fdo#87030: Generate a proper PKCS#7 signature

The signature should be in DER-encoded PKCS#7 format and what CryptSignHash()
produces is nothing like that. Luckily CryptSignMessage() is actually almost
easier to use and is capable of doing what we need. This also means that we
won't need any HCRYPTPROV or HCRYPTHASH after all so all the code related to
that can be removed. CryptSignMessage() handles both calculating the hash and
signing it.

One less than ideal issue with CryptSignMessage() is that it needs all the
data to be hashed and signed at the same time, so we need to keep both buffers
around for signing.

It also turns out that we don't need to look up the certificate anew from the
user's certificate store after all.

Now Adobe Reader doesn't complain any longer about the signature's format and
contents.

Change-Id: I25cfb93b516ffa723c6228d068d9ffa8e7cc4790

0 files changed, 0 insertions, 0 deletions