How we can verify openssl digital signature in C++ & windows API
Using openssl I have created signed document on server, kindly refer below commands for it.
------Create private key.
openssl pkcs12 -in "D:\Cummins Issues\XML Encryption\mycredentialsandkey2010.pfx" -nodes -nocerts -out "D:\privatekey.pem" -nodes
------Create public key.
openssl rsa -in "D:\privatekey.pem" -pubout -out "D:\rsapublickey.pem"
------Create signed document.
openssl dgst -sha1 -sign "D:\privatekey.pem" -out "D:\ProductInformation_xml.cipher" "D:\ProductInformation.xml"
Now I can verify the digital signature using opensll like below
---Verify
openssl dgst -sha1 -verify "D:\rsapublickey.pem" -signature "D:\ProductInformation_xml.cipher" "D:\ProductInformation.xml"
But I need to verify digital signature using C++ & Windows API in client application (without openssl library or source code). I know using public key & hash we can verify the digital signature. Kindly provide 开发者_StackOverflowme pseudo code or windows API ASAP.
Any help is appreciated.
Why can't you use libssl? That's the obvious route to go down. The algorithms themselves are RSA and SHA1 although you really shouldn't try to roll your own.
Googling for "microsoft ssl library" yields nothing but a multitude of vulnerabilities. No, really!
CryptoAPI from Microsoft will allow you to sign and verify data.
You should note that Microsoft has introduced CNG from Windows vista onwards. So evaluate your requirements.
You can find sample source for signing and verification from MSDN using CryptoAPI
精彩评论