Digitally Sign files

Posted on 2014-07-15
Last Modified: 2014-08-14
How can I digitally sign/validate certain files such as (.Txt, . Doc, . Xls, .rpt).
Question by:rflorencio
    LVL 40

    Accepted Solution

    In order to sign a file, you need to add something to it. This thus changes the format of the file, and most of the time, software that usually reads that type of file cannot recorgnize it as valid and will generate an error or do strange things with it.

    Sign a .txt file for instance, and what looks like garbage will show at the end of the file in Notepad. Most people will see it as garbage, but if they are bright enough, they will understand that this is a signature and will be able to simply copy it in any other text file. A signature that can be copied so easily is worthless. So, signing a .txt file is usually useless. In such cases however, if somebody wants to validate the file, you might want to send him the file as an attachment in a message. Good mail software such as Outlook have the option to send signed messages. In order to do so however, you need a certificate, a file that is used to sign the message.

    This is different if the software that handles the type of file is designed to handle signed files. In case such as these, then each type of application has its own way of signing a file.

    In Office for instance, you can sign a Word or Excel document with a certificate generated by SelfCert.exe, a tool that can be optionally be installed with Office. The signature will then be recognized when somebody tries to open the signed file. In .NET, there is a tool in the project's Properties window that enable you to sign an assembly as you compile it.

    The certificate used for Office documents is not the same as the one used to sign a .NET application. You need both. And both have their own mechanism to sign the type of file it generates.

    So there is not standardized way of signing a file.

    And there is the question of the validity of the signature.

    Since a certificate that you generated yourself with the Office SelfCert tool is created by you, and since it can easily be imitated, it has little valid use outside of your own environment. A company or bank that insists on a signature will usually not accept that type of signature.

    Inside of a company, such a signature can be generated that is recognized everywhere in the company.

    For distribution outside of the company, a good signatures needs to be generated by a third party, such as VeriSign, and you have to pay to obtain such a signature.

    Author Comment

    What was intended is validate if certain documents were modified. Although he was in an environment outside the company, this information would be important only to me.
    But that meant nothing was added to the files to validate.
    I honestly do not know if this is the right way, because I'm not very comfortable in this area.
    How i intend to validate  many file extensions, which will be the best way to implement?

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Well, all of us have seen the multiple EXCEL.EXE's in task manager that won't die even if you call the .close, .dispose methods. Try this method to kill any excels in memory. You can copy the kill function to create a check function and replace the …
    Introduction As chip makers focus on adding processor cores over increasing clock speed, developers need to utilize the features of modern CPUs.  One of the ways we can do this is by implementing parallel algorithms in our software.   One recent…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now