[MS Crypt API][原]计算文件签名

jacky_dai

浏览: 373527 次
性别:
来自: 苏州

最近访客更多访客>>

星辰满天

zb872676223

庐阳玉蟠龙

nbw

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

博客分类：

MS Crypt API

#include <wincrypt.h>
void MSCrptAPIGenFileSignatue_byFileHash(CONST PBYTE pbyFileHashData,
                           CONST DWORD dwHashDataSize,)
{
        //Signature method1: Sign Hash Data
        DWORD  dwProvType = PROV_RSA_AES;
        //#define CALG_SHA_256            (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256)
        //#define ALG_SID_SHA_256                 12
        ALG_ID hashAlgo = ALG_CLASS_HASH | ALG_TYPE_ANY | 12;//CALG_SHA_256 compile error ??????????
        if (AlgorithmType_SHA1 == emAlgorithmType)
        {
            dwProvType = PROV_RSA_FULL;
            hashAlgo = CALG_SHA1;
        }

        if( !CryptAcquireContextA( &hProv, "SAIO_CERT", NULL, dwProvType, 0) ) 
        {
            if( !CryptAcquireContextA( &hProv, "SAIO_CERT", NULL,dwProvType, CRYPT_NEWKEYSET)) 
            {
                dwRet = ERR_HSM_SIGN_DATA;
                goto END;
            }
        }

        WriteBufferToFile("HashData.bin", pbyFileHashData, dwHashDataSize);
        //ReverseBuffer(pbyFileHashData, dwHashDataSize);
        //WriteBufferToFile("HashData2.bin", pbyFileHashData, dwHashDataSize);
        if (!CryptCreateHash(hProv, hashAlgo, 0, 0, &hHash))
        {
            dwRet = ERR_HSM_SIGN_DATA;
            goto END;
        }

        if (!CryptSetHashParam(hHash, HP_HASHVAL, pbyFileHashData, 0))
        {
            dwRet = ERR_HSM_SIGN_DATA;
            goto END;
        }


        BYTE byTempPrivateKeyBuffer[PRIVATE_KEY_4096_SIZE] = {0};
        DWORD dwPrivteSize = sizeof(byTempPrivateKeyBuffer);
        string strPrvKeyFileName = "..\\Data\\Sign\\Input\\";
        strPrvKeyFileName += lpHSMKeyName;

        //Read private key buffer from file
        ReadBufferFromFile(strPrvKeyFileName.c_str(), byTempPrivateKeyBuffer, &dwPrivteSize);
        if (!CryptImportKey(hProv, byTempPrivateKeyBuffer, dwPrivteSize, 0, 0, &hKey))
        {
            dwRet = ERR_HSM_SIGN_DATA;
            goto END;
        }

        if (!CryptSignHash(hHash, AT_SIGNATURE, NULL, NULL, NULL, pdwSignatureDataSize))
        {
            dwRet = ERR_HSM_SIGN_DATA;
            goto END;
        }

        if (!CryptSignHash(hHash, AT_SIGNATURE, NULL, NULL, pbySignatureData, pdwSignatureDataSize))
        {
            dwRet = ERR_HSM_SIGN_DATA;
            goto END;
        }

        ReverseBuffer(pbySignatureData, *pdwSignatureDataSize);
        WriteBufferToFile("File_Data.sign", pbySignatureData, *pdwSignatureDataSize);
}

void MSCrptAPIGenFileSignatue_byFile()
{
    BOOL bRet = FALSE;
    HCRYPTPROV hProv = 0;
    HCRYPTHASH hHash = 0;
    HCRYPTKEY hKey = 0;
    HANDLE hFile = NULL;
    DWORD dwFileSize = 0, len;
    BYTE byTempBuf[2049] = {0};

    hFile = CreateFile(lpszCataFileName, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if (INVALID_HANDLE_VALUE == hFile)
    {
        return FALSE;
    }

    DWORD  dwProvType = PROV_RSA_AES;
    ALG_ID hashAlgo = CALG_SHA_256;
    if (AlgorithmType_SHA1 == emAlAlgorithmType)
    {
        dwProvType = PROV_RSA_FULL;
        hashAlgo = CALG_SHA1;
    }

    if (!CryptAcquireContext(&hProv, SAIO_CSP, NULL, dwProvType, 0)) 
    {
        if (GetLastError() == NTE_BAD_KEYSET)
        {
            if(!CryptAcquireContext(&hProv,SAIO_CSP,NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) 
            {
                goto HashExit;
            }
        }
    }

    // 
    //     Create a hash object.
    //     
    DWORD dwError = 0;
    if ( !CryptCreateHash(hProv, hashAlgo ,0 ,0 ,&hHash))
    {
        dwError = GetLastError();
        goto HashExit;
    }

    dwFileSize = GetFileSize(hFile, NULL);
    while(dwFileSize != 0)
    {
        bRet = ReadFile(hFile, byTempBuf, 2048, &len, NULL);
        // 
        //     Check for end of file. 
        //     
        if (bRet && len==0)
        {
            break;
        }

        CryptHashData(hHash, byTempBuf, len, 0);
        dwFileSize -= len;
    }

    if (hFile != NULL)
    {
        CloseHandle(hFile);
    }

        //----------------------------------------------------------------
    // 4. Import Private Key to CSP.
    //    The return hKey is not used here.
    dwRet = ImportCryptKey(hProv, m_cPrivateKeyBuffer.GetBuffer(),      m_cPrivateKeyBuffer.GetLength(), &hKey);
    if (dwRet != ERR_OK)
    {
        goto END;
    }

    //----------------------------------------------------------------
    // 5. Sign hash and then write the signed hash (digital signature)
    //    to Certificate buffer (Cert)
    //
    //    Here we sign hash instead of data (cTempBuf).
    //    Because all signature algorithms are asymmetric and thus slow,
    //    the CryptoAPI does not allow data to be signed directly.
    //    Instead, data is first hashed and CryptSignHash is used to sign the hash.
    dwBufferLen = 0;
    if (!CryptSignHash(hHash, AT_SIGNATURE, NULL, 0, NULL, &dwBufferLen))
    {
        dwRet = ERR_SIGN_HASH;
        goto HashExit;
    }

    if (!CryptSignHash(hHash, AT_SIGNATURE,NULL, 0, m_cSaioCert.sign, &dwBufferLen))
    {
        dwRet = ERR_SIGN_HASH;
        goto HashExit;
    }

    if (dwBufferLen > MAX_SIGN_LEN)
    {
        dwRet = ERR_SIGN_HASH;
        goto HashExit;
    }

HashExit:  
    if (hKey != NULL)
    {
        CryptDestroyKey(hKey);
    }

    if (hHash != NULL)
    {
        CryptDestroyHash(hHash);
    }

    if (hProv != NULL)
    {
        CryptReleaseContext(hProv, 0);
    }

    return bRet;
}

分享到：

Perforce Server命令行备份及恢复 | [MS Crypt API][原]计算文件hashParam

2012-12-08 14:31
浏览 1303
评论(0)
分类:移动开发
查看更多

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

[MS Crypt API][原]计算文件签名

评论

发表评论

相关推荐

最近访客 更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

[MS Crypt API][原]计算文件签名

评论

发表评论

相关推荐

OpenSSL 编译环境搭建

最优非对称加密填充(OAEP)

[MS Crypt API][原]计算文件hashParam

利用OpenSSL把导出的Key文本转化为RSA结构

最近访客更多访客>>