login about faq


I work with the RSA encrypt on SQL to create a sign key, and now I found a problem, one among 133 signatures of documents says that is not correct, comparing it to a openssl signature with the same string to encode it gives a different result and can not figure it out why.

This is serius because the documents are sent to Portugal tax system and can not have errors like this kind.

when i try to validate the openssl signature it says it is ok.

this is the string to encode:

 '2013-01-30;2013-01-30T12:20:58;NUMF 1/130117;3201.44;uq9KiaRYiWsUuFL/zCz4/m1JHZkp3drVyKR+VshhuorMRg/hIwa7oAxQROQtwAQxcsOt8fuS+kXvrmeHzSVnnnpnXA3xTrhugvpkuz85ZrtHljAwqxDLlscMHmxTzBFuJxTyKVQ5gzz7WJGqRYz3U96ATKER/mX5E2ZPRPLVfyg='
this is the SQL used:

 --CREATE PROC SP_Vendas_GeraChaveDocumento 
declare @DadosAEncriptar nvarchar(4000), @Hash nvarchar(200) , @Versao int  
select @DadosAEncriptar='2013-01-30;2013-01-30T12:20:58;NUMF 1/130117;3201.44;uq9KiaRYiWsUuFL/zCz4/m1JHZkp3drVyKR+VshhuorMRg/hIwa7oAxQROQtwAQxcsOt8fuS+kXvrmeHzSVnnnpnXA3xTrhugvpkuz85ZrtHljAwqxDLlscMHmxTzBFuJxTyKVQ5gzz7WJGqRYz3U96ATKER/mX5E2ZPRPLVfyg='

DECLARE @hr int, @sTmp0 nvarchar(4000), @success int, @pkeyXml nvarchar(4000), @rsa int
-- Inicia a versão da chave privada
    SELECT @Versao = 1
-- Inicia chave privada em formato XML
    SELECT @pkeyXml = N'<rsakeyvalue><modulus>6SnPpnuwThJwwxhsD8j2wqYm8Y5gSw62y0peXOkYiMZQj/1vhc0a93fEg9hoi3amDYL6B/uavJeByan8WsifdPbsIJ1lCKRtyUI3iI8LuRfAZhuwxxmW2b4F79s4VQCwPFpKrQ0sj9GpRW56dLcGZLdgjXjNPhQWJxaDduZWkfs=</modulus><exponent>AQAB</exponent>


7lGaCCOLWa2JCzBUc4Z4Vds/W7gGsPSYf/I76jz+O0E+op3x5jsTklTp1uawg8dWxacY1nPOcbJ1mL5v+vS5Xw==<dp>Pt3mU1DGroJIXO2syfVP0sMlRqz8r3d+lEGtNQrEEplK/bg/ZSNyj9ll+4HgUFDY36LbURDCoJt8TymLkFa6yQ==</dp><dq>K/t1YPEmY5uKQj1eKJ/1j2rSK5wv5/KMPni3JAizpr3o0Fwz65iViRkQuu+CPh/I3Nt00wc2X3dfCpyC0B7gIw==</dq><inverseq>uaPWPpV1nnKwHfzMJAcBXuHOFrqsfvKa3hzxDoEhJh9ICRi8YIdEC2PjbV6BqJaZJ0LL1EXWELjslBUAS9HWFg==</inverseq><d>GvmJWnto1D9x6EBFEDZxxecvDjcokMZtA2vhKuKUwg4fd+kcI+CsxACJLa+1uJzLbTi/8Hh9WGA21bvixCX9vHPgYULPbRYImNOTqMu9LR0KgUjvBeyuwqLyFOA0utSTvYUsyG8mM90KKwRuxEn2GD+gvzUFSMvFqmJYvIsQe5E=</d></rsakeyvalue>' -- Cria objecto p/ hash e encriptação RSA EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa OUTPUT IF @hr <> 0 BEGIN RAISERROR('Failed to create ActiveX component.', 10, 1) RETURN END -- Any string argument automatically begins the 30-day trial. EXEC sp_OAMethod @rsa, 'UnlockComponent', @success OUTPUT, '' IF @success <> 1 BEGIN EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUTPUT RAISERROR(@sTmp0, 10, 1) RETURN END -- Importa chave privada no objecto RSA criado EXEC sp_OAMethod @rsa, 'ImportPrivateKey', @success OUTPUT, @pkeyXml IF @success <> 1 BEGIN EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUTPUT RAISERROR(@sTmp0, 10, 1) RETURN END -- Altera propriedade LittleEndian do objecto RSA para BigEndian EXEC sp_OASetProperty @rsa, 'LittleEndian', 0 -- EXEC sp_OASetProperty @rsa, 'Charset', 'ansi' -- Altera propriedade EncodingMode do objecto RSA para base64 EXEC sp_OASetProperty @rsa, 'EncodingMode', 'base64' -- Calcula hash através do algoritmo SHA-1, e depois encipta o hash --EXEC sp_OAMethod @rsa, 'OpenSslSignStringENC', @HASH OUTPUT, @DadosAEncriptar--, 'SHA-1' EXEC sp_OAMethod @rsa, 'SignStringENC', @Hash OUTPUT, @DadosAEncriptar, 'SHA-1' select @hash
-- --this returns the key

and openssl returns:

Can anyone help on this strange case? Thanks

asked Feb 08 '13 at 04:56

Peter's gravatar image


edited Feb 11 '13 at 12:43

Please format this post in a more readable way using "<pre>" tags..


answered Feb 08 '13 at 08:32

chilkat's gravatar image

chilkat ♦♦

Formated as advised, thanks


answered Feb 11 '13 at 12:45

Peter's gravatar image


Make sure you are using the very latest version of the Chilkat RSA ActiveX (v9.4.0). Examine the LastErrorText property after any method call to verify that this is the case. Check to make sure the "DllDate" line within the LastErrorText is a date from Dec. 2012 and not earlier.


answered Feb 18 '13 at 08:08

chilkat's gravatar image

chilkat ♦♦

how do you verify the hash code generated with the public key? with's method should i use?


answered Dec 31 '13 at 09:09

Paulo's gravatar image


Since this is a new question, you should start a new thread.

(Dec 31 '13 at 11:50) jpbro ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Feb 08 '13 at 04:56

Seen: 2,927 times

Last updated: Dec 31 '13 at 11:50

powered by OSQA