Sign SHA256 hash

You must sign in to post in the forums.
8/27/2014 10:37:29 AM
gozcu
Gravatar
Total Posts 12
View Posts

Sign SHA256 hash

Dear Ugo, 

I have to open a new thread because the problem has changed. People who read this thread, previous thread can be found below.

http://www.ncryptoki.com/Forums/Thread.aspx?pageid=9&mid=22&ItemID=1&thread=151

 

And for this current situation;

I kindly request you to forget SOAP message (: .

 

I have a single hash as [INPUT], doesn't mean anything but it is below.

7/X3PTLCL0QU/vU6/ZlHn58Z7AfD1dPsa2hB+7B2khA=

And i have single certificate which is imported in Virtual HSM from Local Certificate Store.

i call SignLocal method and SignWithHSM with the same hash above. However, i get different result. If i get same result, it will work because SignLocal works as expected.

 

I need this because production certificate cannot be exported and it will be in a Luna HSM so i cannot use SignLocal method in prod. environment.

 

        private static byte[] SignLocal(byte[] INPUT)
        {
            X509Certificate2 certificate = X509Certificate2_Cryptographer.LoadCertificate(StoreLocation.CurrentUser, "CN=e-Fatura Deneme A.Ş., SERIALNUMBER=9999999999, OU=e-Fatura Deneme A.Ş.");
            RSACryptoServiceProvider key = new RSACryptoServiceProvider();
            key.FromXmlString(certificate.PrivateKey.ToXmlString(true));

            byte[] signed = key.SignHash(INPUT, CryptoConfig.MapNameToOID("SHA256"));

            return signed;
        }
 

 

        public byte[] SignWithHSM(byte[] INPUT)
        {
            byte[] OUTPUT=null;
            try
            {
                // Searchs for an RSA private key object
                // Sets the template with its attributes
                CryptokiCollection template = new CryptokiCollection();

                template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY));
                template.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
                template.Add(new ObjectAttribute(ObjectAttribute.CKA_SIGN, true));

                // Launchs the search specifying the template just created
                CryptokiCollection objects = session.Objects.Find(template, 10);
                RSAPrivateKey privateKey = null;
                // If the private keys is found continue
                if (objects.Count == 1)
                {
                    privateKey = (RSAPrivateKey)objects[0];
                }
                else if (objects.Count > 1)
                {
                    throw new Exception("Private key not found!...");
                }
                else
                {
                    throw new Exception("More than one private key found!...");
                }

                // initialize for signing
                var retval=session.SignInit(Mechanism.RSA_PKCS, privateKey);


                // sign the data to be signed
                OUTPUT = session.Sign(INPUT);

                return OUTPUT;
            }
            catch (Exception ex)
            {
                throw new Exception(ex.Message);

            }
        }
 

PS. Do you offer phone call support with your license or anyhow? I better call you. :)

 

Best Regards

Emrah

8/27/2014 3:02:43 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Sign SHA256 hash

In any case (SOAP or not) you should sign with RSA_PKCS the DigestInfo structure as described in RFC 2313 :

The message digest MD and a message-digest algorithm identifier shall be combined into an ASN.1 value of type DigestInfo, described below, which shall be BER-encoded to give an octet string D, the data to sign. 

DigestInfo ::= SEQUENCE { 

   digestAlgorithm DigestAlgorithmIdentifier,
   digest Digest

DigestAlgorithmIdentifier ::= AlgorithmIdentifier 

Digest ::= OCTET STRING

The fields of type DigestInfo have the following meanings:

- digestAlgorithm identifies the message-digest algorithm (and any associated parameters). For this application, it should identify the selected message-digest algorithm, SHA1, SHA256, MD2, MD4 or MD5 

- digest is the result of the message-digesting process (HASHING), i.e., the message digest MD.

 

I'm available by phone, but If you don't understand what I mean, if  you cannot deal with DigestInfo, we will waste our time by phone.

8/27/2014 3:59:29 PM
gozcu
Gravatar
Total Posts 12
View Posts

Re: Sign SHA256 hash

Please excuse my stupidity and answer one question.

If the certificates are same and the INPUT (hash value) is same then will both method (SignLocal, SignWithHSM) return same signature value?

8/27/2014 4:10:34 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Sign SHA256 hash

The answer is NO, the result is different because in SignWithHSM you forgot to calculate the DigestInfo.

While In SignLocal the method SignHash calulates the DigestInfo (inside)

8/27/2014 11:52:28 PM
gozcu
Gravatar
Total Posts 12
View Posts

Re: Sign SHA256 hash

I am not a guru of the crypto world, i appreciate what you do in here. Even i can accept being ignorant, however i beleive you are mistaken in one point. I really want to be wrong this time but the INPUT is the 32 bytes Digest value already. I get the digest value somewhere before the sign and send it to the methods, otherwise both method will fail.
8/28/2014 7:08:43 AM
gozcu
Gravatar
Total Posts 12
View Posts

Re: Sign SHA256 hash

Hi Ugo,

This link tells me that i should somehow assert the hash algorithm into signature that i used while calculating INPUT value (Digest Value) which is eventualy SHA256. However, since there is no RSA SHA256 mechanism in the library i create new mechanism with the MechanismType = 64 which is descriped in another entry but i get BUFFER_TOO_SMALL error this time.

 

Hope this helps you to understand me.

8/28/2014 9:55:10 AM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Sign SHA256 hash

You are not listening me. 

With your 32 byte hash you must calculate the DigestInfo structure that is composed by:

- hashing algorithm identifier

- 32 byte hash

 

DigestInfo ::= SEQUENCE { 

   digestAlgorithm DigestAlgorithmIdentifier,
   digest Digest

DigestAlgorithmIdentifier ::= AlgorithmIdentifier 

Digest ::= OCTET STRING

 

This is the only way to obtain the same result as SignLocal

8/28/2014 2:23:00 PM
gozcu
Gravatar
Total Posts 12
View Posts

Re: Sign SHA256 hash

Dear Ugo,

 

Thank you for your great support. It works well now.

I did not distinguish Digest and DigestInfo structure as you mentioned. I sign the DigestInfo structure and it creates expected results.

 

I will purchase NCryptoki Full Licence as soon as i get approval. 

 

Best Regards

Emrah

12/31/2014 10:08:41 AM
scarlet_5
Gravatar
Total Posts 3
View Posts

Re: Sign SHA256 hash

Hi,

How did you create/calculate DigestInfo by using C#?

Is there any library that i have to use ?? OR is there any example C# code for this?

Any help would be much appreciated. Thanks...

3/24/2015 5:16:56 PM
mkysoft
Gravatar
Total Posts 9
View Posts

Re: Sign SHA256 hash

Dear @scarlet_5,

C# 4 or 4.5 framework cannot sign with SHA256. There is no standart library. You need third party library. You can use bouncy castle or NDigitSign.

You must sign in to post in the forums.