Free Support Forum - aspose.com

Digital Signature from Windows Store Certificate

Our requirement involves signing a PDF document using a certificate obtained from Windows Store (via USB token). All the guides indicate signing ability only with a PKCS file. In our case, there will be no certificate file present on the disk. The certificate is obtained via windows store using Windows Crypto API. It only returns a blob of the certificate. Does Aspose C++ provide a method to digitally sign using such certificates.

@deepaktally

An investigation ticket has been logged in our issue tracking system for the sake of your requirements. The ticket ID is PDFCPP-1541 and it has been associated with this forum thread. You will surely be notified as soon as the ticket is resolved. Please be patient and spare us some time.

We apologize for the inconvenience.

@deepaktally

You can build PKCS1, PKCS7, and PKCS7Detached signatures from blob data like in the next example:
C#

Aspose.Pdf.Forms.PKCS7 PKCS7FromBlob(byte[] data, string pass)
{
    return new Aspose.Pdf.Forms.PKCS7(new System.IO.MemoryStream(data), pass);
}

C++

System::SharedPtr<Aspose::Pdf::Forms::PKCS7> PKCS7FromBlob(ArayPtr<uint8_t>& data, System::String& pass)
{
    return System::MakeObject<Aspose::Pdf::Forms::PKCS7>(System::MakeObject<System::IO::MemoryStream>(data), pass);
} 

Thanks for your reply.

However, I’m not sure this addresses our requirement. Signing ability in Aspose seems to be limited to using certificate files (.pfx) that reside on the disk. We are looking for a way to sign using a certificate obtained from the windows certificate store (which will only return a blob of the certificate).

Thanks in advance!

@deepaktally

Thanks for your feedback.

We believe that it is data in memory that can be represented as an array of byte or a stream of data that can be read to an array of byte. So, you can construct PKCS1(7) sign using data in memory instead of reading from the file on disk.