EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Problem on 64 bit program using TElRSAPublicKeyCrypto

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#25997
Posted: 08/06/2013 14:23:10
by Rodrigo Godinho Palhano (Standard support level)
Joined: 04/26/2012
Posts: 12

Greetings,

we are having problems with the method SignDetached of the class TElRSAPublicKeyCrypto.

The output of the method is changing for the same input on a 64 bit project.

Here is an excerpt of the code:

Code

...

var
    ValueToBeSigned: string;
    Crypto: TElRSAPublicKeyCrypto;
    InBuf, OutBuf : string;
    Size : integer;

begin

    ...

    InBuf := ValueToBeSigned;
    Crypto := TElRSAPublicKeyCrypto.Create();
    try
      Crypto.KeyMaterial := aCertificate.KeyMaterial;
      Crypto.InputIsHash := False;
      Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA1;
      Crypto.UseAlgorithmPrefix := true;

      Size := 0;
      Crypto.SignDetached(@InBuf[1], Length(InBuf), nil, Size);
      SetLength(OutBuf, Size);
      Crypto.SignDetached(@InBuf[1], Length(InBuf), @OutBuf[1], Size);

      ...

    finally
      FreeAndNil(Crypto);
    end;

    ...

end;


What we are doing wrong here?
#25998
Posted: 08/06/2013 14:28:05
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

The signing mechanism requires random padding of incoming data, so the output will be different for the same data even of the same system. Also its not recommended to use string as an output container as output is in binary format and is not a string.
#25999
Posted: 08/06/2013 14:32:49
by Eugene Mayevski (EldoS Corp.)

It's not just "not recommended" , but will corrupt data in Unicode versions of Delphi.


Sincerely yours
Eugene Mayevski
#26000
Posted: 08/06/2013 14:42:34
by Rodrigo Godinho Palhano (Standard support level)
Joined: 04/26/2012
Posts: 12

This random padding only occurs on 64 bit? The signing is working, our problem is relative to our test suite that verifies if the output is the same for different inputs. The suite worked fine on 32 bit. Thanks for the telling us about not using string for binary formats, we are aware of the issues and will consider changing it in the future (currently we use string as a container and do the necessary conversion to make it work for unicode and non unicode delphi versions).

thanks for fast response.
#26001
Posted: 08/06/2013 14:47:07
by Vsevolod Ievgiienko (EldoS Corp.)

The padding is done in both 32 and 64 bit systems. Your test suite should better verify signatures but not compare the outputs.
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 599 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!