|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
|
C# // The dataToSign byte array holds the data to be signed. ContentInfo contentInfo = new ContentInfo(dataToSign); // Create a new, nondetached SignedCms message. SignedCms signedCms = new SignedCms(contentInfo); // Sign the message. signedCms.ComputeSignature(); // Encode the message. byte[] myCmsMessage = signedCms.Encode(); // The signed CMS/PKCS #7 message is ready to send. // The original content is included in this byte array. Question: Due to the large size (100 MB) of our files, we would like to calculate the hash ourselves and include it into the digital signature. We are able to calculate the hash but we don't know how to sign this hash in the same format as in the example above (PKCS#7). where is the difference?
you won't gain performance in doing it manually... have a look at the code in reflector to see how it works / if it can be optimized --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com Show quoteHide quote > This is a .NET example for signing a message: > > C# > > // The dataToSign byte array holds the data to be signed. ContentInfo > contentInfo = new ContentInfo(dataToSign); > > // Create a new, nondetached SignedCms message. > SignedCms signedCms = new SignedCms(contentInfo); > // Sign the message. > signedCms.ComputeSignature(); > // Encode the message. > byte[] myCmsMessage = signedCms.Encode(); > // The signed CMS/PKCS #7 message is ready to send. // The original > content is included in this byte array. > > Question: > Due to the large size (100 MB) of our files, we would like to > calculate the > hash ourselves and include it into the digital signature. We are able > to > calculate the hash but we don't know how to sign this hash in the same > format > as in the example above (PKCS#7). Hello!
You wrote on Wed, 10 May 2006 11:20:27 -0700: DBD> where is the difference? DBD> you won't gain performance in doing it manually... The difference would be that there is no need to load the whole data into memory. For example, if the data file is mapped into memory, performance will be better. 4 pryamikov: no, PKIBlackbox doesn't support this yet, so I won't recommend it here. With best regards, Eugene Mayevski > 4 pryamikov: no, PKIBlackbox doesn't support this yet, so I won't wow! what a change! :D> recommend it here. -Valery. http://www.harper.no/valery btw: this would not provide you any performance benefits on big files.
streamed file reading (with forward only stream) and hashing results while as reading takes the same (or even less) time than opening mmf and hashing memory from mmf. Try it and see yourself. I have source code for demonstrating that mmf-and-hash is no better than stream-read-and-hash for those who is interested (except 4 mayevski) ;-) -Valery. http://www.harper.no/valery :) ---------------------------------------Dominick Baier - DevelopMentor http://www.leastprivilege.com Show quoteHide quote > btw: this would not provide you any performance benefits on big files. > streamed file reading (with forward only stream) and hashing results > while as reading takes the same (or even less) time than opening mmf > and hashing memory from mmf. Try it and see yourself. > I have source code for demonstrating that mmf-and-hash is no better > than stream-read-and-hash for those who is interested (except 4 > mayevski) ;-) > -Valery. > http://www.harper.no/valery Hello!
You wrote on 12 May 2006 01:30:33 -0700: v> than stream-read-and-hash for those who is interested (except 4 v> mayevski) ;-) Poor man, you seem to vaste your time on spreading your bs. As you probably don't understand, your comments don't affect google's performance or profitability of our business. With best regards, Eugene Mayevski > ... you seem to vaste your time on spreading your bs Using profanity as an argument is a clear sign that one doesn't haveany arguments... > you probably don't understand, your comments don't affect google's performance or here you are revealed your real reasons -- posting just to increase> profitability of our business. google ranks, and for making you profit out of selling your (low quality) programs. One of the (many) differences between you and me is that I'm not posting for profit, but to help people and my postings are totally unrelated to my business... while as you are doing what is usually called "spamming" -Valery. http://www.harper.no/valery Hello!
You wrote on 12 May 2006 03:28:01 -0700: v> here you are revealed your real reasons -- posting just to increase v> google ranks, and for making you profit out of selling your (low v> quality) programs. that's what you say (c) And military and major banks think the opposite. Who should one trust? I believe, the bank and military specialists are more competent than you are. With best regards, Eugene Mayevski Well,
banks, military and government has plenty of clueless decision makers... and these are often advised by twice as many clueless and/or dishonest "experts". Many security decisions taken there are plain insecure and simply disastrous. I'm telling you - people that are not directly involved in software security business would never believe how often disastrous security decisions are actually taken in all these institutions... As about you, after reviewing some of your posts to various (mostly Delphi) newsgroups I can say (with a great deal of certainty) that you have very little clue about cryptography. Eg. can you quickly say something about security of different combinations of encryption and authentication for implementation of secure protocol? What are the requirements for the cipher, the mac, and order of their use which makes scheme generally secure?... Since this is something you are primarily working with - you should be able to answer it fairly quickly (but I seriously doubt that you'll be able to do that without serious googling first)... -Valery. http://www.harper.no/valery Hello!
You wrote on 12 May 2006 04:32:21 -0700: v> As about you, after reviewing some of your posts to various (mostly v> Delphi) newsgroups I can say (with a great deal of certainty) that you v> have very little clue about cryptography. Eg. can you quickly say You missed the whole thing. I am not a coder like you. And it's not my job to deal with general-purpose technical questions. On the other hand, I can ask you about specifics of influence of Wassenaar agreement to business in Brazil. Can you answer without googling? No. Because it's not your job. so before posting bs next time, think a little whether it is applicable. With best regards, Eugene Mayevski > I am not a coder like you. And it's not my job Then can you tell me what are you doing here???> to deal with general-purpose technical questions and if your job description is marketing - then you are not good at your job as well. afaik, the general consensus among marketing people is that spamming produces the opposite effect, and no serious marketing manager uses spamming as marketing strategy... > before posting bs next time, think a little whether it is applicable your profanity and "for-profit" group spamming is not wellcome here.-valery http://www.harper.no/valery Hello!
