Jump to content
Registration disabled at the moment Read more... ×
Eric Winfly

TSslCertTools for generate CSR

By Eric Winfly, in ICS - Internet Component Suite

Recommended Posts

Eric Winfly    1

Eric Winfly
Posted

This is what i try before but my content i need to sign text like this

 

100000000120250815090926+000000000.25+000000000.50+000000005.75567891234RT00015678912340TQ0001FACOPE======================================================================================== 

 

And when i use your code you specify i obtain Base64Encoded String of length of 96 but her specification need a length of 88 (i use IcsBase64EncodeTB after SignDigest) ?

 

Now i have try :

  

	TSslCertTools *Tool = new TSslCertTools(NULL);
	AnsiString DataEnc, Digest, Secret;
	TBytes SigTB, DataTB = IcsStringToTBytes(Data), SecretTB, DigestTB;

	//Tool->PrivateKeyLoadFromPemFile("Certificat.pem");

	//DataEnc = IcsAsymSignDigest(Data, Tool->PrivateKey, Digest_sha256);
	//DataEnc = IcsBase64Encode(DataEnc);

	//DataEnc = IcsAsymSignDigest(Data, Tool->PrivateKey, Digest_sha256);
	//DataEnc = IcsBase64Encode(DataEnc);

	delete Tool;

	//return (DataEnc);

	//Configuration->FieldByName("CertificatKEY")->AsString;

	Secret = Configuration->FieldByName("CertificatKEY")->AsString;
	DataTB = IcsStringToTBytes(Data);
	SecretTB = IcsStringToTBytes(Secret);

	DigestTB = IcsHMACDigestTB(DataTB, SecretTB, Digest_sha512);
	DataEnc = IcsBase64EncodeTB(DigestTB);

With this last call i obtain 88 of length but the server tell me this is not sign with the FingerPrint of the last cert ???

 

Note : i put Digest_sha512 because this give me 88 of length !

Share this post

Link to post

Eric Winfly    1

Eric Winfly
Posted

Also im not sure if ICS Library digital signature with format p1363 or ASN, i also need to create a p1363 sign ?

 

Share this post

Link to post

Angus Robertson    659

Angus Robertson
Posted

Sha256 and Sha512 give different length digests, and HMAC is not using a private key.  Private keys are not strings.  

 

Digests are binary, there are lots of ways of converting binary to text, variations of bas64, hex, etc.  You need to work which version gives you the length you need.  

 

ASN is the binary format of X509 certificates, never heard of p1363.  Signing gives a digest, nothing more. 

 

Angus

 

Share this post

Link to post

Eric Winfly    1

Eric Winfly
Posted
2 hours ago, Angus Robertson said:

Sha256 and Sha512 give different length digests, and HMAC is not using a private key.  Private keys are not strings.  

 

Digests are binary, there are lots of ways of converting binary to text, variations of bas64, hex, etc.  You need to work which version gives you the length you need.  

 

ASN is the binary format of X509 certificates, never heard of p1363.  Signing gives a digest, nothing more. 

 

Angus

 

So  

IcsAsymSignDigest

Return only sign digest base on asn.1, i need to convert to ieee p1363 ? Nothing do this in Ics Library ?

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing ICS - Internet Component Suite
×