Digitally Sign files

How can I digitally sign/validate certain files such as (.Txt, . Doc, . Xls, .rpt).
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jacques Bourgeois (James Burger)PresidentCommented:
In order to sign a file, you need to add something to it. This thus changes the format of the file, and most of the time, software that usually reads that type of file cannot recorgnize it as valid and will generate an error or do strange things with it.

Sign a .txt file for instance, and what looks like garbage will show at the end of the file in Notepad. Most people will see it as garbage, but if they are bright enough, they will understand that this is a signature and will be able to simply copy it in any other text file. A signature that can be copied so easily is worthless. So, signing a .txt file is usually useless. In such cases however, if somebody wants to validate the file, you might want to send him the file as an attachment in a message. Good mail software such as Outlook have the option to send signed messages. In order to do so however, you need a certificate, a file that is used to sign the message.

This is different if the software that handles the type of file is designed to handle signed files. In case such as these, then each type of application has its own way of signing a file.

In Office for instance, you can sign a Word or Excel document with a certificate generated by SelfCert.exe, a tool that can be optionally be installed with Office. The signature will then be recognized when somebody tries to open the signed file. In .NET, there is a tool in the project's Properties window that enable you to sign an assembly as you compile it.

The certificate used for Office documents is not the same as the one used to sign a .NET application. You need both. And both have their own mechanism to sign the type of file it generates.

So there is not standardized way of signing a file.

And there is the question of the validity of the signature.

Since a certificate that you generated yourself with the Office SelfCert tool is created by you, and since it can easily be imitated, it has little valid use outside of your own environment. A company or bank that insists on a signature will usually not accept that type of signature.

Inside of a company, such a signature can be generated that is recognized everywhere in the company.

For distribution outside of the company, a good signatures needs to be generated by a third party, such as VeriSign, and you have to pay to obtain such a signature.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rflorencioAuthor Commented:
What was intended is validate if certain documents were modified. Although he was in an environment outside the company, this information would be important only to me.
But that meant nothing was added to the files to validate.
I honestly do not know if this is the right way, because I'm not very comfortable in this area.
How i intend to validate  many file extensions, which will be the best way to implement?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Visual Basic.NET

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.