證書的數字簽名和認證 (轉)

證書的數字簽名和認證 (轉)[@more@]

console

#include "stdafx.h"
#include
#include <.h>
#include

#define MY_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)

/*
Ö¤ÊéÖ÷ÌâÃû
*/
#define  SIGNER_NAME L"yangsheng"

#define  CERT_STORE_NAME L"MY"
void HandleError(char* s);

int main(int argc, char* argv[])
{
 HCERTSTORE hStoreHandle; µÍ³¾ä±ú
 Ç©ÃûµÄÏûÏ¢
 BYTE* pbMessage = (BYTE*)"Need sign message";
 //
 D cbMessage = strlen((char*)pbMessage)+1;
 PCCERT_CONTEXT pSignerCert; ¸ÏòÇ©ÃûÖ¤ÊéµÄÖ¸Õë

 CRYPT_SIGN_MESSAGE_PARA SigParams;
 DWORD cbSignedMessageBlob;
 BYTE* pbSignedMessageBlob; 

 const BYTE* MessageArray[] = {pbMessage};
 DWORD MessageSizeArray[1];
 MessageSizeArray[0] = cbMessage;

  sign .....
 printf("raw message.... ");
 printf("%s ",pbMessage);

 //
 if(!(hStoreHandle = CertOpenStore(CERT_STORE_PROV_SYSTEM,0,NULL,CERT_SYSTEM_STORE_CURRENT_USER, CERT_STORE_NAME)))
 {
 printf("open cert store failed!");
 }

  sign cert pointer
 if(pSignerCert = CertFindCertificateInStore(hStoreHandle,MY_TYPE,0,CERT_FIND_SUBJECT_STR,SIGNER_NAME,NULL))
 {
 printf("find a cert ok..... ");
 }
 else
 {
 printf("cann't look a cert! ");
 }
 
  struct initialize
 SigParams.cbSize = sizeof(CRYPT_SIGN_MESSAGE_PARA);
 SigParams.dwMsgEncodingType = MY_TYPE;
 SigParams.pSigningCert = pSignerCert;
 SigParams.HashAlgorithm.pszObjId = szOID_RSA_MD5;
 SigParams.HashAlgorithm.Parameters.cbData = NULL;
 SigParams.cMsgCert = 1;
 SigParams.rgpMsgCert = &pSignerCert;
 SigParams.cAuthAttr = 0;
 SigParams.dwInnerContentType = 0;
 SigParams.cMsgCrl = 0;
 SigParams.cUnauthAttr = 0;
 SigParams.dwFlags = 0;
 SigParams.pvHashAuxInfo = NULL;
 SigParams.rgAuthAttr = NULL;

 //
 if(CryptSignMessage(&SigParams,FALSE,1,MessageArray,MessageSizeArray,NULL,&cbSignedMessageBlob))
 {
 printf("sign after size %d ",cbSignedMessageBlob);
 }
 
 //
 if(!(pbSignedMessageBlob = (BYTE*)malloc(cbSignedMessageBlob)))
 {
 printf("alloc failed! ");
 }
 //
 if(CryptSignMessage(&SigParams,FALSE,1,MessageArray,MessageSizeArray,pbSignedMessageBlob,&cbSignedMessageBlob))
 {
 printf("sign succesul!! ");
 }

 /*
 verify sign
 */
 DWORD cbDecodeMessageBlob;
 BYTE* pbDecodeMessageBlob;
 
 CRYPT_VERIFY_MESSAGE_PARA verifyParams;
 
 verifyParams.cbSize = sizeof(CRYPT_VERIFY_MESSAGE_PARA);
 verifyParams.dwMsgAndCertEncodingType = MY_TYPE;
 verifyParams.hCryptProv = 0;
 verifyParams.pfnGetSignerCertificate = NULL;
 verifyParams.pvGetArg = NULL;

 if(CryptVerifyMessageSignature(&verifyParams,0,pbSignedMessageBlob,cbSignedMessageBlob,NULL,&cbDecodeMessageBlob,NULL))
 {
 printf("total buffer%d ",cbDecodeMessageBlob);
 }

 if(!(pbDecodeMessageBlob = (BYTE*)malloc(cbDecodeMessageBlob)))
 {
 printf("alloc failed! ");
 }
 if(CryptVerifyMessageSignature(&verifyParams,0,pbSignedMessageBlob,cbSignedMessageBlob,pbDecodeMessageBlob,&cbDecodeMessageBlob,NULL))
 {
 printf("verify message: %s ",(char*)pbDecodeMessageBlob);
 }
 /*
 some release operation........
 */
 if(pbSignedMessageBlob)
 free(pbSignedMessageBlob);

 if(pbDecodeMessageBlob)
 free(pbDecodeMessageBlob);

 if(pSignerCert)
 CertFreeCertificateContext(pSignerCert);

 if(CertCloseStore(hStoreHandle,CERT_CLOSE_STORE_CHECK_FLAG))
 {
 printf("all release... ");
 }
 else
 {
 printf(".......");
 }
 return 0;
}