|
|
|
|
|
- Overview
- The certificates
- Using the certificates to sign a file
- Using certificates to sign an email
Managing the certificates
Signing a file allows you to check that the file was not modified or altered since it was signed. The signature also allows you to check the issuer identity. By using the Windows certificates, WINDEV allows you to sign: - files or data strings.
- emails.
- executables.
The signature standard used is PKCS7. Two types of certificates exist: - the "qualified" certificates.
- the "non-qualified" certificates.
"Qualified" certificates are delivered by a trusted authority (Verisign, Thawte, etc.) and must be purchased in most cases. "Qualified" certificates are mainly used when files are distributed outside an the organization. For example, files available for download. "Non-qualified" certificates can be created by a user in Windows. "Non-qualified" certificates may be suitable within an organization. Windows includes a "certificate store" in which the user certificates (also called custom certificates) are installed. Using the certificates to sign a file To sign a file (or a character string), WLanguage offers: The principle is as follows: - Select the certificate to use via the following functions:
| | CertificateList | Returns the list of certificates available on the computer. | CertificateSelect | Opens a window for selecting the certificates. The listed certificates are the certificates installed in the personal store. |
The certificate is stored in a variable of type Certificate that allows you to get all its characteristics. - Create the file (or string) signature using the certificate. This signature is a buffer variable that can be stored in a file, another variable, etc.
The following WLanguage functions are used to create this signature:
Note: The signature is not integrated into the file, but is available separately. This method allows you to create a signature for all the file formats. - To verify a file's signature, simply check the correspondence between the file and its signature. To do so, use the following WLanguage functions:
Remarks: - You also have the ability to sign an executable via CertificateSignExecutable. In this case, the signature is included in the executable file.
- You also have the ability to sign and check the signature of duplicate files. For more details, see Printing duplicates.
Using certificates to sign an email Signing an email and its attachments allows you to check later that these elements have not been modified or altered since they were signed. The signature also allows you to check the issuer identity. To sign an email, specify the certificate in the properties of the Email variable. The Certificate variable containing the certificate to use is associated with the Certificate property of the Email variable containing the email to be sent. The integrity of an incoming email is checked by testing the value of the Signature property of the Email variable containing the incoming email.
This page is also available for…
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|