Use personal information digital certificate (pfx) for signature and verification for reference from OpenSSL Learning
But the original article has an error.
Therefore, re-paste the modified content.
# Include <windows. h> <br/> # include <OpenSSL/RSA. h> <br/> # include <OpenSSL/EVP. h> <br/> # include <OpenSSL/objects. h> <br/> # include <OpenSSL/x509.h> <br/> # include <OpenSSL/err. h> <br/> # include <OpenSSL/PEM. h> <br/> # include <OpenSSL/SSL. h> <br/> # include <OpenSSL/pkcs12.h> <br/> # include <OpenSSL/applink. c> <br/> # pragma comment (Lib, "libeay32.lib") <br/> # pragma comment (Lib, "ssleay32.lib") <br/> bool Dosi Gndata (const char * szpkcs12filename, const char * szpkcs12password, <br/> const char * szunsigndata, char * szsigndata) <br/>{< br/> If (szpkcs12filename = NULL | szunsigndata = NULL | szsigndata = NULL) {<br/> return false; <br/>}< br/>/* variable */<br/> int err; <br/> unsigned int sig_len; <br/> unsigned char sig_buf [128]; <br/> evp_md_ctx md_ctx; <br/> evp_pkey * pkey = NULL; <br/> file * fp = N Ull; <br/> X509 * X509 = NULL; <br/> PKCS12 * p12 = NULL; <br/> stack_of (X509) * CA = NULL; <br/>/* initialize */<br/> ssleay_add_all_algorithms (); <br/> err_load_crypto_strings (); <br/>/* read the Personal Information certificate and break down the key and certificate */<br/> If (! (FP = fopen (szpkcs12filename, "rb") {<br/> return false; <br/>}< br/> p12 = d2i_pkcs12_fp (FP, null ); <br/> fclose (FP); <br/> If (! P12) {<br/> fprintf (stderr, "error reading PKCS #12 file/N"); <br/> err_print_errors_fp (stderr); <br/> return false; <br/>}< br/> If (! Pkcs12_parse (p12, szpkcs12password, & pkey, & X509, & Ca) {<br/> fprintf (stderr, "error parsing PKCS #12 file/N "); <br/> err_print_errors_fp (stderr); <br/> pkcs12_free (p12); <br/> return false; <br/>}< br/> pkcs12_free (p12 ); <br/> If (pkey = NULL) {<br/> err_print_errors_fp (stderr); <br/> return false; <br/>}< br/>/* signature data */<br/> evp_signinit (& md_ctx, evp_sha1 (); <br/> evp_signupdate (& md_ctx, Szunsigndata, strlen (szunsigndata); <br/> sig_len = 128; <br/> err = evp_signfinal (& md_ctx, sig_buf, & sig_len, pkey ); <br/> If (Err! = 1) {<br/> err_print_errors_fp (stderr); <br/>/* Release related variables */<br/> If (pkey) {<br/> evp_pkey_free (pkey); <br/>}< br/> If (X509) {<br/> x509_free (X509 ); <br/>}< br/> return false; <br/>}< br/> memcpy (szsigndata, sig_buf, sig_len ); <br/>/* Release related variables */<br/> If (pkey) {<br/> evp_pkey_free (pkey ); <br/>}< br/> If (X509) {<br/> x509_free (X509); <br/>}< br/> return true; <br/>}< br/> bool doverifydat A (const char * szpkcs12filename, const char * szpkcs12password, <br/> const char * szunsigndata, const char * szsigndata) <br/>{< br/> If (szpkcs12filename = NULL | szsigndata = NULL) {<br/> return false; <br/>}< br/>/* variable */<br/> int err; <br/> unsigned int sig_len; <br/> evp_md_ctx md_ctx; <br/> evp_pkey * pkey = NULL; <br/> file * fp = NULL; <br/> X509 * X509 = NULL; <br/> PKCS12 * p12 = NULL; <Br/> stack_of (X509) * CA = NULL; <br/>/* initialization */<br/> ssleay_add_all_algorithms (); <br/> err_load_crypto_strings (); <br/>/* read the Personal Information certificate and break down the key and certificate */<br/> If (! (FP = fopen (szpkcs12filename, "rb") {<br/> return false; <br/>}< br/> p12 = d2i_pkcs12_fp (FP, null ); <br/> fclose (FP); <br/> If (! P12) {<br/> fprintf (stderr, "error reading PKCS #12 file/N"); <br/> err_print_errors_fp (stderr); <br/> return false; <br/>}< br/> If (! Pkcs12_parse (p12, szpkcs12password, & pkey, & X509, & Ca) {<br/> fprintf (stderr, "error parsing PKCS #12 file/N "); <br/> err_print_errors_fp (stderr); <br/> pkcs12_free (p12); <br/> return false; <br/>}< br/> pkcs12_free (p12 ); <br/> If (X509 = NULL) {<br/> err_print_errors_fp (stderr); <br/> return false; <br/>}< br/>/* Verify the signature */<br/> pkey = x509_get_pubkey (X509); <br/> If (pkey = NULL) {<br/> err_pr Int_errors_fp (stderr); <br/> If (X509) {<br/> x509_free (X509); <br/>}< br/> return false; <br/>}< br/>/* Verify the signature */<br/> sig_len = 128; <br/> evp_verifyinit (& md_ctx, evp_sha1 ()); <br/> evp_verifyupdate (& md_ctx, szunsigndata, strlen (szunsigndata); <br/> err = consume (& md_ctx, (const byte *) szsigndata, sig_len, pkey ); <br/> evp_pkey_free (pkey); <br/> If (Err! = 1) {<br/> err_print_errors_fp (stderr); <br/>/* Release related variables */<br/> If (pkey) {<br/> evp_pkey_free (pkey); <br/>}< br/> return false; <br/>}< br/>/* Release related variables */<br/> If (pkey) {<br/> evp_pkey_free (pkey ); <br/>}< br/> return true; <br/>}< br/> int main (INT argc, char * argv []) <br/>{< br/> char sig_buf [128]; <br/> If (! Dosigndata ("wanjl. pfx "," 123456 "," Hi there, I love Juan. ", sig_buf) {<br/> printf (" signature data failed. /n "); <br/>}else {<br/> printf (" signature data success. /n "); <br/> printf ("> ------------ after sign data -------------- begin/N "); <br/> for (INT I = 0; I <128; I ++) <br/>{< br/> printf ("% 02x", sig_buf [I]); <br/>}< br/> printf ("/n> ------------ after sign data -------------- end/N"); <br/> If (! Doverifydata ("wanjl. pfx "," 123456 "," Hi there, I love Juan. ", sig_buf) {<br/> printf (" signature verified failed. /n "); <br/>}else {<br/> printf (" signature verified OK. /n "); <br/>}< br/> return 0; <br/>}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
