narkive is for sale. Interested? (dismiss)
Discussion:
Is the output of CryptSignMessageWithKey always the same for the same input and environment (certificate)?
(too old to reply)
i***@gmail.com
2012-07-17 11:23:21 UTC
Permalink
Hi,

Does the output of CryptSignMessageWithKey is always the same for the same input?

What I want to know is if the certificate is the same in two machines the output will always:
- be the same for the same input;
- it is not influenced by time (the output is the same today, tomorrow, in a year, ...).

The code I use can be found below:

CRYPT_KEY_SIGN_MESSAGE_PARA signParams;
signParams.cbSize = sizeof(CRYPT_KEY_SIGN_MESSAGE_PARA);
signParams.dwMsgAndCertEncodingType = PKCS_7_ASN_ENCODING;
signParams.hCryptProv = static_cast<HCRYPTPROV>(security_context->GetCryptProvOrNCryptKey());
signParams.dwKeySpec = security_context->GetKeySpec();
signParams.HashAlgorithm.pszObjId = szOID_RSA_MD5;
signParams.HashAlgorithm.Parameters.pbData = nullptr;
signParams.HashAlgorithm.Parameters.cbData = 0;
signParams.pvHashAuxInfo = nullptr;
signParams.PubKeyAlgorithm.pszObjId = szOID_RSA_RSA;
signParams.PubKeyAlgorithm.Parameters.pbData = nullptr;
signParams.PubKeyAlgorithm.Parameters.cbData = 0;

// first there is a call to CryptSignMessageWithKey to get the size of signed data

// then buffer pbSignedData is allocated with necessary size

if (!CryptSignMessageWithKey(
&signParams,
pbData,
cbData,
pbSignedData,
&cbSignedData))
Varun Tewari
2014-04-24 19:14:34 UTC
Permalink
Yes, If data to be signed is same, cert used to sign is same, then irrespective where u sign, signature will be same!
Hope this helps

Loading...