EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Problem on 64 bit program using TElRSAPublicKeyCrypto

Posted: 08/06/2013 14:23:10
by Rodrigo Ramalho (Standard support level)
Joined: 04/26/2012
Posts: 12


we are having problems with the method SignDetached of the class TElRSAPublicKeyCrypto.

The output of the method is changing for the same input on a 64 bit project.

Here is an excerpt of the code:



    ValueToBeSigned: string;
    Crypto: TElRSAPublicKeyCrypto;
    InBuf, OutBuf : string;
    Size : integer;



    InBuf := ValueToBeSigned;
    Crypto := TElRSAPublicKeyCrypto.Create();
      Crypto.KeyMaterial := aCertificate.KeyMaterial;
      Crypto.InputIsHash := False;
      Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA1;
      Crypto.UseAlgorithmPrefix := true;

      Size := 0;
      Crypto.SignDetached(@InBuf[1], Length(InBuf), nil, Size);
      SetLength(OutBuf, Size);
      Crypto.SignDetached(@InBuf[1], Length(InBuf), @OutBuf[1], Size);





What we are doing wrong here?
Posted: 08/06/2013 14:28:05
by Vsevolod Ievgiienko (Team)

Thank you for contacting us.

The signing mechanism requires random padding of incoming data, so the output will be different for the same data even of the same system. Also its not recommended to use string as an output container as output is in binary format and is not a string.
Posted: 08/06/2013 14:32:49
by Eugene Mayevski (Team)

It's not just "not recommended" , but will corrupt data in Unicode versions of Delphi.

Sincerely yours
Eugene Mayevski
Posted: 08/06/2013 14:42:34
by Rodrigo Ramalho (Standard support level)
Joined: 04/26/2012
Posts: 12

This random padding only occurs on 64 bit? The signing is working, our problem is relative to our test suite that verifies if the output is the same for different inputs. The suite worked fine on 32 bit. Thanks for the telling us about not using string for binary formats, we are aware of the issues and will consider changing it in the future (currently we use string as a container and do the necessary conversion to make it work for unicode and non unicode delphi versions).

thanks for fast response.
Posted: 08/06/2013 14:47:07
by Vsevolod Ievgiienko (Team)

The padding is done in both 32 and 64 bit systems. Your test suite should better verify signatures but not compare the outputs.



Topic viewed 696 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!