Cryptography - File Signing

[Allen Holman]

I need to sign files with the same technique on both my
PC and my PDA. Below is the code I currently have on my
PC.
--------------------------------------------------------
public bool SignFile()
{
bool bSuccess = false;
try
{
FileStream fileStream = null;
SHA1 hash = new SHA1CryptoServiceProvider();
byte []
hashCode = null,
signedData = null;
RSACryptoServiceProvider
RSASign = new RSACryptoServiceProvider();
// Compute the SHA1 hash code for the import file
fileStream = File.Open(strFileName, FileMode.Open,
FileAccess.Read, FileShare.None);
hashCode = hash.ComputeHash(fileStream);
fileStream.Close();
// Encrypt the hashCode using the private RSA key
RSASign.FromXmlString(strXMLPrivateKey);
// The second argument is the NIST OSE Implementors
// Workshop (OIW) Security SIG algorithm identifiers
// for the sha1 hash algorithm
signedData = RSASign.SignHash(
hashCode, "1.3.14.3.2.26");
fileStream = File.Open(strFileName + ".Signature",
FileMode.OpenOrCreate, FileAccess.Write,
FileShare.None);
fileStream.Write(signedData, 0, signedData.Length);
fileStream.Close();
bSuccess = true;
}
catch
{
bSuccess = false;
}
return bSuccess;
}

Here is the code for my PDA.
-------------------------------------------------------
public unsafe void SignFile(string strImportFileName)
{
const int iBufferSize = 1024;
IntPtr
hKey = (IntPtr)0,
hProvider = (IntPtr)0,
hHash = (IntPtr)0;
byte []
bHashData = new byte[iBufferSize],
bSignature = null;
int
iBytesRead = 0,
iLgth = 0;
FileStream
stream = null;

// Encrypt the file
if (CryptAcquireContext(ref hProvider, null, null,
RSA_PROV_FULL, 0))
{
// Replace CryptGenKey with CryptImportKey when working
if (CryptGenKey(hProvider, AT_SIGNATURE,
CRYPT_EXPORTABLE, ref hKey))
{
if (CryptCreateHash(hProvider, CALG_SHA1,
(IntPtr)0, 0, ref hHash))
{
stream = File.OpenRead(strImportFileName);
iBytesRead = stream.Read(bHashData, 0,
iBufferSize);
while (iBytesRead > 0)
{
CryptHashData(hHash,bHashData,iBytesRead,0);
iBytesRead = stream.Read(bHashData, 0,
iBufferSize);
}
stream.Close();
iLgth = iBufferSize;
CryptSignHash(hHash,AT_SIGNATURE,null,0,null,
ref iLgth);
bSignature = new byte[iLgth];
CryptSignHash(hHash, AT_SIGNATURE, null, 0,
bSignature,ref iLgth);
stream = File.OpenWrite(strImportFileName
+ ".Signature");
stream.Write(bSignature,0,iLgth);
stream.Close();
CryptDestroyHash(hHash);
}
}
CryptReleaseContext(hProvider,0);
}
}

Any assistance in getting the two code to produced
identical hashes and signed hashes will be appreciated.

Allen

 

[Yan-Hong Huang[MSFT]]

Hello Allen,

I am looking for somebody who could help you on it. Thanks.

