EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Sign string using SignDetached

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#33530
Posted: 06/02/2015 09:10:57
by David Rigamonte (Basic support level)
Joined: 06/02/2015
Posts: 3

Good morning!

I'm trying to sign a simple message (string), using SBB in XE3.

I have looked, and I found some threads on this subject, but I could not solve the problem yet ...

Using OpenSSL i get the correct signature, but using SBB i can't generate correctly.

OpenSSL command:
openssl dgst -sha256 -sign certificate.pem -out signature.bin message.txt
enc -base64 -in signature.bin -out message.txt

I tried 4 solution, but anyone works...
Delphi Code, generate wrong signature:

Code
  
  function CreateSignature(aCertificate: TElX509Certificate; AString: string): string;
  var
    S: string;
    Crypto: TElRSAPublicKeyCrypto;
    InBuf, OutBuf, SigBinData : string;
    Size : integer;
    StringStream : TStringStream;
    SignStringStream : TStringStream;
    MemStream,SignBuffer : TMemoryStream;
    fILEsTREAM : TFileStream;
  begin
    Result := '';

    S := AString;

    InBuf := S;
    Crypto := TElRSAPublicKeyCrypto.Create();
    try
//      Crypto.KeyMaterial := aCertificate.KeyMaterial;
//      Crypto.InputIsHash := False;
//      Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA256;
//      Crypto.UseAlgorithmPrefix := true;
//
//      Size := 0;
//      Crypto.SignDetached(@InBuf[1], Length(InBuf), nil, Size);
//      SetLength(OutBuf, Size);
//      Crypto.SignDetached(@InBuf[1], Length(InBuf), @OutBuf[1], Size);
//
//      //Assert(Crypto.VerifyDetached(@InBuf[1], Length(InBuf), @OutBuf[1], Size) = pkvrSuccess);
//
//      Result := SBEncoding.Base64EncodeString(OutBuf, False);

// ---------------------------- SOLUÇÃO 2 -----------------------------------
//        Crypto.KeyMaterial := aCertificate.KeyMaterial;
//        Crypto.InputEncoding := pkeBinary;
//        Crypto.InputIsHash := false;
//        Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA256;
//        Crypto.UseAlgorithmPrefix := true;
//        Crypto.OutputEncoding := pkeBase64;

//        StringStream := TStringStream.Create(AString);
//        SignStringStream := TStringStream.Create( '' );
//
//        Crypto.SignDetached( StringStream , SignStringStream );
//
//        Result := SignStringStream.DataString;

// ---------------------------- SOLUÇÃO 3 -----------------------------------
//        S := AString;
//        MemStream := TMemoryStream.Create();
//        MemStream.Write(S[1], Length(S));
//        MemStream.Position := 0;
//        Crypto.SignDetached( MemStream , SignStringStream );
//        Result := SignStringStream.DataString;

// ---------------------------- SOLUÇÃO 4 -----------------------------------
        SignStringStream := TStringStream.Create( '' );
        Crypto.KeyMaterial := aCertificate.KeyMaterial;
        Crypto.InputEncoding := pkeBinary;
        Crypto.InputIsHash := false;
        Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA256;
        Crypto.OutputEncoding := pkeBase64;

        StringStream := TStringStream.Create(AString);

        FileStream := TFileStream.Create( ExtractFilePath(ParamStr(0))+'filetosign'  , fmCreate );
        FileStream.Write( StringStream , StringStream.Size );
        FileStream.Destroy;

        FileStream := TFileStream.Create( ExtractFilePath(ParamStr(0))+'filetosign'  , fmOpenRead );

        Crypto.SignDetached( FileStream , SignStringStream );

        FileStream.Destroy;
        Result := SignStringStream.DataString;
    finally
      FreeAndNil(Crypto);
    end;
  end;


Thanks for the attention!!
#33531
Posted: 06/02/2015 09:29:50
by Alexander Ionov (Team)

Thank you for contacting us.

Could you please explane why do you use the crypto primitive and not TElMessageSigner class?

Also please clarify what does "Delphi Code, generate wrong signature" mean? How do you check that the signature is wrong?


--
Best regards,
Alexander Ionov
#33532
Posted: 06/02/2015 09:53:19
by David Rigamonte (Basic support level)
Joined: 06/02/2015
Posts: 3

I checked the signature by OpenSSL, i tested the openssl signature on my application (communicates with the Government) and works.

Delphi code means Any of the solutions on code dont works to generate the signature correctly.

Where i can get a use example of TElMessageSigner? Im trying here but i never used before...
#33533
Posted: 06/02/2015 11:54:58
by David Rigamonte (Basic support level)
Joined: 06/02/2015
Posts: 3

I found the problem....

I converted my String to ANSI, now the signatures are the same :)

Code
StringStream := TStringStream.Create(S,TEncoding.ANSI);
Crypto.SignDetached( StringStream , SignStringStream );
Result := SignStringStream.DataString;


The problem was the encode of the string.

Thanks guys...
#33535
Posted: 06/03/2015 01:19:57
by Vsevolod Ievgiienko (Team)

Quote
The problem was the encode of the string.

Thank you for letting us know. This information may be helpfull for other users.
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 985 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!