Security Recommendations for Signature Operations

Microsoft recommends against using the sDescription parameter in the CryptSignHash function. The lack of definition between the hashed data and the description string allows an arbitrary number of bits to flow undetected between the two. The description of the sDescription parameter from the CryptoAPI 2.0 Programmers Guide is included below:

sDescription

This description string is added to the hash object before the signature is generated. Whenever the signature is authenticated (with CryptVerifySignature), the exact same description string must be supplied. This ensures that both the signer and the authenticator agree on what is being signed or authenticated.

Some CSPs (not the Base Provider) may display this description string to the user. This lets the user confirm what he or she is signing. This protects the user from unscrupulous applications and also reduces misunderstandings.

Applications that continue to use the sDescription parameter should be careful, because no boundary exists between the hashed data and the description string.