飞天诚信usbkey中签名与验证的示例代码,前提是一个usbkey中有一对公私钥对,另一个usbkey中也有一对公私钥对. 这里都没有通过证书验证的
#include "stdafx.h"
#define TEST_CSP_NAME "FEITIAN ePassNG RSA Cryptographic Service Provider"
#define KEY_CA_CONTAINER "CSPKeyTest"
void HandleError(char *s)
{
fprintf(stderr,"An error occurred in running the program. \n");
fprintf(stderr,"%s\n",s);
fprintf(stderr, "Error number %x.\n", GetLastError());
fprintf(stderr, "Program terminating. \n");
exit(1);
} // End of HandleError
void sign( BYTE* pbBuffer, BYTE** Signature, DWORD* SigLen)
{
HCRYPTPROV hCryptProv = 0;
HCRYPTHASH hHash;
DWORD dwBufferLen = strlen((char *)pbBuffer)+1;
LPTSTR szDescription = "Test Data Description";
DWORD dwSigLen;
// To initialize the ePassNG CSP
if(CryptAcquireContext(
&hCryptProv,
KEY_CA_CONTAINER,
TEST_CSP_NAME,
PROV_RSA_FULL,
CRYPT_NEWKEYSET))
{
printf("ePassNG CSP has been acquired. \n");
}
else if (GetLastError() == NTE_EXISTS)
{
if(CryptAcquireContext(
&hCryptProv,
KEY_CA_CONTAINER,
TEST_CSP_NAME,
PROV_RSA_FULL,
0))
{
printf("ePassNG CSP has been opened. \n");
}
else
{
HandleError("CryptAcquireContext failed.");
}
}
else
{
HandleError("CryptAcquireContext failed.");
}
// 从密钥容器中取数字签名用的密钥
HCRYPTKEY hKey = 0;
if(CryptGetUserKey(
hCryptProv,
AT_SIGNATURE,
&hKey))
{
printf("The signature key has been acquired. \n");
}
else
{
if(GetLastError() == NTE_NO_KEY) //密钥容器里不存在signature key pair创建之
{
if(CryptGenKey(
hCryptProv, //CSP句柄
AT_SIGNATURE, //创建的密钥对类型为signature key pair
0, //key类型,这里用默认值
&hKey)) //创建成功返回新创建的密钥对的句柄
{
printf("Created a signature key pair.\n");
}
else