EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TElMessageVerifier output Stream empty

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#4634
Posted: 01/03/2008 14:38:46
by Bram Kerkhof (Standard support level)
Joined: 01/03/2008
Posts: 3

I'm using the PKIBlackBox for .NET version 5.2.0.124.

When verifying PKCS#7 data (created by the TElMessageSigner class), the TElMessageVerifier object does perform the verification (i.e.: return code 0) but does not write the verified content to the output stream.

Some code:
Code
        Public Function verify(ByVal ciphertext As Stream, ByVal plaintext As Stream, ByVal storage As TElCustomCertStorage) As Boolean
            ' Declarations            
            Dim result As Boolean = False
            Dim vresult As Integer
            Dom verifier as TElMessageVerifier

            ' Set verifier
            verifier = New TElMessageVerifier()

            ' Set certificates to be used in verification
            verifier.CertStorage = storage

            Try
                ' Verify
                vresult = verifier.Verify(ciphertext, plaintext, 0)

                If (vresult = 0) Then
                    ' Verification ok
                    result = True
                End If
            Catch ex As Exception
                ' Something went wrong
            End Try

            ' Return the result
            Return result
        End Function


The code for signing the message is nearly identical, so I don't know if there's anything I'm missing. Any ideas are appreciated.

cheers,
Bram
#4635
Posted: 01/03/2008 14:45:57
by Eugene Mayevski (EldoS Corp.)

1) What is the value of ciphertex­t.Position property when it's passed to the function?
2) Does the sample application work on the same data?


Sincerely yours
Eugene Mayevski
#4637
Posted: 01/03/2008 15:05:31
by Bram Kerkhof (Standard support level)
Joined: 01/03/2008
Posts: 3

1) ciphertext is (in this case) a MemoryStream instantiated using a Byte() buffer. The Position property is 0 when the verify method is called.

2) The sample application I've reviewed does not use the streams but rather the overloaded method with the Byte() buffers. I would like the output to be directed to a stream though.

cheers,
Bram
#4640
Posted: 01/03/2008 15:51:58
by Bram Kerkhof (Standard support level)
Joined: 01/03/2008
Posts: 3

I've did some further debugging and figured it out: it's not the verification that fails, but rather the signing: it happily signs empty data (e.g.: when using a stream and the Position property is at EOF).

So the verification mechanism is ok: as there was no data in the signature, there was no data written to the stream.

Thanks for the hint.

cheers,
Bram

Reply

Statistics

Topic viewed 2261 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!