[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Problem about the private key signing with SFL

Hi all,
another problem. About private key.

As I wrote, the goal of my application is
* sign a blob
* verify the signature over this blob
(very innovative ...  :-))

I want to use Crypto++ 3.1 free token library, md5RSA or sha1RSA
signature over that blob and produce a CMS object with or without
with or without signer's certificate, with or without certification path
Platform: Win32, Compiler VisualC++ 6.0 (within VisualStudio) Professional
with SP3
SFL version 1.6 (Free3 CTIL compiled with SM_FREE3_RSA_INCLUDED define)

In order to try the application with a standard certificate,
I got a trial certificate from Verisign
(with automatic enrollment to the Microsoft
Enhanced Cryptographic Service Provider, the one
released with a High Encryption Pack for IE)
Main features are:
* Version3
* Public key algorithm: RSA
* Public key length: 1024 bit
* Certificate Signature Algorithm: md5RSA

Then I exported the certificate with a private key from MS local repository
to a PKCS#12 object.
Finally using openSSL 0.95a I performed following steps:

1) extraction of the private key from PKCS#12 to PEM format
(I think base64 encoded RSA format, it is not specified in openSSL docs).
The command used is:

openssl pkcs12 -in mypkcs12.p12 -nocerts -out keytemp.pem

Openssl requested password to open pkcs12 object and password
to protect pem format private key file

* transcoding from PEM format to PKCS#8 (protected with PKCS#5)
DER encoded.
The command used is:

openssl pkcs8 -in keytemp.pem -inform pem -topk8 -outform der -out

Openssl requested password to pem format key and password
to protect PKCS#8 object

Now the application. Some key source code line:

* For login:
	SME(pES_AppLogin= (CSM_AppLogin *) new
	pCSMIME = (CSMIME *)pES_AppLogin;

Following previous mails between Bob and Jonathan (about default alg - DSA -
Free3 CTIL) I added following code

	pDigestAlgOID = new CSM_OID(md5);
	pDig_EncAlgOID = new CSM_OID(md5WithRSAEncryption);
	pCurr_CSInst->SetPreferredCSInstAlgs(pDigestAlgOID ,
		pDig_EncAlgOID , NULL, NULL);

Because of the fact that the application had produced a PKCS#7 object
containing SignedData without SignerInfos/SignerInfo data, I debugged the
and I saw that before calling SMTI_Sign method it was controlled that
Applicable bit value within CSM_CInst instance was true.
So I added following code:


* For instancing and preparing CSM_MsgToSign object

	CSM_Buffer *p;

	m_pESSignMsg= (CSM_MsgToSign *) new CSM_MsgToSign(p);

	// CMS (RFC 2630) OID definition for SignedData type

	m_pESSignMsg->m_bIssOrSki = false;			//Usa IssuerAndSerialNumber

	// for the following flag: true->enveloping signature
	// false->detached signature

* For signing

	if ((ret=m_pESSignMsg->Sign(pCSMIME))==SM_NO_ERROR)
		CSM_Buffer *pbufContent=m_pESSignMsg->GetEncodedContentInfo();
		delete pbufContent;


The problem:

The application return to me following exception:


 ERROR INFORMATION: PrivateKeyInfo::BDec: ERROR - wrong tag

        FILE: f:\tesi\smimer1.6\alg_libs\sm_free3\sm_free3.cpp
        FUNCTION: CSM_Free3::DecryptPrivateKey

CSM_Free3::SMTI_Sign IN f:\tesi\smimer1.6\alg_libs\sm_free3\sm_free3.cpp,
line 8
CSM_SignBuf::SignBuf IN f:\tesi\smimer1.6\libcert\src\sm_signbuf.cpp, line
ProduceSignerInfo IN F:\Tesi\smimeR1.6\libsrc\hilevel\sm_Sign.cpp, line 301.
UpdateSignedDataSIs IN F:\Tesi\smimeR1.6\libsrc\hilevel\sm_Sign.cpp, line
Sign IN F:\Tesi\smimeR1.6\libsrc\hilevel\sm_Sign.cpp, line -1.
sign IN f:\tesi\es\escmd\src\escmd.cpp, line -1.

I can't debug the application within SMTI_Sign (CSM_TokenInterface
class or, better, CSM_Free3 class) method because
for the following code in sm_SignBuf.cpp

             pSigBuf,                // returned result
             pDigest));               // data digest (Hash of Content)

the behavior of F11(step into) debug command is similar to F10 (step over),
so I can't see values of various structures within the objects (from
CSM_AppLogin and
CSM_MsgToSign classes) just before exception is generated.

I thinked I have compiled SFL with bad options, so
I tried to verify key management
using command
auto_hid.exe lolevel\crypto.cfg:
it returned to me no message (The meaning is:
Test passed?).
I tried to change randomly password in
a free3 section of the crypto.cfg file
ant it returned to me no message ...
So I can't understand if SFL libraries have been built

Finally trying to generate a certificate using
1) Using dialog box I can generate
certificate only with DSA public key
(which way for storing generated private key?)
2) Using a config file (e.g. DaisyRSA.cfg included
in SFL package) CertificateBuilder returns an error
(in libcert)


Now the questions:

1) Is my usage of pCurr_CSInst->SetApplicable(true)
method correct or the use it's not mandatory (and I
had to use it because I forgot something else?)

2) Did I do something wrong while estracting private key
from PKCS#12 and converting to PKCS#8? Which is the
right way for obtaining a private key file suitable for
SFL Free3 CTIL ?
There is some requirement for the password
(length and others)?

3) Which way can I generate a couple private-public key
RSA and a public key certificate signed using md5RSA
or sha1RSA algorithms using CertificateBuilder (either
using dialog windows or config file)?
I tried to do the above operations but I wasn't able to force
CertificateBuilder to use RSA algorithm and store private
key somewhere into a file.

The following questions aren't related to private key problem

3) Using the constructor
(with DLLBuildParam="SM_FREE3DLL certsign.der keysign.p8 password sm_FREE3")
the last parameter, token ID (sm_FREE3), is ininfluent, because is the

*CSM_Free3::AddLoginStatic method which copies ID string (FREE3) to a buffer
pointed by the pointer passed as parameter, in the above case pointer to

The only need is passing a string with length equal or greather than FREE3
in order to allocate string buffer memory large enough for th copy made
by AddLoginStatic method

It's true? If yes, why?

4) What's the difference between sha_1WithRSAEncryption
and sha_1WithRSAEncryption_ALT AsnOid contants?

5) Have you (Wang) planned a CTIL for a MSCryptoAPI?
Someone else had developed it?


Gianluca Ramunno (ramunno@xxxxxxxxx)