Best regards,
Yanhong Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
!Content-Class: urn:content-classes:message
!From: "Allen Holman" <[email protected]>
!Sender: "Allen Holman" <[email protected]>
!Subject: Cryptography - File Signing
!Date: Wed, 30 Jul 2003 06:29:40 -0700
!Lines: 104
!Message-ID: <[email protected]>
!MIME-Version: 1.0
!Content-Type: text/plain;
! charset="iso-8859-1"
!Content-Transfer-Encoding: 7bit
!X-Newsreader: Microsoft CDO for Windows 2000
!X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
!Thread-Index: AcNWnqEXDoi3tHtcTdOErhgv2gh1bA==
!Newsgroups: microsoft.public.dotnet.framework
!Path: cpmsftngxa06.phx.gbl
!Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.framework:50121
!NNTP-Posting-Host: TK2MSFTNGXA14 10.40.1.166
!X-Tomcat-NG: microsoft.public.dotnet.framework
!
!I need to sign files with the same technique on both my
!PC and my PDA. Below is the code I currently have on my
!PC.
!--------------------------------------------------------
!public bool SignFile()
!{
!bool bSuccess = false;
!try
! {
! FileStream fileStream = null;
! SHA1 hash = new SHA1CryptoServiceProvider();
! byte []
! hashCode = null,
! signedData = null;
! RSACryptoServiceProvider
! RSASign = new RSACryptoServiceProvider();
! // Compute the SHA1 hash code for the import file
! fileStream = File.Open(strFileName, FileMode.Open,
! FileAccess.Read, FileShare.None);
! hashCode = hash.ComputeHash(fileStream);
! fileStream.Close();
! // Encrypt the hashCode using the private RSA key
! RSASign.FromXmlString(strXMLPrivateKey);
! // The second argument is the NIST OSE Implementors
! // Workshop (OIW) Security SIG algorithm identifiers
! // for the sha1 hash algorithm
! signedData = RSASign.SignHash(
! hashCode, "1.3.14.3.2.26");
! fileStream = File.Open(strFileName + ".Signature",
! FileMode.OpenOrCreate, FileAccess.Write,
! FileShare.None);
! fileStream.Write(signedData, 0, signedData.Length);
! fileStream.Close();
! bSuccess = true;
! }
! catch
! {
! bSuccess = false;
! }
! return bSuccess;
!}
!
!Here is the code for my PDA.
!-------------------------------------------------------
!public unsafe void SignFile(string strImportFileName)
!{
!const int iBufferSize = 1024;
!IntPtr
! hKey = (IntPtr)0,
! hProvider = (IntPtr)0,
! hHash = (IntPtr)0;
!byte []
! bHashData = new byte[iBufferSize],
! bSignature = null;
!int
! iBytesRead = 0,
! iLgth = 0;
!FileStream
! stream = null;
!
!// Encrypt the file
!if (CryptAcquireContext(ref hProvider, null, null,
! RSA_PROV_FULL, 0))
! {
! // Replace CryptGenKey with CryptImportKey when working
! if (CryptGenKey(hProvider, AT_SIGNATURE,
! CRYPT_EXPORTABLE, ref hKey))
! {
! if (CryptCreateHash(hProvider, CALG_SHA1,
! (IntPtr)0, 0, ref hHash))
! {
! stream = File.OpenRead(strImportFileName);
! iBytesRead = stream.Read(bHashData, 0,
! iBufferSize);
! while (iBytesRead > 0)
! {
! CryptHashData(hHash,bHashData,iBytesRead,0);
! iBytesRead = stream.Read(bHashData, 0,
! iBufferSize);
! }
! stream.Close();
! iLgth = iBufferSize;
! CryptSignHash(hHash,AT_SIGNATURE,null,0,null,
! ref iLgth);
! bSignature = new byte[iLgth];
! CryptSignHash(hHash, AT_SIGNATURE, null, 0,
! bSignature,ref iLgth);
! stream = File.OpenWrite(strImportFileName
! + ".Signature");
! stream.Write(bSignature,0,iLgth);
! stream.Close();
! CryptDestroyHash(hHash);
! }
! }
! CryptReleaseContext(hProvider,0);
! }
!}
!
!Any assistance in getting the two code to produced
!identical hashes and signed hashes will be appreciated.
!
!Allen
!
!
!

 

[Prab]

Allen,

.NET classes will return the signature bytes in big endian format.

Crypto API will always return the signature bytes in little endian format.

To interoperate reverse the signature bytes returned from CryptSignHash()
Crypto API. The signature should match after the reverse operation as long
as you are using the same RSA private key to sign on both sides.

In the code where you P/Invoke to call Crypto API simply use Array.Reverse
as below.

