c言语 用pcks8格式pem证书 验签
已知有pcks8格式的pem证书,原始待签名数据和签名后结果。 用工具验签可以。
问题:对方用PCKS8私钥签名(md5摘要然后RSA私钥加密),提供PCKS8格式pem证书公钥,我这边设备linux下c语言怎么验签?请求具体c语言源码实现
签名数据:
EX9Iul4A1FnPvBrVklejk2K/KNvbwN4/sbSoCep8jHJN3vgVBqfazX9Jm1OSK3F6bwHlXH4rAXjDm5ZuMbq7MneGZEadS38XtOSSo90seMTQpeWiYOK5tclDlbq1HsYlqE0bGHxkXL6ZHjWnjykC04Dyw7MkpP+E2dGqfg5R2GU=
PCKS8 公钥:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJIwo5ACSqybdPYdLkCxTMmSS0x
RqIsPvh21KOveWPlppDgr46IZ0YAbw+nJbaI9B5Y5heDRuAW+BqYPKxhELsKKfSLP
SOxk0rbqJogaOW6MfLrPdLGXFpAO+hvBPgEcChowYCtNK8GrFLiXZRoHPWzM6r4c8
tijX1KnTaI4RIjwIDAQAB
-----END PUBLIC KEY-----
原始数据:
08388dc68ce73b694315d1a094427749201910291205251006076402773128
原始数据摘要(MD5)后:
eeef5aea8b919e7afb80a5e1ba895815
#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
#include <openssl/ssl.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
#include <openssl/des.h>
#include <ctype.h>
#define PUB_KEY_FILE "/mtd0/res/pub_key.pem"
bool verify_init_pos(const char *mess1, unsigned char *sign_value, int sign_len)
{
EVP_MD_CTX mdctx; //摘要算法上下文变量
RSA *rsa=NULL; //RSA结构体变量
EVP_PKEY *evpKey=NULL; //EVPKEY 结构体变量
FILE* fp=NULL;
bool flag = false;
int ret=0;
if (!(fp = fopen(PUB_KEY_FILE, "rb")))
{
fprintf(stderr, "Error opening file %s\n", PUB_KEY_FILE);
return flag;
}
/* Read private key */
evpKey = PEM_read_PUBKEY(fp, NULL, NULL, NULL);
fclose (fp);
if (evpKey == NULL) {
ERR_print_errors_fp (stderr);
return flag;
}
EVP_MD_CTX_init(&mdctx); //初始化摘要上下文
Trace("lilin","\r\nwill verify data\r\n");
//以下为验证代码
ret=EVP_VerifyInit_ex(&mdctx,EVP_md5(),NULL);
Trace("lilin","EVP_VerifyInit_ex ret=%d\r\n",ret);
if (1 != ret)
{
Trace("lilin","EVP_VerifyInit_ex err\r\n");
EVP_PKEY_free(evpKey);
RSA_free(rsa);
return flag;
}
Trace("lilin","mess1 is:\r\n%s\r\n", mess1);
TraceHex("lilin","hex mess1 is:", mess1, strlen(mess1));
TraceHex("lilin", "sign_value", sign_value, sign_len);
ret=EVP_VerifyUpdate(&mdctx,mess1,strlen(mess1));
Trace("lilin","EVP_VerifyUpdate ret=%d\r\n",ret);
if (1 != ret)
{
Trace("lilin","EVP_VerifyUpdate err\r\n");
EVP_PKEY_free(evpKey);
RSA_free(rsa);
return flag;
}
ret=EVP_VerifyFinal(&mdctx, sign_value, sign_len, evpKey);
Trace("lilin","EVP_VerifyFinal err ret=%d\r\n",ret);
if (1 != ret)
{
Trace("lilin","EVP_VerifyFinal err\r\n");
EVP_PKEY_free(evpKey);
RSA_free(rsa);
return flag;
}
else
{
flag = true;
Trace("lilin","verify success..\r\n");
}
EVP_PKEY_free(evpKey);
RSA_free(rsa);
EVP_MD_CTX_cleanup(&mdctx);
Trace("lilin","--------------------------------------\r\n");
fp=NULL;
evpKey=NULL;
rsa=NULL;
return flag;
}