EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to SIGN String value

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#7963
Posted: 10/24/2008 17:05:11
by Vadym Kyrychenko (Basic support level)
Joined: 10/24/2008
Posts: 9

Please help
How to sign String value on Delphi (prefer) or CBuilder?
How to correct covert STRING to bianry value and then after Crypto.SignDetached(InputBuffer,SignBuffer) convert into String SignBuffer?
The main task - POST XML over HTTPS with sign field.
My code is
----------------
var
InputBuffer, SignBuffer: TMemoryStream;
S,SR: string;
Crypto : TElRSAPublicKeyCrypto;
KeyMaterial : TELRSAKeyMaterial;
Cert : TElX509Certificate;
KeyLoaded : Boolean;
StreamKey: TFileStream;
CertType : TSBCertFileFormat;
R : integer;
ErrorMsg : string;
buff:Pointer;
begin
try
Crypto := TElRSAPublicKeyCrypto.Create();
KeyMaterial := TElRSAKeyMaterial.Create;
Crypto.InputEncoding := pkeBinary;
Crypto.OutputEncoding := pkeBinary;
KeyLoaded := false;
// SB_ALGORITHM_DGST_SHA1 = SmallInt(SB_ALGORITHM_DGST_BASE + $01);
Crypto.HashAlgorithm := SmallInt($7100 + $01);
StreamKey := TFileStream.Create('delphi_enc_priv_key.pem', fmOpenRead or fmShareDenyWrite);
try
if KeyMaterial is TElRSAKeyMaterial then
TElRSAKeyMaterial(KeyMaterial).Passphrase := 'guardian';
KeyMaterial.LoadSecret(StreamKey);
finally
FreeAndNil(StreamKey);
end;
Crypto.KeyMaterial := KeyMaterial;

S := 'Hello Vadym 1977';

InputBuffer := TMemoryStream.Create;
InputBuffer.Write(S, Length(S));
InputBuffer.Position := 0;

SignBuffer := TMemoryStream.Create;
Crypto.SignDetached(InputBuffer,SignBuffer);
SignBuffer.Position := 0;
SR := BinaryToString(SignBuffer,SignBuffer.Size);

ShowMessage(SR);

finally
FreeAndNil(Crypto);
FreeAndNil(KeyMaterial);
FreeAndNil(InputBuffer);
FreeAndNil(SignBuffer);
end;
--------------
But my result from my point of view is not correct.
Please help how to correct to do SING???
#7965
Posted: 10/24/2008 23:52:00
by Ken Ivanov (EldoS Corp.)

Thank you for contacting us.

Your code is quite correct except the part that gets signed data from the SignBuffer stream. You should read the signed data from the stream before passing it to the BinaryToString() method:

var
SigBinData, SigASCIIData : string;
...
SignBuffer.Position := 0;
SetLength(SigBinData, SignBuffer.Size);
SignBuffer.Read(SigBinData[1], Length(SigBinData));
SigASCIIData := BinaryToString(@SigBinData[1], Length(SigBinData));
#7968
Posted: 10/26/2008 02:01:40
by Vadym Kyrychenko (Basic support level)
Joined: 10/24/2008
Posts: 9

Ok, Thank you very much.
But I have another subquestion :
1. I need have Signature in UTF-8 codepage and I do to
SigASCIIData := BinaryToString(@SigBinData[1], Length(SigBinData));
ShowMessage(SigASCIIData);
SigUTF8Data := AnsiToUtf8(SigASCIIData) ;
ShowMessage(SigUTF8Data);
It's way correct ???
2. For check signature I need to produced reverse operation - UTF-8 => Binary => VerifyDetached. Question - how to correct convert String Value (UTF-8) to binary (maybe StringToBinary)?
#7970
Posted: 10/26/2008 08:31:34
by Vadym Kyrychenko (Basic support level)
Joined: 10/24/2008
Posts: 9

Innokentiy Ivanov,

I try to do reverse task to verify signature
--------------
try
Crypto := TElRSAPublicKeyCrypto.Create();
KeyMaterial := TElRSAKeyMaterial.Create;
Crypto.InputEncoding := pkeBinary;
Crypto.OutputEncoding := pkeBinary;
KeyLoaded := false;
//Crypto.HashAlgorithm := SmallInt($7100 + $01);
Cert := TElX509Certificate.Create(nil);
StreamKey := TFileStream.Create('delphi-crt-private.pem', fmOpenRead or fmShareDenyWrite);
try
begin
R := Cert.LoadFromStreamPEM(StreamKey, 'guardian');
if R <> 0 then
ErrorMsg := 'PEM read error: ' + IntToStr®
else
KeyLoaded := true;
end;
if not KeyLoaded then
raise Exception.Create(ErrorMsg);
KeyMaterial.Assign(Cert.KeyMaterial);
Crypto.KeyMaterial := KeyMaterial;
InputBufferStr := TMemoryStream.Create;
InputBufferStr.Write(GlobString[1], Length(GlobString));
InputBufferStr.Position := 0;
SignBufferStr := TMemoryStream.Create;
SignBufferStr.Write(GlobSingASIIData[1], Length(GlobSingASIIData));
SignBufferStr.Position := 0;
try
VR := Crypto.VerifyDetached(InputBufferStr, SignBufferStr);
finally
FreeAndNil(SignBufferStr);
end;
case VR of
pkvrSuccess :
MessageDlg('Verification succeeded', mtInformation, [mbOk], 0);
pkvrFailure :
MessageDlg('Verification failed', mtError, [mbOk], 0);
pkvrInvalidSignature :
MessageDlg('Invalid signature', mtError, [mbOk], 0);
pkvrKeyNotFound :
MessageDlg('Validation key not found', mtError, [mbOk], 0);
end;
finally
FreeAndNil(StreamKey);
FreeAndNil(Cert);
end;
finally
FreeAndNil(Crypto);
FreeAndNil(KeyMaterial);
FreeAndNil(InputBufferStr);
FreeAndNil(SignBufferStr);
FreeAndNil(StreamKey);
end;
------------------------------
But I have error on VerifyDetached - Unsupported algorithm (32767)
Why? Where I have serious mistake?
#7972
Posted: 10/27/2008 00:56:32
by Ken Ivanov (EldoS Corp.)

Quote
1. I need have Signature in UTF-8 codepage and I do to

The text value of the signature contains only ASCII hexadecimal characters ('0'..'9', 'a'..'f'). I.e., there will be no difference between ASCII and UTF8 text representation of the signature.

Quote
2. For check signature I need to produced reverse operation - UTF-8 => Binary => VerifyDetached. Question - how to correct convert String Value (UTF-8) to binary (maybe StringToBinary)?

Yes, exactly. Use StringToBinary() function to do the necessary conversion.

Quote
But I have error on VerifyDetached - Unsupported algorithm (32767)

There are two ways you can go:
a) on verification stage, set Crypto.HashAlgorithm to the hash algorithm the signature is created with (should correspond to the Crypto.HashAlgorithm set on the signing stage),
b) on signing stage, set Crypto.UseAlgorithmPrefix to true.
#7976
Posted: 10/27/2008 04:29:43
by Vadym Kyrychenko (Basic support level)
Joined: 10/24/2008
Posts: 9

Innokentiy Ivanov,

Thank you very much.
That all work fine!!!
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 2239 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!