[MS Crypt API][原]计算文件签名


#include <wincrypt.h>
void MSCrptAPIGenFileSignatue_byFileHash(CONST PBYTE pbyFileHashData,
CONST DWORD dwHashDataSize,)
{
//Signature method1: Sign Hash Data
DWORD dwProvType = PROV_RSA_AES;
//#define CALG_SHA_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256)
//#define ALG_SID_SHA_256 12
ALG_ID hashAlgo = ALG_CLASS_HASH | ALG_TYPE_ANY | 12;//CALG_SHA_256 compile error ??????????
if (AlgorithmType_SHA1 == emAlgorithmType)
{
dwProvType = PROV_RSA_FULL;
hashAlgo = CALG_SHA1;
}

if( !CryptAcquireContextA( &hProv, "SAIO_CERT", NULL, dwProvType, 0) )
{
if( !CryptAcquireContextA( &hProv, "SAIO_CERT", NULL,dwProvType, CRYPT_NEWKEYSET))
{
dwRet = ERR_HSM_SIGN_DATA;
goto END;
}
}

WriteBufferToFile("HashData.bin", pbyFileHashData, dwHashDataSize);
//ReverseBuffer(pbyFileHashData, dwHashDataSize);
//WriteBufferToFile("HashData2.bin", pbyFileHashData, dwHashDataSize);
if (!CryptCreateHash(hProv, hashAlgo, 0, 0, &hHash))
{
dwRet = ERR_HSM_SIGN_DATA;
goto END;
}

if (!CryptSetHashParam(hHash, HP_HASHVAL, pbyFileHashData, 0))
{
dwRet = ERR_HSM_SIGN_DATA;
goto END;
}


BYTE byTempPrivateKeyBuffer[PRIVATE_KEY_4096_SIZE] = {0};
DWORD dwPrivteSize = sizeof(byTempPrivateKeyBuffer);
string strPrvKeyFileName = "..\\Data\\Sign\\Input\\";
strPrvKeyFileName += lpHSMKeyName;

//Read private key buffer from file
ReadBufferFromFile(strPrvKeyFileName.c_str(), byTempPrivateKeyBuffer, &dwPrivteSize);
if (!CryptImportKey(hProv, byTempPrivateKeyBuffer, dwPrivteSize, 0, 0, &hKey))
{
dwRet = ERR_HSM_SIGN_DATA;
goto END;
}

if (!CryptSignHash(hHash, AT_SIGNATURE, NULL, NULL, NULL, pdwSignatureDataSize))
{
dwRet = ERR_HSM_SIGN_DATA;
goto END;
}

if (!CryptSignHash(hHash, AT_SIGNATURE, NULL, NULL, pbySignatureData, pdwSignatureDataSize))
{
dwRet = ERR_HSM_SIGN_DATA;
goto END;
}

ReverseBuffer(pbySignatureData, *pdwSignatureDataSize);
WriteBufferToFile("File_Data.sign", pbySignatureData, *pdwSignatureDataSize);
}

void MSCrptAPIGenFileSignatue_byFile()
{
BOOL bRet = FALSE;
HCRYPTPROV hProv = 0;
HCRYPTHASH hHash = 0;
HCRYPTKEY hKey = 0;
HANDLE hFile = NULL;
DWORD dwFileSize = 0, len;
BYTE byTempBuf[2049] = {0};

hFile = CreateFile(lpszCataFileName, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if (INVALID_HANDLE_VALUE == hFile)
{
return FALSE;
}

DWORD dwProvType = PROV_RSA_AES;
ALG_ID hashAlgo = CALG_SHA_256;
if (AlgorithmType_SHA1 == emAlAlgorithmType)
{
dwProvType = PROV_RSA_FULL;
hashAlgo = CALG_SHA1;
}

if (!CryptAcquireContext(&hProv, SAIO_CSP, NULL, dwProvType, 0))
{
if (GetLastError() == NTE_BAD_KEYSET)
{
if(!CryptAcquireContext(&hProv,SAIO_CSP,NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET))
{
goto HashExit;
}
}
}

//
// Create a hash object.
//
DWORD dwError = 0;
if ( !CryptCreateHash(hProv, hashAlgo ,0 ,0 ,&hHash))
{
dwError = GetLastError();
goto HashExit;
}

dwFileSize = GetFileSize(hFile, NULL);
while(dwFileSize != 0)
{
bRet = ReadFile(hFile, byTempBuf, 2048, &len, NULL);
//
// Check for end of file.
//
if (bRet && len==0)
{
break;
}

CryptHashData(hHash, byTempBuf, len, 0);
dwFileSize -= len;
}

if (hFile != NULL)
{
CloseHandle(hFile);
}

//----------------------------------------------------------------
// 4. Import Private Key to CSP.
// The return hKey is not used here.
dwRet = ImportCryptKey(hProv, m_cPrivateKeyBuffer.GetBuffer(), m_cPrivateKeyBuffer.GetLength(), &hKey);
if (dwRet != ERR_OK)
{
goto END;
}

//----------------------------------------------------------------
// 5. Sign hash and then write the signed hash (digital signature)
// to Certificate buffer (Cert)
//
// Here we sign hash instead of data (cTempBuf).
// Because all signature algorithms are asymmetric and thus slow,
// the CryptoAPI does not allow data to be signed directly.
// Instead, data is first hashed and CryptSignHash is used to sign the hash.
dwBufferLen = 0;
if (!CryptSignHash(hHash, AT_SIGNATURE, NULL, 0, NULL, &dwBufferLen))
{
dwRet = ERR_SIGN_HASH;
goto HashExit;
}

if (!CryptSignHash(hHash, AT_SIGNATURE,NULL, 0, m_cSaioCert.sign, &dwBufferLen))
{
dwRet = ERR_SIGN_HASH;
goto HashExit;
}

if (dwBufferLen > MAX_SIGN_LEN)
{
dwRet = ERR_SIGN_HASH;
goto HashExit;
}

HashExit:
if (hKey != NULL)
{
CryptDestroyKey(hKey);
}

if (hHash != NULL)
{
CryptDestroyHash(hHash);
}

if (hProv != NULL)
{
CryptReleaseContext(hProv, 0);
}

return bRet;
}
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值