You wrote on 12 May 2006 07:18:12 -0700: ??>> I am not a coder like you. And it's not my job ??>> to deal with general-purpose technical questions v> Then can you tell me what are you doing here??? Currently - teasing you. In general - recommend our product to people, who benefit from using the extensive, stable and easy to use security library -- SecureBlackbox ( http://www.eldos.com/sbb/ ) [... 3-page description of the product skipped ...]. With best regards, Eugene Mayevski well, thanks to your efforts in this thread, all the readers of this
group now understand that anything you say about your program is nothing more than a marketing bs (using your words) for otherwise low-quality program. You are your worst enemy. <grin> -Valery. http://www.harper.no/valery Hello!
You wrote on 12 May 2006 08:54:43 -0700: v> well, thanks to your efforts in this thread, all the readers of this v> group now understand that anything you say about your program is v> nothing more than a marketing bs (using your words) for otherwise v> low-quality program. As you like. Your posts also help us since they attract attention to the product (the sign is not important at all). BTW thank you for the reminder, I will put the proper text to the signature to increase visibility of the product. With best regards, Eugene Mayevski www.SecureBlackbox.com - the comprehensive component suite for network security Well, that's a sad reality of Internet - sooner or later any useful
communication channel will inevitably be abused by the marketing parasites. -Valery. http://www.harper.no/valery Hello!
You wrote on 12 May 2006 09:21:09 -0700: v> Well, that's a sad reality of Internet - sooner or later any useful v> communication channel will inevitably be abused by the marketing v> parasites. And you probably collect charity to live, don't you? With best regards, Eugene Mayevski http://www.SecureBlackbox.com - the comprehensive component suite for network security did you already forget? Unlike you, I am a coder
Eugene Mayevski wrote: > I am not a coder like you. And it's not my job you wrote it yourself, don't you remember?> to deal with general-purpose technical questions eh, looks like some severe memory problems <grin> -Valery. http://www.harper.no/valery Hello!
You wrote on 12 May 2006 09:48:48 -0700: v> did you already forget? Unlike you, I am a coder this doesn't prevent you from collecting charity, I suppose. In all other cases, you are involved into some commercial activity (either directly or indirectly). Even military and state organizations are fed by businesses, who pay taxes. And blaming the things that feed you seems quite strange. Similar to shooting yourself at the foot. With best regards, Eugene Mayevski http://www.SecureBlackbox.com - the comprehensive component suite for network security there is a big difference between collecting charity by spamming and
lying (as you do) and earning living by coding (as I do). <grin> sorry that you don't understand that... -valery http://www.harper.no/valery P.S. this was my last post to that thread - there is no need to prove anything to a spammer, who acts like usenet troll and demonstrates memory and reasoning problems. <grin> come on guys! (or girls!) .. take this off line :-)
- Mitch Gallant MVP Security Show quoteHide quote "valery" <val***@harper.no> wrote in message news:1147454529.836258.141640@y43g2000cwc.googlegroups.com... > there is a big difference between collecting charity by spamming and > lying (as you do) > and earning living by coding (as I do). <grin> > > sorry that you don't understand that... > > -valery > http://www.harper.no/valery > > P.S. this was my last post to that thread - there is no need to prove > anything to a spammer, who acts like usenet troll and demonstrates > memory and reasoning problems. <grin> > Hello!
You wrote on Fri, 12 May 2006 16:12:38 -0400: MG> come on guys! (or girls!) .. take this off line 0%...50%..100% complete :) With best regards, Eugene Mayevski We are receiving the data files from a different system. Because the data
files are 100 MB, we only want to receive a hashed data file and then we want to sign this hash. We also don't want to load a 100 MB file into memory. "Dominick Baier [DevelopMentor]" schreef: Show quoteHide quote > where is the difference? > > you won't gain performance in doing it manually... > > have a look at the code in reflector to see how it works / if it can be optimized > > --------------------------------------- > Dominick Baier - DevelopMentor > http://www.leastprivilege.com > > > This is a .NET example for signing a message: > > > > C# > > > > // The dataToSign byte array holds the data to be signed. ContentInfo > > contentInfo = new ContentInfo(dataToSign); > > > > // Create a new, nondetached SignedCms message. > > SignedCms signedCms = new SignedCms(contentInfo); > > // Sign the message. > > signedCms.ComputeSignature(); > > // Encode the message. > > byte[] myCmsMessage = signedCms.Encode(); > > // The signed CMS/PKCS #7 message is ready to send. // The original > > content is included in this byte array. > > > > Question: > > Due to the large size (100 MB) of our files, we would like to > > calculate the > > hash ourselves and include it into the digital signature. We are able > > to > > calculate the hash but we don't know how to sign this hash in the same > > format > > as in the example above (PKCS#7). > > > 
Other interesting topics
s4u2proxy
MD5Crypt in .net X.509 - Create Programmatically 401 generic error handler. Please help System.Security.Permissions.FileIOPermission Error Windows Identity within Forms Authentication in ASP.NET Windows logon from external program/service VS projects on network drives Decryption Not working in VB.net Securing DropDown in ASP.Net |
|||||||||||||||||||||||
