使用crypto ++库验证openssl签名

时间:2013-12-28 10:58:01

标签: c++ c encryption openssl rsa

我正在尝试使用crypto ++验证open-ssl签名,这里是open-ssl部分:

$ openssl genrsa 1024 >priv.pem

$ openssl rsa -in priv.pem -pubout -out pubkey.pem

$ openssl dgst -sha1 -sign privkey.pem data.txt > sign

$ openssl dgst -sha1 -verify pubkey.pem -signature sign data.txt
  Verified OK

现在在我的C ++代码中:

int main(int argc, char* argv[])
{
    try
    {
        RSA::PublicKey publicKey;
        const char * pubFilename = "pubkey.pem";
    FileSource pubFile(pubFilename,true,new PEMStripper(new Base64Decoder()));
    RSASSA_PKCS1v15_SHA_Verifier pub(pubFile);
        cout << "n: " << pub.GetTrapdoorFunction().GetModulus() << endl;
        cout << "e: " << pub.GetTrapdoorFunction().GetPublicExponent() << endl;
        string message = "data that is to be hashed and signed.";  //same as data.txt

        ifstream file ("sign", ios::in | ios::binary | ios::ate);
    ifstream::pos_type sigSize;
    char* sig;
    if(file.is_open())
    {
          sigSize = file.tellg();
          sig = new char[sigSize];
          file.seekg(0, ios::beg);
          if(!file.read(sig, sigSize))
          {
          cout << "fail to read" << endl;
          }
          file.close();
    }
        bool result = pub.VerifyMessage( (const byte*)message.c_str(),
            message.length(), (const byte*)sig, sigSize );

        // Result
        if( true == result ) {
            cout << "Signature on message verified" << endl;
        } else {
            cout << "Message verification failed" << endl;
        }

    } // try

    catch( CryptoPP::Exception& e ) {
        std::cerr << "Error: " << e.what() << std::endl;
    }

    return 0;
}

但我总是邮件验证失败

2 个答案:

答案 0 :(得分:1)

您确定data.txt不包含最终结尾\n吗?

如果不是这样,在这一行中将一个字符串附加到字符串中,就像这样:

string message = "data that is to be hashed and signed.\n";  //same as data.txt

答案 1 :(得分:0)

Openssl采用有限长度的字符串数据,因此首先使用sha1进行哈希,然后将数据发送到opensssl