EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Sign string using SignDetached

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
#33530
Posted: 06/02/2015 09:10:57
by David Rigamonte (Basic support level)
Joined: 06/02/2015
Posts: 3

Good morning!

I'm trying to sign a simple message (string), using SBB in XE3.

I have looked, and I found some threads on this subject, but I could not solve the problem yet ...

Using OpenSSL i get the correct signature, but using SBB i can't generate correctly.

OpenSSL command:
openssl dgst -sha256 -sign certificate.pem -out signature.bin message.txt
enc -base64 -in signature.bin -out message.txt

I tried 4 solution, but anyone works...
Delphi Code, generate wrong signature:

Code
  
  function CreateSignature(aCertificate: TElX509Certificate; AString: string): string;
  var
    S: string;
    Crypto: TElRSAPublicKeyCrypto;
    InBuf, OutBuf, SigBinData : string;
    Size : integer;
    StringStream : TStringStream;
    SignStringStream : TStringStream;
    MemStream,SignBuffer : TMemoryStream;
    fILEsTREAM : TFileStream;
  begin
    Result := '';

    S := AString;

    InBuf := S;
    Crypto := TElRSAPublicKeyCrypto.Create();
    try
//      Crypto.KeyMaterial := aCertificate.KeyMaterial;
//      Crypto.InputIsHash := False;
//      Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA256;
//      Crypto.UseAlgorithmPrefix := true;
//
//      Size := 0;
//      Crypto.SignDetached(@InBuf[1], Length(InBuf), nil, Size);
//      SetLength(OutBuf, Size);
//      Crypto.SignDetached(@InBuf[1], Length(InBuf), @OutBuf[1], Size);
//
//      //Assert(Crypto.VerifyDetached(@InBuf[1], Length(InBuf), @OutBuf[1], Size) = pkvrSuccess);
//
//      Result := SBEncoding.Base64EncodeString(OutBuf, False);

// ---------------------------- SOLUÇÃO 2 -----------------------------------
//        Crypto.KeyMaterial := aCertificate.KeyMaterial;
//        Crypto.InputEncoding := pkeBinary;
//        Crypto.InputIsHash := false;
//        Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA256;
//        Crypto.UseAlgorithmPrefix := true;
//        Crypto.OutputEncoding := pkeBase64;

//        StringStream := TStringStream.Create(AString);
//        SignStringStream := TStringStream.Create( '' );
//
//        Crypto.SignDetached( StringStream , SignStringStream );
//
//        Result := SignStringStream.DataString;

// ---------------------------- SOLUÇÃO 3 -----------------------------------
//        S := AString;
//        MemStream := TMemoryStream.Create();
//        MemStream.Write(S[1], Length(S));
//        MemStream.Position := 0;
//        Crypto.SignDetached( MemStream , SignStringStream );
//        Result := SignStringStream.DataString;

// ---------------------------- SOLUÇÃO 4 -----------------------------------
        SignStringStream := TStringStream.Create( '' );
        Crypto.KeyMaterial := aCertificate.KeyMaterial;
        Crypto.InputEncoding := pkeBinary;
        Crypto.InputIsHash := false;
        Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA256;
        Crypto.OutputEncoding := pkeBase64;

        StringStream := TStringStream.Create(AString);

        FileStream := TFileStream.Create( ExtractFilePath(ParamStr(0))+'filetosign'  , fmCreate );
        FileStream.Write( StringStream , StringStream.Size );
        FileStream.Destroy;

        FileStream := TFileStream.Create( ExtractFilePath(ParamStr(0))+'filetosign'  , fmOpenRead );

        Crypto.SignDetached( FileStream , SignStringStream );

        FileStream.Destroy;
        Result := SignStringStream.DataString;
    finally
      FreeAndNil(Crypto);
    end;
  end;


Thanks for the attention!!
#33531
Posted: 06/02/2015 09:29:50
by Alexander Ionov (EldoS Corp.)

Thank you for contacting us.

Could you please explane why do you use the crypto primitive and not TElMessageSigner class?

Also please clarify what does "Delphi Code, generate wrong signature" mean? How do you check that the signature is wrong?


--
Best regards,
Alexander Ionov
#33532
Posted: 06/02/2015 09:53:19
by David Rigamonte (Basic support level)
Joined: 06/02/2015
Posts: 3

I checked the signature by OpenSSL, i tested the openssl signature on my application (communicates with the Government) and works.

Delphi code means Any of the solutions on code dont works to generate the signature correctly.

Where i can get a use example of TElMessageSigner? Im trying here but i never used before...
#33533
Posted: 06/02/2015 11:54:58
by David Rigamonte (Basic support level)
Joined: 06/02/2015
Posts: 3

I found the problem....

I converted my String to ANSI, now the signatures are the same :)

Code
StringStream := TStringStream.Create(S,TEncoding.ANSI);
Crypto.SignDetached( StringStream , SignStringStream );
Result := SignStringStream.DataString;


The problem was the encode of the string.

Thanks guys...
#33535
Posted: 06/03/2015 01:19:57
by Vsevolod Ievgiienko (EldoS Corp.)

Quote
The problem was the encode of the string.

Thank you for letting us know. This information may be helpfull for other users.
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 774 times

Number of guests: 2, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!