EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Add Signature Policy into Cades

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
Posted: 03/28/2014 09:44:04
by Ranyele Amorim (Basic support level)
Joined: 02/14/2014
Posts: 10


I am having difficulty adding policies signature generated by the cades file. Studying discovered TElSinglePolicyInformation class, where I can add the information, however I am not able to add these to your signature.
I'm on the right track?

Information you need to add:

Policy Id =
Policy Uri = http://politicas.icpbrasil.gov.br/PA_AD_RB.der
Policy Hash = rySugyKaMhiMR8Y/o5yuU2A2bF0=

Thank you all.
Posted: 03/28/2014 09:58:44
by Ken Ivanov (EldoS Corp.)

Hello Ranyele,

Policy information should be added via TElCMSSignature.SignaturePolicy property:

sig.SignaturePolicy.Included = true;
sig.SignaturePolicy.PolicyIdentifier = SBUtils.Unit.StrToOID("");
sig.SignaturePolicy.PolicyHash = Convert.FromBase64String("rySugyKaMhiMR8Y/o5yuU2A2bF0=");
sig.SignaturePolicy.get_Qualifiers(0).URI = "http://politicas.icpbrasil.gov.br/PA_AD_RB.der";
sig.SignaturePolicy.get_Qualifiers(0).QualifierType = TSBSigPolicyQualifierType.spqtURI;
Posted: 03/31/2014 06:41:09
by Ranyele Amorim (Basic support level)
Joined: 02/14/2014
Posts: 10


Many thanks for the reply. I am using the VCL edition, and property sig.SignaturePolicy.PolicyHash this version is read-only. Checked if this property could be in the qualifiers, but not found.

Thanks again for your attention too.
Posted: 03/31/2014 09:31:42
by Ken Ivanov (EldoS Corp.)

Hello Ranyele,

My bad, sorry. The hash should be set in the following way:

sig.SignaturePolicy.PolicyHash.HashValue = Convert.FromBase64String("rySugyKaMhiMR8Y/o5yuU2A2bF0=");
sig.SignaturePolicy.PolicyHash.HashAlgorithm = SBConstants.Unit.SB_ALGORITHM_DGST_SHA1;

Posted: 03/31/2014 14:08:10
by Ranyele Amorim (Basic support level)
Joined: 02/14/2014
Posts: 10

hello to everyone!

I greatly appreciate the help to develop the tool you need. I'm still having some difficulty to validate the file I'm signing. The FromBase64String StrToOID and functions are in some kind of EldoS own or is Delphi? I'm not able to use neither.

Thanks a lot!
Posted: 03/31/2014 14:19:18
by Eugene Mayevski (EldoS Corp.)

The above code was for .NET.

In Delphi StrToOID() is in SBStrUtils unit an dbase 64 conversion functions are in SBEncoding unit (B64Decode, for example) .

Sincerely yours
Eugene Mayevski
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.



Topic viewed 1059 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!