 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / Interop / June 2005CAPICOM: Utilities.ByteArrayToBinaryString and odd number of bytes
Hi, I know this subject has been brought up before, but I noticed that several solutions were suggested, so I ask: [1] Is it really true that Utilities.ByteArrayToBinaryString does not correctly handle the convertion of byte arrays with an odd number of bytes ? I do have a problem validating (detached) pkcs7 signatures made on binary files with an odd length, but I´d like to confirm this is still an issue (as of capicom 2). [2] If it is true, what is the recommended solution ? Is there a solution for platforms other than .Net (for example, Delphi ou VC-6) ? Thank you very much ! Yes, [1] is still an issue. Truncates to even number of bytes. Workaround is to disass/reass. Google search to show the required modifications. - Mitch Gallant MVP Security Hi, I know this subject has been brought up before, but I noticed that several solutions were suggested, so I ask: [1] Is it really true that Utilities.ByteArrayToBinaryString does not correctly handle the convertion of byte arrays with an odd number of bytes ? I do have a problem validating (detached) pkcs7 signatures made on binary files with an odd length, but I´d like to confirm this is still an issue (as of capicom 2). [2] If it is true, what is the recommended solution ? Is there a solution for platforms other than .Net (for example, Delphi ou VC-6) ? Thank you very much ! Hi, I found the article in "http://www.dotnet247.com/247reference/msgs/27/136569.aspx", but I would like to know what are the exact implications of performing the steps below, so I can implement a solution for the same problem in Delphi/Win32... Do I still need to add (at some point) an "extra" byte if I have an odd number of bytes in the binary file ? Because, if I have to, I think the validation of the signature will no longer work for other implementations (such as openssl). /// 1. tlbimp capicom.dll /out:capicomrcw.dll /// 2. ildasm /out:capicomrcw.il capicomrcw.dll /// 3. edit capicomrcw.il using your favorite text editor /// a. find all occurences of Certificate::Export method in the class /// and interface sections (should have 4). /// b. replace the line "instance string" with "instance native int" /// c. delete the line "marshal( bstr )" /// 4. Save the changes /// 5. del capicomrcw.dll /// 6. ilasm /dll capicomrcw.il /res:capicomrcw. One more thing... by analyzing the code below (method MyCertificateImport() in the example), I imagine that, if the size of the original byte[] (byteCert) was odd, then we´ll have *three* extra null bytes passed to the constructor of IntPrt. If the last two would indicate an "end of string", then what happens to the third ? If I were to employ the same tecnhique to signing odd-length binary files, would other implementations still be able to verify the signatures against the original files ? Thank you ! (...) byte[] bstr = new byte[((byteCert.Length + 1) & 0xfffe) + 6]; #if DEBUG // Output debug info. Console.WriteLine("BSTR Length = {0}", bstr.Length); #endif // We can only do this in unsafe mode. unsafe { fixed(byte * pbstr = bstr) { int * pInt = (int *) pbstr; // Set the BSTR length. *pInt = byteCert.Length; // Copy the BSTR content. Buffer.BlockCopy(byteCert, 0, bstr, 4, byteCert.Length); // Point pass the length. fixed(byte * bstrPtr = &bstr[4]) { certificate.Import(new IntPrt(bstrPtr)); } (...) Hi, I think I have solved the problem for Delphi/Win32... By editing the "type library import" file and changing the declared type of SignedData.Content to "string" (it was "widestring", which happens to represent a string as UTF-16 little endian). I don´t know if the solution is a good one (and I will still work on it, perhaps I do not have to use a "string" after all, which seems expensive); however, should anyone find it may be useful, I can post it here. Thank you !
Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.