EldoS | Feel safer!

Software components for data protection, secure storage and transfer

VerifyDetached and unsupported hash

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#2291
Posted: 02/13/2007 15:08:59
by Matthew Jones (Standard support level)
Joined: 02/06/2007
Posts: 26

Using the TElRSAPublicKeyCrypto SignDetached to sign a key (as discussed in the "confused" topic) is working fine. What isn't working is verifying it. I can see that the data is all reading properly, but I'm getting an error that the hash function is unsupported.
The call stack is:
Code
TElBuiltInHashFunction.GetDigestSizeBits(32767)
TElBuiltInHashFunction.IsAlgorithmSupported(32767)
TElBuiltInHashFunction.Create(32767,nil)
TElBuiltInHashFunction.Create('',nil)
TElBuiltInRSAPublicKeyCrypto.VerifyInit(False,$1396108,128)
TElBuiltInCryptoProvider.InternalVerifyInit($13963DC,$1396108,128)
TElBuiltInCryptoProvider.VerifyInit(29697,$138AE44,$1396108,128,$139618C,nil,nil)
TElRSAPublicKeyCrypto.VerifyInit(True,$1396108,128)
TElPublicKeyCrypto.InternalVerifyDetached($1384DCC,$138A000,102,128)
TElPublicKeyCrypto.VerifyDetached($1384DCC,$138A000,0,128)
TForm1.DecryptDemo

Now, I can't work out how to get the hash specified since I don't specify one anywhere, and didn't for the Signing. The hash algorithm is got from GetHashAlgorithmByOID which is passed an empty IOD. I can't see how I set that anywhere sensible. I can't see any mention of the hash in the VerifyDetached sample code either.

I'd welcome a clue as to how to get this going. The core is as per my demo, so you can see the setup of the key material there.

Thanks, Matthew. (I hope that others will find these questions useful sometime - I can't find anyone else has asked them on the search option.)
#2292
Posted: 02/13/2007 15:26:49
by Matthew Jones (Standard support level)
Joined: 02/06/2007
Posts: 26

Setting xPKEncrypt.CryptoType := rsapktPSS; stops it failing at that point and I'm getting an invalid signature result but it may be progress.
#2293
Posted: 02/13/2007 15:29:27
by Ken Ivanov (EldoS Corp.)

Please specify the hash algorithm via TElRSAPublicKeyCrypto.HashAlgorithm property. You should use the same values for both encrypting and decrypting routine (e.g., SB_ALGORITHM_DGST_SHA1).
#2294
Posted: 02/13/2007 15:43:01
by Matthew Jones (Standard support level)
Joined: 02/06/2007
Posts: 26

Okay, giving the validation the right stream to compare against helps too. And once I've done that, the CryptoType setting is no longer needed.

You know - it is all actually working how I want it!

I think I'll call it a day now, but I must say a big thank you for the support. I'll tidy this demo too, and maybe someone will care enough for it.

Many thanks all.

Matthew

Reply

Statistics

Topic viewed 2427 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!