EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Signing or Digest

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#14706
Posted: 10/15/2010 12:26:43
by Thorn Mannamavi (Basic support level)
Joined: 08/31/2010
Posts: 5

How may I reproduce this function on SecureBlackBox VCL

function SelloDigital(llaveprivada,cadenaoriginal: string): string;
var Len: cardinal;
mdctx: EVP_MD_CTX;
inbuf, outbuf: array [0..10239] of char; //1023-10239
key: pEVP_PKEY;
begin
cadenaoriginal := AnsiReplaceStr(cadenaoriginal,#13,'');
cadenaoriginal := AnsiReplaceStr(cadenaoriginal,#10,'');
cadenaoriginal := AnsiReplaceStr(cadenaoriginal,#8,'');
cadenaoriginal := AnsiReplaceStr(cadenaoriginal,' ','');
cadenaoriginal := AnsiReplaceStr(cadenaoriginal,' |','|');
cadenaoriginal := AnsiReplaceStr(cadenaoriginal,'| ','|');
cadenaoriginal := UTF8Encode(cadenaoriginal);

StrPCopy(inbuf,cadenaoriginal);
InitOpenSSL;
key:=LoadPrivateKey(llaveprivada,'');
EVP_SignInit(@mdctx,EVP_md5());
EVP_SignUpdate(@mdctx,@inbuf,StrLen(inbuf));
EVP_SignFinal(@mdctx,@outbuf,Len,key);
EVP_MD_CTX_cleanup(@mdctx);
EVP_PKEY_free(key);;
FreeOpenSSL;
result := bintobase64(@outbuf,Len);
end;
#14712
Posted: 10/17/2010 23:04:00
by Ken Ivanov (EldoS Corp.)

Thank you for contacting us.

It depends on the format the key was saved in, but in most of the cases the following code will do the job (I am omitting the freeing code for the sake of simplicity):
Code
var
  Key : TElRSAKeyMaterial;
  Crypto : TElRSAPublicKeyCrypto;
  KeyBuf : ByteArray;
begin

// key:=LoadPrivateKey(llaveprivada,'');
Key := TElRSAKeyMaterial.Create();
KeyBuf := BytesOfString(llaveprivada);
Key.LoadSecret(@KeyBuf[0], Length(KeyBuf));

// EVP_SignInit(@mdctx,EVP_md5());
// EVP_SignUpdate(@mdctx,@inbuf,StrLen(inbuf));
// EVP_SignFinal(@mdctx,@outbuf,Len,key);
Crypto := TElRSAPublicKeyCrypto.Create();
Crypto.KeyMaterial := Key;
Crypto.InputIsHash := false;
Crypto.HashAlgorithm := SB_ALGORITHM_DGST_MD5;
Crypto.UseAlgorithmPrefix := true;
// - outbuf must be of enough size to receive the signature
// - Len must be set to the size of outbuf
Crypto.SignDetached(@inbuf, StrLen(inbuf), @outbuf, Len);

// result := bintobase64(@outbuf,Len);
result := Base64EncodeString(CloneBuffer(@outbuf, Len), false);
end;
#14727
Posted: 10/19/2010 08:48:54
by Thorn Mannamavi (Basic support level)
Joined: 08/31/2010
Posts: 5

Thank you for answer:

I write this:
Code
Var
StreamCer : TFileStream;
StreamKey : TFileStream;
Crypto : TElPublicKeyCrypto;
InStream: TStringStream;
OutStream: TStringStream;
begin
StreamCer :=TFileStream.Create('AAA010101AAA.cer',fmOpenRead or
  fmShareDenyWrite);

StreamKey := TFileStream.Create('AAA010101AAA.key',fmOpenRead or
  fmShareDenyWrite);

try
   Cert.LoadFromStream(StreamCer,0);
  if Cert.KeyMaterial is TElRSAKeyMaterial then
    TElRSAKeyMaterial(Cert.KeyMaterial).Passphrase := 'a0123456789'
  else if Cert.KeyMaterial is TElDSAKeyMaterial then
    TElDSAKeyMaterial(Cert.KeyMaterial).Passphrase := 'a0123456789';
finally
  StreamCer.Free;
end;

try
  Cert.LoadKeyFromStream(StreamKey,0);
finally
  StreamKey.Free;
end;


Crypto := TElRSAPublicKeyCrypto.Create();
Crypto.KeyMaterial := Cert.KeyMaterial;
Crypto.OutputEncoding  := pkeBase64;
Crypto.InputIsHash := false;
Crypto.HashAlgorithm := SB_ALGORITHM_DGST_MD5;

InStream := TStringStream.Create(CadOriginal);
OutStream := TStringStream.Create('');
Crypto.SignDetached(CadOriginal,OutStream);
CadSello := OutStream.DataString;
InStream.Free;
OutStream.Free;

End;


I am using this string as CadOriginal:
Code
||2.0|A|1|2009-08-16T16:30:00|1|2009|ingreso|Una sola exhibición|350|5.25|397.25|ISP900909Q88|Industrias del Sur Poniente, S.A. de C.V.|Alvaro Obregón|37|3|Col. Roma Norte|México|Cuauhtémoc|Distrito Federal|México|06700|Pino Suarez|23|Centro|Monterrey|Monterrey|Nuevo Léon|México|95460|CAUR390312S87|Rosa María Calderón Uriegas|Topochico|52|Jardines del Valle|Monterrey|Monterrey|Nuevo León|México|95465|10|Caja|Vasos decorados|20|200|1|pieza|Charola metálica|150|150|IVA|15|52.5||


With this code and this String I have this Seal:
Code
IfKGXYrTTcdasoe0m0x1POhPuV8idrrz+RxKb8iZVV5e/s/Cb2F83MahTFy49bYsljw44CuBhlbAtH8cnaS+mwQX+0qX89vS/gvUSj/gdjWGCF8lMHQOauPrBrURdjp22G23ebJ3f5p5aC25LYA3je4i/gVYGGIBzFXUF+SoZtI=


But with the same data in OpenSSL I have this:
Code
Gt+OOULyDLInZkxPOTgpoP25ikuV+qjYK...qKxK/RDpvVv2PJXqVh8UUlbM=


What I doing Wrong, where is my error?

