Create a digital signature with C + + Builder

If you pass a data on the Internet, but there are all sorts of unsafe factors that make you wonder whether the data will arrive at your destination intact, and you can digitally sign the data so that the other person can verify that your data has been modified by verifying the signature.

First, the principle of procedure

The principle of digital signature is relatively simple, it is based on the raw data you provide, after a complex algorithm to generate a specific data signature, the other party through the same process also generated signatures, if the data has been modified, then it is impossible to get two identical signatures, so that the data has been modified by others. Programmers use Windows's CAPI interface to encrypt, decrypt, and digitally sign data.

Ii. List of procedures

Below use C + + Builder's statement to look at its concrete realization process.

First, you create a digital signature, assuming that its data comes from a file.

//Variable declaration:


Hcryptprov Hprov;


//CSP handle


Hcrypthash Hhash;


//Hash handle


const int buffer=4096;


//Buffer size constant


BYTE Pbuffer[buffer];


//storage buffer for read file contents


BYTE psignature[256];


//Storage Signature Buffer


DWORD dsignaturelen=256;

Length of
//signature


TFileStream *sourcefile;


//A file stream


if (! CryptAcquireContext (&hprov,null,null,prov-rsa-full,0))


//Connect the default CSP, accept its handle into the Hprov


{　　　　


//Error handling


　　}


if (! Cryptcreatehash (Hprov,calg-md5,0,0,&hhash))


//Creates a hash object, gets its handle into the Hhash


　　{


//Error handling


　　}


do


　　{


Dreadlen=sourcefile-read (Pbuffer,buffer);


if (! Crypthashdata (hhash,pbuffer,dreadlen,0))


//hash value based on the contents of the file


　　 {


//Error handling


　　 }


}while ( Dreadlen


if (! Cryptsignhash (Hhash,at-signature,null,0,psignature,&dsignaturelen))


//Use a private key to digitally sign hash values


//Signature data into psignature, length into Dsignaturelen


//Error handling


　　}


the file-based data signature.


//Variable declaration:


Hcryptprov Hprov;


//CSP handle


Hcrypthash Hhash;


//Hash handle


Hcryptkey Hpublickey;


//Public key handle


const int buffer=4096;


//Buffer size constant


BYTE Pbuffer[buffer];


//storage buffer for read file contents


TFileStream *sourcefile;//a file stream


BYTE psignature[256];


//The last paragraph gets the signature of the buffer


DWORD Dsignaturelen;


//The length of the signature obtained on the previous paragraph


if (! CryptAcquireContext (&hprov,null,null,prov-rsa-full,0))


//Connect the default CSP, accept its handle into the Hprov


　　{


//Error handling


　　}


if (! Cryptgetuserkey (Hprov,at_signature,&hpublickey); Gets the handle of the public key


　　{


//Error handling


　　}


if (! Cryptcreatehash (Hprov,calg-md5,0,0,&hhash))//Create a hash object, get its handle into the Hhash


　　{


//Error handling


　　}


do


　　{


Dreadlen=sourcefile-read (Pbuffer,buffer);


if (! Crypthashdata (hhash,pbuffer,dreadlen,0))


Calculates the hash value based on the contents of the file


　　 {


//Error handling


　　 }


}while ( Dreadlen


if (! Cryptverifysignature (hhash,psignature,dsignaturelen,hpublickey,null,0))


　　{


if (GetLastError () ==nte-bad-signature) showmessage (″ file has been modified ″);


　　}


Else


　　{


showmessage (″ file has not been modified ″);


　　}

The above is a simple implementation of a digital signature, the resulting signature data can be saved separately, can also be saved separately.