EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Private key and windows certificates

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#22316
Posted: 11/01/2012 15:30:23
by Ken Ivanov (EldoS Corp.)

1) What value does the Cert variable have before you are passing it to the CreateEPES() method? Is its PrivateKeyExists property set to true?

2) Line 68 is abundant. The Cert object is owned by the storage and is freed automatically when the storage object is released.
#22317
Posted: 11/01/2012 15:57:35
by Ernesto Alconada (Basic support level)
Joined: 11/01/2012
Posts: 25

I've just realized that this exception only occurs when i'm debugging code. When I run the program outside Delphi i get an "Invalid pointer operation" but i get the sign correctly.
How could i get a dettached sign,without the content of the source file?
#22318
Posted: 11/01/2012 16:05:09
by Ken Ivanov (EldoS Corp.)

This only means that a memory corruption takes place somewhere. Have you commented out Line 68 in your code snippet?

Set TElSignedCMSMessage.Detached to true to produce a detached signature.
#22319
Posted: 11/01/2012 16:07:25
by Ernesto Alconada (Basic support level)
Joined: 11/01/2012
Posts: 25

Ok, the "invalid ponter operation" solved, removing line 68.
#22320
Posted: 11/01/2012 16:24:41
by Ernesto Alconada (Basic support level)
Joined: 11/01/2012
Posts: 25

The sign generated is not valid. I think that i must specify a Policy Url like "http://administracionelectronica.gob.es/es/ctt/politicafirma/politica_firma_AGE_v1_8.pdf". How could i specify this parameter? Thanks
#22321
Posted: 11/01/2012 16:37:42
by Ernesto Alconada (Basic support level)
Joined: 11/01/2012
Posts: 25

Being more explicit, the parameters i must specify in cades-epes sign are:

sigPolicyId 2.16.724.1.3.1.1.2.1.8
sigPolicyHash::hashAlgorithm 1.3.14.3.2.26
sigPolicyHash::hashValue 7SxX3erFuH31TvAw9LZ70N7p1vA=
sigPoliciyUri http://administracionelectronica.gob.es/es/ctt/politicafirma/politica_firma_AGE_v1_8.pdf

For the parameter hashAlgorithm i specify SB_CERT_ALGORITHM_SHA1_RSA_ENCRYPTION on third parameter in CreateEPES method. is this correct?

How could i specify sigPolicyUri?

Thanks.
#22322
Posted: 11/02/2012 01:07:05
by Ken Ivanov (EldoS Corp.)

Quote
The sign generated is not valid.

Signature invalidity is a fairly broad term. What methods did you use to establish that the signature is not valid and what results did you get?
#22323
Posted: 11/02/2012 02:00:31
by Ernesto Alconada (Basic support level)
Joined: 11/01/2012
Posts: 25

Quote
What methods did you use to establish that the signature is not valid and what results did you get?


I can validate the sign here. The firm is not in the correct format. May not have correctly specified above parameters? i don't know.
#22324
Posted: 11/02/2012 02:01:49
by Ernesto Alconada (Basic support level)
Joined: 11/01/2012
Posts: 25

Quote
What methods did you use to establish that the signature is not valid and what results did you get?


Sorry, here https://valide.redsara.es/valide/validarFirma/ejecutar.html
#22325
Posted: 11/02/2012 02:12:42
by Ken Ivanov (EldoS Corp.)

OK, could you please send us a 'bad' signature (the one that you create with CreateEPES) and a 'good' one (that passes service-based validation) so that we could compare them for you? You can post the signatures securely via our help desk.
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 3300 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!