EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TSBASSignatureDigestAlgorithm and support for SHA2 2048 in AS2?

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#31736
Posted: 12/22/2014 10:10:06
by Ivan Demkovitch (Standard support level)
Joined: 11/10/2013
Posts: 21

We are using SecureBlackBox v11 and specifically we use it for AS2 EDI protocol.

One of our partners switching to SHA2 2048 bit and we need to support it. I setup hashing algorithm by using TSBASSignatureDigestAlgorithm enum. I downloaded latest v11 build that supposed to support SHA2 but don't see appropriate signing values under this enum.

What should I do?
#31737
Posted: 12/22/2014 10:22:30
by Eugene Mayevski (EldoS Corp.)

SHA2 is 256/384/512. Where did you find 2048-bit SHA? I guess that maybe they meant RSA2048/SHA2 - that's a totally different story.


Sincerely yours
Eugene Mayevski
#31738
Posted: 12/22/2014 10:27:44
by Ivan Demkovitch (Standard support level)
Joined: 11/10/2013
Posts: 21

Hm... This is what they say in email:

Quote
Please note our new cert is SHA-2 / 2048 bit with an issuing authority of Comodo and make sure your software is able to handle SHA-2 and 2048 bit.


I'm also attaching cert they sent me..


[ Download ]
#31740
Posted: 12/22/2014 10:39:41
by Eugene Mayevski (EldoS Corp.)

As I understand that's about certificates used in TLS, and indeed that's about RSA2048-SHA2 rather than SHA2048. The Subject property of their certificate is misleading.

SecureBlackbox handled such certificates since the beginning (of SHA2).


Sincerely yours
Eugene Mayevski
#31742
Posted: 12/22/2014 10:45:18
by Ivan Demkovitch (Standard support level)
Joined: 11/10/2013
Posts: 21

I'm confused now. The only "SHA1" I know of is hashing algorithm for message signing.

Should I use SHA2 now? And if so, what TSBASSignatureDigestAlgorithm is should be? There is no SHA2 selection there..

Or.. I shouldn't even touch anything and feed this new cert to TElX509Certificate and leave everything else alone?
#31743
Posted: 12/22/2014 10:48:08
by Alexander Ionov (EldoS Corp.)

The attached certificate uses SHA-256 digest with RSA 2048. But this does not mean that you have to use ONLY SHA-256 digest to sign your outgoing AS2 messages. You can use any digest algorithm from the supported algorithms list on your own.


--
Best regards,
Alexander Ionov
#31744
Posted: 12/22/2014 10:53:43
by Ivan Demkovitch (Standard support level)
Joined: 11/10/2013
Posts: 21

Thanks a lot! I got it.
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 730 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!