EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TSBASSignatureDigestAlgorithm and support for SHA2 2048 in AS2?

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#31736
Posted: 12/22/2014 10:10:06
by Ivan Demkovitch (Standard support level)
Joined: 11/10/2013
Posts: 23

We are using SecureBlackBox v11 and specifically we use it for AS2 EDI protocol.

One of our partners switching to SHA2 2048 bit and we need to support it. I setup hashing algorithm by using TSBASSignatureDigestAlgorithm enum. I downloaded latest v11 build that supposed to support SHA2 but don't see appropriate signing values under this enum.

What should I do?
#31737
Posted: 12/22/2014 10:22:30
by Eugene Mayevski (EldoS Corp.)

SHA2 is 256/384/512. Where did you find 2048-bit SHA? I guess that maybe they meant RSA2048/SHA2 - that's a totally different story.


Sincerely yours
Eugene Mayevski
#31738
Posted: 12/22/2014 10:27:44
by Ivan Demkovitch (Standard support level)
Joined: 11/10/2013
Posts: 23

Hm... This is what they say in email:

Quote
Please note our new cert is SHA-2 / 2048 bit with an issuing authority of Comodo and make sure your software is able to handle SHA-2 and 2048 bit.


I'm also attaching cert they sent me..


[ Download ]
#31740
Posted: 12/22/2014 10:39:41
by Eugene Mayevski (EldoS Corp.)

As I understand that's about certificates used in TLS, and indeed that's about RSA2048-SHA2 rather than SHA2048. The Subject property of their certificate is misleading.

SecureBlackbox handled such certificates since the beginning (of SHA2).


Sincerely yours
Eugene Mayevski
#31742
Posted: 12/22/2014 10:45:18
by Ivan Demkovitch (Standard support level)
Joined: 11/10/2013
Posts: 23

I'm confused now. The only "SHA1" I know of is hashing algorithm for message signing.

Should I use SHA2 now? And if so, what TSBASSignatureDigestAlgorithm is should be? There is no SHA2 selection there..

Or.. I shouldn't even touch anything and feed this new cert to TElX509Certificate and leave everything else alone?
#31743
Posted: 12/22/2014 10:48:08
by Alexander Ionov (EldoS Corp.)

The attached certificate uses SHA-256 digest with RSA 2048. But this does not mean that you have to use ONLY SHA-256 digest to sign your outgoing AS2 messages. You can use any digest algorithm from the supported algorithms list on your own.


--
Best regards,
Alexander Ionov
#31744
Posted: 12/22/2014 10:53:43
by Ivan Demkovitch (Standard support level)
Joined: 11/10/2013
Posts: 23

Thanks a lot! I got it.
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 737 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!