CryptSignHash(hHash,AT_SIGNATURE,null,0,null,
ref iLgth);
bSignature = new byte[iLgth];
CryptSignHash(hHash, AT_SIGNATURE, null, 0,
bSignature,ref iLgth);
stream = File.OpenWrite(strImportFileName
+ ".Sig1");
Array.Reverse(bSignature);
stream.Write(bSignature,0,iLgth);
stream.Close();

Thanks,
Prab

--------------------

Content-Class: urn:content-classes:message
From: "Allen Holman" <[email protected]>
Sender: "Allen Holman" <[email protected]>
Subject: Cryptography - File Signing
Date: Wed, 30 Jul 2003 06:29:40 -0700
Lines: 104
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
Thread-Index: AcNWnqEXDoi3tHtcTdOErhgv2gh1bA==
Newsgroups: microsoft.public.dotnet.framework
Path: cpmsftngxa06.phx.gbl
Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.framework:50121
NNTP-Posting-Host: TK2MSFTNGXA14 10.40.1.166
X-Tomcat-NG: microsoft.public.dotnet.framework

I need to sign files with the same technique on both my
PC and my PDA. Below is the code I currently have on my
PC.
--------------------------------------------------------
public bool SignFile()
{
bool bSuccess = false;
try
{
FileStream fileStream = null;
SHA1 hash = new SHA1CryptoServiceProvider();
byte []
hashCode = null,
signedData = null;
RSACryptoServiceProvider
RSASign = new RSACryptoServiceProvider();
// Compute the SHA1 hash code for the import file
fileStream = File.Open(strFileName, FileMode.Open,
FileAccess.Read, FileShare.None);
hashCode = hash.ComputeHash(fileStream);
fileStream.Close();
// Encrypt the hashCode using the private RSA key
RSASign.FromXmlString(strXMLPrivateKey);
// The second argument is the NIST OSE Implementors
// Workshop (OIW) Security SIG algorithm identifiers
// for the sha1 hash algorithm
signedData = RSASign.SignHash(
hashCode, "1.3.14.3.2.26");
fileStream = File.Open(strFileName + ".Signature",
FileMode.OpenOrCreate, FileAccess.Write,
FileShare.None);
fileStream.Write(signedData, 0, signedData.Length);
fileStream.Close();
bSuccess = true;
}
catch
{
bSuccess = false;
}
return bSuccess;
}

Here is the code for my PDA.
-------------------------------------------------------
public unsafe void SignFile(string strImportFileName)
{
const int iBufferSize = 1024;
IntPtr
hKey = (IntPtr)0,
hProvider = (IntPtr)0,
hHash = (IntPtr)0;
byte []
bHashData = new byte[iBufferSize],
bSignature = null;
int
iBytesRead = 0,
iLgth = 0;
FileStream
stream = null;

// Encrypt the file
if (CryptAcquireContext(ref hProvider, null, null,
RSA_PROV_FULL, 0))
{
// Replace CryptGenKey with CryptImportKey when working
if (CryptGenKey(hProvider, AT_SIGNATURE,
CRYPT_EXPORTABLE, ref hKey))
{
if (CryptCreateHash(hProvider, CALG_SHA1,
(IntPtr)0, 0, ref hHash))
{
stream = File.OpenRead(strImportFileName);
iBytesRead = stream.Read(bHashData, 0,
iBufferSize);
while (iBytesRead > 0)
{
CryptHashData(hHash,bHashData,iBytesRead,0);
iBytesRead = stream.Read(bHashData, 0,
iBufferSize);
}
stream.Close();
iLgth = iBufferSize;
CryptSignHash(hHash,AT_SIGNATURE,null,0,null,
ref iLgth);
bSignature = new byte[iLgth];
CryptSignHash(hHash, AT_SIGNATURE, null, 0,
bSignature,ref iLgth);
stream = File.OpenWrite(strImportFileName
+ ".Signature");
stream.Write(bSignature,0,iLgth);
stream.Close();
CryptDestroyHash(hHash);
}
}
CryptReleaseContext(hProvider,0);
}
}

Any assistance in getting the two code to produced
identical hashes and signed hashes will be appreciated.

Allen