EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Validating MD5 hash of Public Key

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
Posted: 07/27/2011 05:26:28
by Brian Furlong (Basic support level)
Joined: 07/27/2011
Posts: 2

Is there a quick and easy way to validate a Signed Certificates MD5 Hash of the Public Key against that which was sent in the CSR? Or is this even necessary?

Explanation : I am using the documented way of validating a signed cert using an TElMemoryCertStorage container but the specs I have for the application state "the MD5 hash of Public Key in a Signed Certificate should be checked against Public Key in the original CSR".

How can I do it or is it even necessary?

Many thanks

Posted: 07/27/2011 05:47:17
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Or is this even necessary?

This is not nessesary because if a public key is changed inside a certificate then a validation procedure will fail.

But it you need to perform this additional check then you should do next:
1) load CSR into an instance of TElCertificateRequest
2) save a public key to a buffer using TElCertificateRequest.KeyMaterial.SavePublic method.
3) load certificate into an instance of TElX509Certificate
4) save a public key to a buffer using TElX509Certificate.KeyMaterial.SavePublic
5) calculate hashes of two generated buffers using TElHashFunction
6) compare these hashes.
Posted: 07/27/2011 05:53:37
by Brian Furlong (Basic support level)
Joined: 07/27/2011
Posts: 2

Ok, great. That's what I thought, and thankyou for the alghorithm if I need to do it.




Topic viewed 1114 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!