Re: Computing Hash
From: Param (Param_at_discussions.microsoft.com)
Date: 09/09/04
- Next message: Param: "Re: Computing Hash"
- Previous message: Niklas: "Re: question about CertCreateCertificateContext"
- In reply to: Valery Pryamikov: "Re: Computing Hash"
- Next in thread: Valery Pryamikov: "Re: Computing Hash"
- Reply: Valery Pryamikov: "Re: Computing Hash"
- Reply: Daniel Sie [MSFT]: "Re: Computing Hash"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 9 Sep 2004 06:55:45 -0700
could u tell me the conversion process.
I have a signature prodused by CryptSignMessage
How do i convert into little-endian. please provide necessary calls
it is a bit urgent...
We have a requirement of signing and verifying huge data.
Thanx in advance......
"Valery Pryamikov" wrote:
> ASN1 DER format stores numbers in big-endian. CryptVerfySignature takes
> signature in little-endian. ASN1 DER means that it isn't actual signature,
> but encoded that at least has integer tag '02' and data length before big
> integer in big-endian format. So, you have to strip out all DER encoding and
> reverse signature bytes (the things CryptVerifyDetachedMessageSignature does
> for you and what I've told you to do in my message where I first mentioned
> CryptVerifySignature).
>
> -Valery.
> http://www.harper.no/valery
>
> "Param" <Param@discussions.microsoft.com> wrote in message
> news:C10CB511-AE87-4B81-8933-BCF1B88339CD@microsoft.com...
> > pbSignature is actual signature in the der format
> > and fileLen is the length of the pbSignature.
> > from this signature only i got the certificate and publickey
> > as u told if the parameters are wrong what extra check i have to perform
> >
> > the same signature i am able to verify with the
> > CryptVerifyDetachedMessageSignature
> >
> > "Valery Pryamikov" wrote:
> >
> >> That means that you passed parameters wrong.
> >> btw, what fileLen has to do with the length of pbSignature? if you have
> >> detached signature, in separate file, it probably encoded with ASN1 and
> >> filelen would not be size of signature, but size of encoded blob
> >> including
> >> tags, oid and envelope. You have to pass signature only (large integer
> >> number) in little-endian format to the CryptVerifySignature. if
> >> parameters
> >> are passed correctly and signature matches, then api is guaranteed to
> >> work.
> >>
> >> -Valery.
> >> http://www.harper.no/valery
> >>
> >> "Param" <Param@discussions.microsoft.com> wrote in message
> >> news:AA0BAAD9-ECDA-47D9-A743-E0485ACFF8D2@microsoft.com...
> >> > Hello,
> >> > I am getting NTE_BAD_SIGNATURE error in the CryptVerifySignature
> >> >
> >> > CryptVerifySignature(hHash,
> >> > pbSignature,
> >> > fileLen,
> >> > hPubKey,
> >> > NULL,
> >> > 0))
> >> >
> >> >
> >> > "Valery Pryamikov" wrote:
> >> >
> >> >> Just call CryptHashData while as you streaming your data and pass hash
> >> >> to
> >> >> CryptVerifySignature.
> >> >> You only have to make sure that you pass pbSignature in little endian
> >> >> format
> >> >> (ASN1 encodded format holds it in big-endian, so you just need to
> >> >> reverse
> >> >> bytes)
> >> >>
> >> >> -Valery.
> >> >> http://www.harper.no/valery
> >> >>
> >> >> "Param" <Param@discussions.microsoft.com> wrote in message
> >> >> news:BAFF8FE3-86F3-4CA4-A3C9-87E0DA0B9970@microsoft.com...
> >> >> > nothing
> >> >> > i am asking about signature verification
> >> >> >
> >> >> > "Valery Pryamikov" wrote:
> >> >> >
> >> >> >> What stops you from calling CryptHashData while as you streaming
> >> >> >> your
> >> >> >> data?
> >> >> >>
> >> >> >> -Valery.
> >> >> >> http://www.harper.no/valery
> >> >> >>
> >> >> >> "Param" <Param@discussions.microsoft.com> wrote in message
> >> >> >> news:04630EF7-172B-4D8E-A0C0-023A855DCF5D@microsoft.com...
> >> >> >> > That means i need to call CryptHashData in a loop until i pass
> >> >> >> > the
> >> >> >> > last
> >> >> >> > chunk
> >> >> >> > of data.
> >> >> >> > need to set any flag for tha last chunk of data.
> >> >> >> >
> >> >> >> > Actually my requirement is different.
> >> >> >> > I need to verify a large file signature.
> >> >> >> > I am getting all the details from the detached signature(pkcs7).
> >> >> >> > signer
> >> >> >> > info
> >> >> >> > etc..
> >> >> >> > I am not able to check for the data intigrity part(hash checking)
> >> >> >> > bcs
> >> >> >> > of
> >> >> >> > the
> >> >> >> > huge
> >> >> >> > amount of the data .
> >> >> >> > Is there any other method for doing so(streaming)
> >> >> >> > thanx in adv....
> >> >> >> >
> >> >> >> >
> >> >> >> >
> >> >> >> >
> >> >> >> > "Valery Pryamikov" wrote:
> >> >> >> >
> >> >> >> >> Hi,
> >> >> >> >> you simply create hash with CryptCreateHash, call CryptHashData
> >> >> >> >> passing
> >> >> >> >> it
> >> >> >> >> with chunks of data while as you read it and call
> >> >> >> >> CryptGetHashParam(...,
> >> >> >> >> HP_HASHVAL, ...) to get hash value when you ready with feeding
> >> >> >> >> data
> >> >> >> >> in.
> >> >> >> >>
> >> >> >> >> -Valery.
> >> >> >> >> http://www.harper.no/valery
> >> >> >> >>
> >> >> >> >> "Param" <Param@discussions.microsoft.com> wrote in message
> >> >> >> >> news:B3EE380A-F720-41A2-866D-9F201EBBD145@microsoft.com...
> >> >> >> >> > Hi,
> >> >> >> >> > How do i create hash of a 500MB using CryptoAPI?
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >> >>
> >> >>
> >>
> >>
> >>
>
>
>
- Next message: Param: "Re: Computing Hash"
- Previous message: Niklas: "Re: question about CertCreateCertificateContext"
- In reply to: Valery Pryamikov: "Re: Computing Hash"
- Next in thread: Valery Pryamikov: "Re: Computing Hash"
- Reply: Valery Pryamikov: "Re: Computing Hash"
- Reply: Daniel Sie [MSFT]: "Re: Computing Hash"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
