////////////////////////////////////////////////////////////////////////////////////
//The Signing Certificate Get Method
//out:
// signing certificate in hex form
//Additionaly change values of attributes corresponding with signing cert (SigningKeyContainerName, SigningCSPName, SigningCertName, SigningCertIssuer)
////////////////////////////////////////////////////////////////////////////////////
STDMETHODIMP CSign::getSigningCertificate(BSTR *Certificate)
///////////////////////////////////////////////////////////////////////////////////
{
TCHAR* pbData = NULL;
DWORD selectedCert=-1;
DWORD dwResult;
PCCERT_CONTEXT pCertContext;
int ret;
pCertContext=NULL;
pCertContext=DigiCrypt_FindContext(0, &dwResult,&selectedCert);
if(pCertContext!=NULL)
{
pbData = (TCHAR*)malloc(pCertContext->cbCertEncoded*2+1);
if (pbData != NULL)
{
BinHex((char *)pCertContext->pbCertEncoded,pCertContext->cbCertEncoded,(char *)pbData);
*Certificate=_bstr_t((LPCTSTR)pbData).copy();
gdwSelectedCertNumber=selectedCert;
free(pbData);
}
pCertContext=NULL;
}
//MessageBox(NULL,"Step10","SignDebug",0);
return S_OK;
}
int main( int argc, char *argv[] )
{
char Buffer[ 1024 ];
fstream Input( "/dev/stdin", fstream::in | fstream::binary );
fstream Output( "/dev/stdout", fstream::out | fstream::binary );
string Hex;
// read passed arguments here...
for( int i = 1; i < argc; ++i )
{
if( !strcmp( argv[ i ], "-i" ) ) {
if( argv[ ++i ] )
{
if( !Input.good() ) Input.clear();
if( Input.is_open() ) Input.close();
Input.open( argv[ i ], fstream::in | fstream::binary );
if( !Input ) { Output << "input error on file " << argv[ i ] << endl; return( 1 ); }
}
else
{
PrintHelp( argv[ 0 ] );
return( 1 );
}
} else if( !strcmp( argv[ i ], "-o" ) ) {
if( argv[ ++i ] )
{
if( !Output.good() ) Output.clear();
if( Output.is_open() ) Output.close();
Output.open( argv[ i ], fstream::out | fstream::binary );
if( !Output ) return( 1 );
}
else
{
PrintHelp( argv[ 0 ] );
return( 1 );
}
} else {
PrintHelp( argv[ 0 ] );
return( 1 );
};
}
Hex.reserve( 2048 );
while( Input )
{
Input.read( Buffer, 1024 );
if( Input.gcount() )
{
BinHex( string( Buffer, Input.gcount() ), Hex );
Output << Hex;
}
}
return( 0 );
}
////////////////////////////////////////////////////////////////////////////////////
//The Signing Method
//Sign.getSignedHash
// in:
// sHash -- hash string
// selectedCert -- reserved (if 0 cleans the KeyContainerName cache)
// out:
// signed hash in hex form
////Additionaly change values of attributes corresponding with signing cert (SigningKeyContainerName, SigningCSPName, SigningCertName, SigningCertIssuer)
////////////////////////////////////////////////////////////////////////////////////
STDMETHODIMP CSign::getSignedHash(BSTR sHash, long selectedCert, BSTR *SignedHash)
////////////////////////////////////////////////////////////////////////////////////
{
PCCERT_CONTEXT pCertContext;
BYTE pbHash[20];
//char * sHashHex;
char sHashHex[41];
DWORD dwSelectedCert;
DWORD dwSignature=1024; //RSA signatuuri pikkus - this parameter specifies the max size of signature value buffer
BYTE cSignature[1025]; //the buffer receiving signature value
TCHAR pbhSignature[2049]; //2*256 + 1 for null-terminating char
BOOL fResult, fFreeProv;
HCRYPTPROV hProv = NULL;
HCRYPTKEY hPubKey = NULL;
DWORD dwKeySpec;
DWORD dwResult;
char pSignatureRev[1025]; //the buffer for reversed signature value
int i;
memset(cSignature,0,1025);
memset(pbhSignature,0,2049);
memset(pSignatureRev,0,1025);
memset(sHashHex,0,41);
if(sHash=='\0')
goto SIGDONE;
for(i=0; i< 40; i++)
{
sHashHex[i]=(TCHAR)sHash[i];
if(sHashHex[i]==0) break;
}
if(strlen(sHashHex)!=40)
goto SIGDONE;
HexBin(sHashHex,(char *)pbHash,20);
dwSelectedCert=selectedCert;
pCertContext=DigiCrypt_FindContext(0, &dwResult, &dwSelectedCert);
if(!pCertContext)
goto SIGDONE;
fResult = GetRSAKeyFromCert(pCertContext,&hProv,&hPubKey, &dwKeySpec,&fFreeProv);
if(fResult==NULL)
goto SIGDONE;
fResult = SignHashString(hProv,hPubKey,dwKeySpec,pbHash,cSignature,&dwSignature/*this parameter will be updated with the actual value of the signature*/);
if(fResult==NULL)
goto SIGDONE;
BinHex((char*)pbHash,20,sHashHex);
for(i=dwSignature-1; i>=0; i--) //allowed indexes for an array of size N are from 0 to N-1, this is fixed now
{
pSignatureRev[dwSignature-1-i]=cSignature[i];
}
pSignatureRev[dwSignature]=0;
BinHex((char *)pSignatureRev, dwSignature, pbhSignature);
*SignedHash=_bstr_t((LPCTSTR)pbhSignature).copy();
SIGDONE:
if(fFreeProv)
{
if(hPubKey)
{
CryptDestroyKey(hPubKey);
}
if(hProv)
CryptReleaseContext(hProv, 0);
}
pCertContext=NULL;
return S_OK;
}