EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Encrypting a mime with self-signed certificate

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#28681
Posted: 03/05/2014 10:29:46
by Toni Santa (Standard support level)
Joined: 05/27/2013
Posts: 57

Hi,
I've to send a encrypted messages as email-attachment to a public-amministration office. They give me a self-signed certificate (cer-file) which I've to use for encrypting. The encryption-standard is CaDES. Please, point me to right sample where to start with encryption process. Thanks a lot.
Toni
#28684
Posted: 03/05/2014 16:29:16
by Ken Ivanov (EldoS Corp.)

Hello Toni,

I am afraid your task is not clear enough. CAdES is a signature standard, which can't be used for encrypting data. It would be great if you could show us the exact requirements set out by the administration office, then we will be able to give you a comprehensive answer.
#28695
Posted: 03/06/2014 04:30:31
by Toni Santa (Standard support level)
Joined: 05/27/2013
Posts: 57

Hi Ken,
I try to translate the requirements: "the encryption of the file (.msg, .eml) has to be done with the encrypted session key of the certificate. The used algorithm of this operation of symetric encryption of the file is the 3DES and the symetric Keys of the session are encrypted by use of the public key contained in certificate of the recipient".
The recipient is the public office.
the certificates can be found here: http://www.processotelematico.giustizia.it/pdapublic/resources/file/CertificatiCifratura/
thanks and best regards
Toni
#28697
Posted: 03/06/2014 05:18:52
by Vsevolod Ievgiienko (EldoS Corp.)

According to your description I suggest you to look into a sample from \EldoS\SecureBlackbox.VCL\Samples\Delphi\MIMEBlackbox\SecureMail folder.
#28698
Posted: 03/06/2014 06:19:42
by Toni Santa (Standard support level)
Joined: 05/27/2013
Posts: 57

Hi Vsevolod,
I just tried with this sample (selecting S/MIME "encrypt message"), set the eml-file (existing mime) and the output-file, but after selecting the certificate I receive a message "Invalid certificate data."
Toni
#28699
Posted: 03/06/2014 06:23:05
by Vsevolod Ievgiienko (EldoS Corp.)

Try to perform the same actions outside the IDE. Its possible that you see internal exception that is handled inside SecureBlackbox code.
#28701
Posted: 03/06/2014 06:41:04
by Toni Santa (Standard support level)
Joined: 05/27/2013
Posts: 57

Hi,
now I tried to modify the source of the sample, replacing the Cert.LoadFromBuffer(...) with Cert.LoadFromFileAuto(..) so the certificate is shown in the wizard. Seems the LoadFromBuffer has some problem.
Now selecting 3DES and encrypting, the final page shows an error:

Failed to assemble a message.
ElMime error code: 8
Message: "Invalid key length"

What else can I try?
Toni
#28702
Posted: 03/06/2014 06:47:53
by Toni Santa (Standard support level)
Joined: 05/27/2013
Posts: 57

Outside the IDE the problem is the same when selecting the certificate. Only the LoadFromFileAuto seems to work. But with failure when encrypting.
My todays-first post contains a link to the side where the certificates are published, so you are free to try it in debug. Since these certificates are used from others, I think they should be OK.
Toni
#28703
Posted: 03/06/2014 07:43:49
by Vsevolod Ievgiienko (EldoS Corp.)

Please change TfrmMain.GetAlgorithmBitsInKey method from MainForm.pas next way:

Code
function TfrmMain.GetAlgorithmBitsInKey: Integer;
begin
// this is only for SB_ALGORITHM_CNT_RC2 or SB_ALGORITHM_CNT_RC4
  if rbRC4_40.Checked then
    Result := 40
  else
    Result := 192; // correct size for 3DES
end;


This will fix "Invalid key length" error.
#28706
Posted: 03/06/2014 10:07:14
by Toni Santa (Standard support level)
Joined: 05/27/2013
Posts: 57

Great - it works. Thank you very much.
So remains the problem with "LoadFromBuffer", but since the LoadFromFile works fine, it's not urgent.
Toni
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 1037 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!