驗證程式簽名

2021-06-13 07:01:24 字數 2188 閱讀 7284

#include #include #include #include #pragma comment (lib, "wintrust")


#pragma comment(lib, "crypt32.lib")


bool verifyembeddedsignature(const wchar_t * srcfile)


bool checksignerinfo(const wchar_t *src_file, const wchar_t *issuer_name, const wchar_t *subj_name)


if(!cryptmsggetparam(hmsg,


cmsg_signer_info_param,


0,null,


&dwsignerinfo))


psignerinfo = (pcmsg_signer_info)localalloc(lptr, dwsignerinfo);


if(psignerinfo == null)


if(!cryptmsggetparam(hmsg,


cmsg_signer_info_param,


0,(pvoid)psignerinfo,


&dwsignerinfo))


//memset(&certinfo, 0, sizeof(certinfo));


certinfo.issuer = psignerinfo->issuer;


certinfo.serialnumber = psignerinfo->serialnumber;


pcertcontext = certfindcertificateinstore(hstore,


x509_asn_encoding | pkcs_7_asn_encoding,


0,cert_find_subject_cert,


(pvoid)&certinfo,


null);


if(pcertcontext == null)


//dwdata = certgetnamestringw(pcertcontext,


cert_name_******_display_type,


cert_name_issuer_flag,


null,


null,


0);if(dwdata == 0)


lpissuername = (wchar*)localalloc(lptr, dwdata * sizeof(wchar));


if(lpissuername == null)


dwdata = certgetnamestringw(pcertcontext,


cert_name_******_display_type,


cert_name_issuer_flag,


null,


lpissuername,


dwdata);


if(dwdata == 0)


//dwdata = certgetnamestringw(pcertcontext,


cert_name_******_display_type,


0,null,


null,


0);if(dwdata == 0)


lpsubjname = (wchar*)localalloc(lptr, dwdata * sizeof(wchar));


if(lpsubjname == null)


dwdata = certgetnamestringw(pcertcontext,


cert_name_******_display_type,


0,null,


lpsubjname,


dwdata);


if(dwdata == 0)


ret = ( (_wcsicmp(lpissuername, issuer_name) == 0) && (_wcsicmp(lpsubjname, subj_name) == 0) );


finish_do:


if(lpsubjname != null)


if(lpissuername != null)


if(pcertcontext != null)


if(psignerinfo != null)


if(hmsg != null)


if(hstore != null)


return ret;


}

RSA簽名驗證

1 rsa加密過程簡述 a和b進行加密通訊時,b首先要生成一對金鑰。乙個是公鑰,給a,b自己持有私鑰。a使用b的公鑰加密要加密傳送的內容,然後b在通過自己的私鑰解密內容 2 假設a要想b傳送訊息,a會先計算出訊息的訊息摘要,然後使用自己的私鑰加密這段摘要加密,最後將加密後的訊息摘要和訊息一起傳送給b...

php api驗證簽名

服務端收到資料後,把資料按照客戶端一樣的方式生成sign,再進行比較,相等則說明通過,驗籤主要是為了驗證是否是指定使用者發來的請求。避免安全隱患 namespace threetrafficnanchang controller use threetrafficnanchang model util...

php生成簽名及驗證簽名

php生成簽名及驗證簽名 余超 yuchao86 gmail.com 啥也不說了,直接上源 根據原文生成簽名內容 param string data 原文內容 return string author confu function sign data pkcs12 file get contents...