The attach contains a zip file with the certificate and de key file.


[ Download ]
#14731
Posted: 10/20/2010 02:44:43
by Vsevolod Ievgiienko (EldoS Corp.)

Hello. Try do define Crypto : ElRSAPublicKeyCrypto; and set Crypto.UseAlgorithmPrefix := true;

You should also check if you have "String too long at line..." warning for CadOriginal string.
#14735
Posted: 10/20/2010 10:05:08
by Thorn Mannamavi (Basic support level)
Joined: 08/31/2010
Posts: 5

I make this modfications:

Code
Var
StreamCer : TFileStream;
StreamKey : TFileStream;
[B]Crypto : ElRSAPublicKeyCrypto; [/B]
InStream: TStringStream;
OutStream: TStringStream;
begin
StreamCer :=TFileStream.Create('AAA010101AAA.cer',fmOpenRead or
  fmShareDenyWrite);

StreamKey := TFileStream.Create('AAA010101AAA.key',fmOpenRead or
  fmShareDenyWrite);

try
   Cert.LoadFromStream(StreamCer,0);
  if Cert.KeyMaterial is TElRSAKeyMaterial then
    TElRSAKeyMaterial(Cert.KeyMaterial).Passphrase := 'a0123456789'
  else if Cert.KeyMaterial is TElDSAKeyMaterial then
    TElDSAKeyMaterial(Cert.KeyMaterial).Passphrase := 'a0123456789';
finally
  StreamCer.Free;
end;

try
  Cert.LoadKeyFromStream(StreamKey,0);
finally
  StreamKey.Free;
end;


[B]Crypto := ElRSAPublicKeyCrypto.Create(); [/B]
Crypto.KeyMaterial := Cert.KeyMaterial;
Crypto.OutputEncoding  := pkeBase64;
Crypto.InputIsHash := false;
Crypto.HashAlgorithm := SB_ALGORITHM_DGST_MD5;
[B]Crypto.UseAlgorithmPrefix := true;[/B]

InStream := TStringStream.Create(CadOriginal);
OutStream := TStringStream.Create('');
Crypto.SignDetached(CadOriginal,OutStream);
CadSello := OutStream.DataString;
InStream.Free;
OutStream.Free;

End;


and the result is the same.

I don't have warnings about "CadOriginal" or any other warning.
#14748
Posted: 10/21/2010 06:26:05
by Vsevolod Ievgiienko (EldoS Corp.)

Could you please post here parts of the source code where CadOriginal string is initialized and LoadPrivateKey function.
#14751
Posted: 10/21/2010 10:31:29
by Thorn Mannamavi (Basic support level)
Joined: 08/31/2010
Posts: 5

Iam attaching the project.


[ Download ]
#14755
Posted: 10/22/2010 03:22:45
by Vsevolod Ievgiienko (EldoS Corp.)

This code generates the same result as OpenSSL:

Code
procedure work(var CadSello : AnsiString; CadOriginal : AnsiString);
Var
  Cert : TElX509Certificate;
  Crypto : TElRSAPublicKeyCrypto;
  StreamCer, StreamKey : TFileStream;
  InStream, OutStream : TStringStream;
begin
  Cert := TElX509Certificate.Create(nil);

  StreamCer := TFileStream.Create('AAA010101AAA.cer',fmOpenRead or fmShareDenyWrite);
  StreamKey := TFileStream.Create('AAA010101AAA.key',fmOpenRead or fmShareDenyWrite);

  try
    Cert.LoadFromStream(StreamCer,0);
    if Cert.KeyMaterial is TElRSAKeyMaterial then
      TElRSAKeyMaterial(Cert.KeyMaterial).Passphrase := 'a0123456789'
    else if Cert.KeyMaterial is TElDSAKeyMaterial then
      TElDSAKeyMaterial(Cert.KeyMaterial).Passphrase := 'a0123456789';
  finally
    StreamCer.Free;
  end;

  try
    Cert.LoadKeyFromStream(StreamKey,0);
  finally
    StreamKey.Free;
  end;

  Crypto := TElRSAPublicKeyCrypto.Create();
  Crypto.KeyMaterial := Cert.KeyMaterial;
  Crypto.OutputEncoding  := pkeBase64;
  Crypto.InputIsHash := false;
  Crypto.UseAlgorithmPrefix := true;
  Crypto.HashAlgorithm := SB_ALGORITHM_DGST_MD5;

  InStream := TStringStream.Create(CadOriginal);
  OutStream := TStringStream.Create('');

  Crypto.SignDetached(InStream,OutStream);

  CadSello := OutStream.DataString;

  InStream.Free;
  OutStream.Free;
  Cert.Free;
  Crypto.Free;
End;


Use these commands to check it:

Code
openssl pkcs8 -in aaa010101aaa.key -inform DER -out key.pem
openssl dgst -md5 -sign key.pem in.txt | openssl enc -base64


where in.txt content = CadOriginal
#14762
Posted: 10/22/2010 10:06:01
by Thorn Mannamavi (Basic support level)
Joined: 08/31/2010
Posts: 5

Thank you very much, all is working fine, my error, the string must be coded on UTF8, Sorry.
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 3152 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!