex As String
Dim strSigHex As String
Dim abData() As Byte
Dim abSigValue() As Byte
Dim nSigLen As Long
Dim nDataLen As Long
Dim strCertFile As String
Dim strCmsFile As String
Dim nRet As Long

' Data to be signed in hex format:
strDataHex = "54:68:69:73:20:69:73:20:73:6f:6d:65:20:73:61:6d" & _
    "70:6c:65:20:63:6f:6e:74:65:6e:74:2e"
' The signature (generated by the smart card) is:
strSigHex = "2F:23:82:D2:F3:09:5F:B8:0C:58:EB:4E:9D:BF:89:9A" & _
    "81:E5:75:C4:91:3D:D3:D0:D5:7B:B6:D5:FE:94:A1:8A" & _
    "AC:E3:C4:84:F5:CD:60:4E:27:95:F6:CF:00:86:76:75" & _
    "3F:2B:F0:E7:D4:02:67:A7:F5:C7:8D:16:04:A5:B3:B5" & _
    "E7:D9:32:F0:24:EF:E7:20:44:D5:9F:07:C5:53:24:FA" & _
    "CE:01:1D:0F:17:13:A7:2A:95:9D:2B:E4:03:95:14:0B" & _
    "E9:39:0D:BA:CE:6E:9C:9E:0C:E8:98:E6:55:13:D4:68" & _
    "6F:D0:07:D7:A2:B1:62:4C:E3:8F:AF:FD:E0:D5:5D:C7"
strCertFile = "AliceRSASignByCarl.cer"
strCmsFile = "BasicSignByAliceExternal.bin"

' Convert the hex strings into byte arrays (non-hex chars are stripped)
abData = cnvBytesFromHexStr(strDataHex)
abSigValue = cnvBytesFromHexStr(strSigHex)
' Compute lengths
nDataLen = UBound(abData) - LBound(abData) + 1
nSigLen = UBound(abSigValue) - LBound(abSigValue) + 1

' Create the signed-data file
nRet = CMS_MakeSigDataFromSigValue(strCmsFile, abSigValue(0), _
    nSigLen, abData(0), nDataLen, strCertFile, 0)
Debug.Print "CMS_MakeSigDataFromSigValue returns " & nRet

To compare the output file to the reference file, use the FC command:

C:>FC BasicSignByAliceExternal.bin 4.2.bin

Comparing files BasicSignByAliceExternal.bin and 4.2.BIN
FC: no differences encountered

See Also

CMS_MakeSigData CMS_MakeDetachedSig

[Contents] [Index]

[HOME]   [NEXT: CMS_MakeSigDataFromString...]
Copyright © 2004-9 D.I. Management Services Pty Ltd. All rights reserved.