EldoS | Feel safer!

Software components for data protection, secure storage and transfer

PCKS7 Encryption using ElMessageEncryptor and ElMessageDecryptor

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#17669
Posted: 09/27/2011 19:31:19
by toledogu (Basic support level)
Joined: 09/27/2011
Posts: 15

Hi,

I've been reading some documentation and post in different sites and found that I can encrypt, decrypt, sign, and verify data (files of any size in my case) using the ElMessageEncryptor and ElMessageDecryptor classes with the PCSK#7 standard and using Digital Certificates.

Can you tell me if I'm right? and if I do, can you please give me an example of how to do that (since I didn't found an example of the use of these two classes in the sample projects you provide for .Net (c#)?

Thanks
#17671
Posted: 09/28/2011 00:26:04
by Eugene Mayevski (EldoS Corp.)

Thank you for contacting us.

Signing and verification is done using ElMessageSigner/ElMessageVerifier. All these components are present in <SecureBlackbox>\Samples\<language>\PKIBlackbox\MessagesDemo sample.


Sincerely yours
Eugene Mayevski
#17707
Posted: 10/01/2011 21:50:42
by toledogu (Basic support level)
Joined: 09/27/2011
Posts: 15

Hi,
I took a look at those projects and that works fine, thanks a lot.

But I was wondering if there is a way to Sign and Encrypt in one step in a standard PCKS#7 format, or if I have to make these steps separately, and if I have, it will be PKCS#7 compliant?
#17708
Posted: 10/01/2011 23:45:30
by Eugene Mayevski (EldoS Corp.)

You would need to use CMS classes for this. They are more complicated and they allow you sign and encrypt data at the same time in a compliant manner.


Sincerely yours
Eugene Mayevski
#17711
Posted: 10/02/2011 12:21:01
by toledogu (Basic support level)
Joined: 09/27/2011
Posts: 15

I have been looking at the project for CMS classes, but I only found an example on how to sign the message but I didn't find how to encrypt the content.

Can you please give me some tips on how to do this? A code snippet or the classes and/or methods used would be fine.

Thanks
#17712
Posted: 10/03/2011 04:18:49
by Ken Ivanov (EldoS Corp.)

Prior to further discussing, let's first clarify the requirements. Indeed, PKCS#7 declares a SignedAndEnvelopedData structure that allows to store signed and encrypted data as a single PKCS#7 message, yet, I cannot recall any higher-level standard that utilizes this structure. Even S/MIME that presumes a sign + encrypt protection for the document, divides this process into independent signing and encryption. So it would be great if you tell us what exactly you mean by "encrypt and sign in one step".
#20290
Posted: 06/01/2012 10:04:12
by toledogu (Basic support level)
Joined: 09/27/2011
Posts: 15

Hi,

Excuse me for reopening this topic, but now I have a new requirement about this topic.

What I ment when I said "encrypt and sign in one step" was if it was possible to do this in just one single step or instruction in a compliant mode like PGP does (where you have the EncryptAndSign method), since I don't know if doing first the encrypt part and then sign that (or vice versa) would be compliant.

In the new requirement I must use the CMS standard to encrypt and sign a file, but as I said before I couldn't find an example of how to do this.

Can you please help me?

Thanks
#20293
Posted: 06/01/2012 10:29:07
by Vsevolod Ievgiienko (EldoS Corp.)

Hello.

You can use TElMessageSigner with TElMessageEncryptor to sign and encrypt a file. As Innokentiy wrote above we don't support SignedAndEnvelopedData structure so it couldn't be done *in one step* as for OpenPGP. You can find all available samples in \EldoS\SecureBlackbox.NET\Samples\C#\PKIBlackbox\MessagesDemo folder.
#20295
Posted: 06/01/2012 10:45:10
by toledogu (Basic support level)
Joined: 09/27/2011
Posts: 15

Hi,

I have already checked those examples but I can you please confirm me if the resulting message would be CMS compliant.
#20296
Posted: 06/01/2012 10:59:29
by Eugene Mayevski (EldoS Corp.)

I am wondering if you have purchased a license since the original post. You seem to be using SecureBlackbox for almost a year now.


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 2864 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!