我正在尝试使用crypto ++验证open-ssl签名,这里是open-ssl部分:
$ openssl genrsa 1024 >priv.pem
$ openssl rsa -in priv.pem -pubout -out pubkey.pem
$ openssl dgst -sha1 -sign privkey.pem data.txt > sign
$ openssl dgst -sha1 -verify pubkey.pem -signature sign data.txt
Verified OK
现在在我的C ++代码中:
int main(int argc, char* argv[])
{
try
{
RSA::PublicKey publicKey;
const char * pubFilename = "pubkey.pem";
FileSource pubFile(pubFilename,true,new PEMStripper(new Base64Decoder()));
RSASSA_PKCS1v15_SHA_Verifier pub(pubFile);
cout << "n: " << pub.GetTrapdoorFunction().GetModulus() << endl;
cout << "e: " << pub.GetTrapdoorFunction().GetPublicExponent() << endl;
string message = "data that is to be hashed and signed."; //same as data.txt
ifstream file ("sign", ios::in | ios::binary | ios::ate);
ifstream::pos_type sigSize;
char* sig;
if(file.is_open())
{
sigSize = file.tellg();
sig = new char[sigSize];
file.seekg(0, ios::beg);
if(!file.read(sig, sigSize))
{
cout << "fail to read" << endl;
}
file.close();
}
bool result = pub.VerifyMessage( (const byte*)message.c_str(),
message.length(), (const byte*)sig, sigSize );
// Result
if( true == result ) {
cout << "Signature on message verified" << endl;
} else {
cout << "Message verification failed" << endl;
}
} // try
catch( CryptoPP::Exception& e ) {
std::cerr << "Error: " << e.what() << std::endl;
}
return 0;
}
但我总是邮件验证失败
答案 0 :(得分:1)
您确定data.txt
不包含最终结尾\n
吗?
如果不是这样,在这一行中将一个字符串附加到字符串中,就像这样:
string message = "data that is to be hashed and signed.\n"; //same as data.txt
答案 1 :(得分:0)
Openssl采用有限长度的字符串数据,因此首先使用sha1进行哈希,然后将数据发送到opensssl