// generate public/private key pair for digital signatures void genkeys(void) { if (open_crypt()) { if (CryptGenKey(hProv, AT_SIGNATURE, keylen << 16 | CRYPT_EXPORTABLE, &hKey)) { // export as C array and binary export_key(PUBLICKEYBLOB, DSA_PUBLIC_H, DSA_C_ARRAY); export_key(PUBLICKEYBLOB, DSA_PUBLIC_BIN, DSA_BINARY); export_key(PRIVATEKEYBLOB, DSA_PRIVATE_H, DSA_C_ARRAY); export_key(PRIVATEKEYBLOB, DSA_PRIVATE_BIN, DSA_BINARY); close_key(); } else { xstrerror("CryptGenKey(%i)", keylen); } close_crypt(); } else { xstrerror("CryptAcquireContext()"); } }
// sign a hash of input using private key void sign (void) { char *p; // initialize crypto API if (open_crypt()) { // import our private key if (open_key (RSA_PRIVATE_BIN)) { // hash the input if (open_hash ()) { // obtain size of signature CryptSignHash (hHash, AT_SIGNATURE, NULL, 0, NULL, &dwSigLen); pbSignature=xmalloc (dwSigLen); // sign the hash to obtain signature if (CryptSignHash (hHash, AT_SIGNATURE, NULL, 0, pbSignature, &dwSigLen)) { p=sig2hex(); if (p) { printf (" [ signature is: %i::%s\n", lstrlen(p), p); } xfree (pbSignature); } else { xstrerror ("CryptSignHash()"); } close_hash(); } else { xstrerror ("open_hash()"); } close_key(); } else { xstrerror ("open_key()"); } close_crypt(); } else { xstrerror ("open_crypt()"); } }
// verify a signature using public key BOOL verify(void) { BOOL bStatus = FALSE; // initialize crypto API if (open_crypt()) { // import public key if (open_key(DSA_PUBLIC_BIN)) { // hash the input if (open_hash()) { // convert signature to binary sig2bin(); if (pbSignature != NULL) { // verify signature bStatus = CryptVerifySignature(hHash, pbSignature, dwSigLen, hKey, NULL, 0); printf(" [ signature is %s\n", bStatus ? "valid" : "invalid"); xfree(pbSignature); } close_hash(); } else { printf("open_hash()"); } close_key(); } else { printf("open_key()"); } close_crypt(); } else { printf("open_crypt()"); } return bStatus; }