I am coding at the moment a File Signature Program which should implement a file signing via a smart card.
I have already implemented most of it, the file readout, the algorithm, the key calculation e.g.
Now I have the problem, I have created the signature (which I have as byte array) and can export this signature as file.
But how do I actually sign the original file and adding the signature to the file ? (like a signed pdf file)
I already searched on google but didn't found anything, maybe you guys can help me.
Hoping for fast answers
There are 2 common ways to process signed files. The most general one is to simply put the signature file near to the original file in a distinct file with same name and a
.sha extension. The original file is left untouched, so it can be used for any file format.
Some file formats come with an integrated signature protocol. PDF is indeed an example of those: you take the hash of the data part, and write it in a special location in the file. Simply any software able to process this file must be aware of the signature feature and either control it or at least ignore it. Other file formats base on a zip archive could simply add the signature as a new component of the zip. For NTFS files, you could also add a new stream to contain the signature, but you would no longer be able to transfer it on a non NTFS support, nor with anything else than a Windows file copy, because ordinary protocols only process the main stream of a NTFS file.
TL/DR: the simplest way is to store the signature in a distinct file in same folder with almost same name but with a special extension, for example