Hi, This list is for the discussion of the crypto++ library, published here: http://www.cryptopp.com/
You'll probably have better luck getting help with MS CAPI questions if you post to a more appropriate forum. Try this one: http://www.microsoft.com/communities/newsgroups/en-us/?dg=microsoft.public.platformsdk.security HTH, Geoff On Thu, Sep 11, 2008 at 8:38 AM, Wilayat <[EMAIL PROTECTED]> wrote: > > > hello > > I am creating a digital signature of a message "Hello", using > CryptSignMessage() in C++ MSVS. > > I created a certificated using makecert tool in D driver, where the > two programs Client and Server are stored: > there are two user defined functions SignMessage() and > VerifySignedMessage(). SignMessage() uses functions like > CertOpenStore(), CertFindCertificateInStore(), CryptSignMessage(). > VerifySignedMessage() uses CryptVerifyMessageSignature(). > > > The steps are: > > CLIENT: > > opens the the certificate store with CertOpenStore() > Get a pointer to the signer's certificate using pSignerCert = > CertFindCertificateInStore(). > Sign the message using CryptSignMessage(), which returns a structure > SignedMessage. > copy the signature in a string using memcpy(strTransmtd , > &SignedMessage , sizeof(SignedMessage)); > transmit the string strTransmtd to Server using sockets. > > SERVER: > I initialized another structure of the same kind as in Client using > memcpy(&SignedMessageR, strReceived , sizeof(SignedMessageR)); > > used this structure holding signature, to verify it by > CryptVerifyMessageSignature(). > the verification fails. > > > NOW: > > If i cut the same function (VerifySingedMessage() which consists of > CryptVerifyMessageSignature) and past it at CLIENT. The server now > sends the string strReceived back to CLIENT. where a new structure > SignedMessageR is intitialized using > > memcpy(&SignedMessageR, strReceivedAtClient , > sizeof(SignedMessageR)); > > This SingedMessageR is now passed to VerifySignedMessage() as i had > done at SERVER, and the verification succeeds. > > > > PROBLEM: There is no problem in communication from CLIENT to SERVER. > (they both are different programs, running on same machine. the > signature transmits from CLIENT to SERVER correctly). The signature is > verified if signature creation and verification both are at CLIENT (it > works if both are at SERVER as well). BUT it dont work if signature is > created at one and verified at another. > > I am using the same certificate at both CLIENT and SERVER, as it is > stored in the same D driver, accessible for both CLIENT and SERVER. > > PLEASE > if anybody help me, how to solve this problem. > > regards, > Wilayat > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [EMAIL PROTECTED] More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
