[英]How to generate RSA SHA signature using OpenSSL in C
I need some help using OpenSSL to generate a signature of a block of data using C (Windows and Linux). 我需要一些帮助,使用OpenSSL使用C(Windows和Linux)生成数据块的签名。 The application has to do with Google authentication. 该应用程序与Google身份验证有关。 The instructions from Google's documentation are: Google文档中的说明如下:
"Sign the UTF-8 representation of the input using SHA256withRSA (also known as RSASSA-PKCS1-V1_5-SIGN with the SHA-256 hash function) with the private key obtained from the Google Developers Console. The output will be a byte array." “使用SHA256withRSA(也称为带有SHA-256哈希函数的RSASSA-PKCS1-V1_5-SIGN)和使用从Google Developers Console获得的私钥对输入的UTF-8表示进行签名。输出将是一个字节数组。 “
The private key is a .p12 file containing 1660 bytes of binary data. 私钥是包含1660字节二进制数据的.p12文件。
Do I use the RSA_sign() API for this? 我是否使用RSA_sign()API? If so am I supposed to hash the data first? 如果是这样,我应该首先散列数据? Using what key value? 使用什么键值? I assume the RSA * parameter is supposed to hold the private key? 我假设RSA *参数应该保存私钥? How does it get loaded? 怎么加载? I have used the HMAC function to generate a SHA hash, but I'm a bit lost here - any help or sample code would be appreciated. 我已经使用HMAC函数生成SHA哈希,但我在这里有点丢失 - 任何帮助或示例代码将不胜感激。 (And yes, I know Google has libraries to do this, but none for C, which I need to use). (是的,我知道谷歌有图书馆可以做到这一点,但没有一个用于C,我需要使用它)。
You can use RSA_sign
to sign the data with SHA256 hash. 您可以使用RSA_sign
使用SHA256哈希对数据进行签名。 You can call this 你可以这个叫
RSA_sign(NID_sha256, digest, digest_len, &sign_buffer, sign_len, rsa_key);
You have calculate SHA256 hash of the data into digest
buffer. 您已将数据的SHA256哈希值计算到digest
缓冲区中。 rsa_key
should be initialized. 应该初始化rsa_key
。
Since, you have .p12
file, you need to do the following. 因为,您有.p12
文件,您需要执行以下操作。
Create PKCS12
structure from .p12
file. 从.p12
文件创建PKCS12
结构。
PKCS12 * p12 = d2i_PKCS12_fp(fp_to_p12_file, NULL);
Parse the p12
structure to certificate and key. 将p12
结构解析为证书和密钥。
PKCS12_parse(p12, passphrase, &evp_pkey, &x509_cert, NULL);
It will give EVP_PKEY
structure from which you can get RSA
structure using EVP_PKEY_get1_RSA
or access evp_pkey->pkey.rsa
member of the structure. 它将给出EVP_PKEY
结构,您可以使用EVP_PKEY_get1_RSA
从该结构获取RSA
结构,或者访问结构的evp_pkey->pkey.rsa
成员。
This should help you to start. 这应该可以帮助你开始。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.