- The certificates
- Using the certificates to sign a file
- Using the certificates to sign an email
Managing the certificates
Signing a file allows you to check that the file was not modified or altered since it was signed. The signature also allows you to check the issuer identity.
By using the Windows certificates, WINDEV allows you to sign:
- files or data strings.
The signature standard used is PKCS7.
Two types of certificates exist:
- the "qualified" certificates.
- the "non-qualified" certificates.
A "qualified" certificate is delivered by a trusted authority (Verisign, Thawte, ...) and it must be purchased in most cases. A "qualified" certificate is mainly used when the files are distributed outside the company or the organization. For example, files proposed for download.
A "non-qualified" certificate can be directly created by a user from Windows. A "non-qualified" certificate can be sufficient for an internal company or for an organization.
Windows includes a "certificate store" in which the user certificates (also called custom certificates) are installed.
Using the certificates to sign a file
To sign a file (or a character string), the WLanguage proposes:
Here is how it works:
Select the certificate to use via the following functions:
|CertificateList||Returns the list of certificates available on the computer.|
|CertificateSelect||Opens a window for selecting the certificates. The listed certificates are the certificates installed in the personal store.|
The certificate is stored in a variable of type Certificate
that allows you to get all its characteristics.
2. Create the signature of file (or string) with the certificate. This signature is a buffer variable that can be stored for example: in a file, a variable, ...
The following WLanguage functions are used to create this signature:
Remark: The signature is not included in the file but it is available separately. This method allows you to create a signature for all the file formats.
To check the signature of a file, all you have to do is check the correspondence between the file and its signature. The following WLanguage functions are used to perform this operation:
- You also have the ability to sign an executable via CertificateSignExecutable. In this case, the signature is included in the executable file.
- You also have the ability to sign and check the signature of duplicate files. For more details, see Printing duplicates.
Using the certificates to sign an email
Signing an email and its attachments allows you to check later that these elements have not been modified or altered since they were signed. The signature also allows you to check the issuer identity.
To sign an email, all you have to do is specify the certificate used in the properties of the Email
variable. The Certificate
variable containing the certificate to use is associated with the Certificate
property of the Email
variable containing the email to be sent.
The integrity of an incoming email is checked by testing the value of the Signature
property of the Email
variable containing the incoming email.
This page is also available for…