Пример #1
0
CByteArray CPkiCard::Sign(const tPrivKey & key, const tPin & Pin,
    unsigned long algo, CHash & oHash)
{
	CByteArray oHashResult = oHash.GetHash();

	return Sign(key, Pin, algo, oHashResult);
}
Пример #2
0
static long SignVerify(CReader & oReader, tPrivKey & key,
	const CByteArray & oCertData, unsigned long ulSignAlgo)
{
	CByteArray oData(1000);
	for (int i = 0; i < 300; i++)
		oData.Append((unsigned char) rand());

	long lHashAlgo = sign2hashAlgo(ulSignAlgo);

	if (lHashAlgo != -1)
	{
		CByteArray oSignature;
	
		CHash oHash;
		oHash.Init((tHashAlgo) lHashAlgo);
		oHash.Update(oData);

		if (ulSignAlgo == SIGN_ALGO_RSA_PKCS)
		{
			// To test SIGN_ALGO_RSA_PKCS, we take as input the SHA1 AID
			// plus the SHA1 hash of oData. This way, we can use OpenSSL's
			// SHA1 signature verification in VerifySignature().
			const unsigned char SHA1_AID[] = {0x30, 0x21, 0x30, 0x09,
				0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00,0x04, 0x14};
			CByteArray oTobeSigned(SHA1_AID, sizeof(SHA1_AID));
			oTobeSigned.Append(oHash.GetHash());
			oSignature = oReader.Sign(key, ulSignAlgo, oTobeSigned);
		}
		else
			oSignature = oReader.Sign(key, ulSignAlgo, oHash);

		bool bVerified = VerifySignature(oData, oSignature, oCertData, ulSignAlgo);

		return bVerified ? 0 : 1;
	}
	else
	{
		printf("      Signature algo %s can't be tested yet\n", SignAlgo2String(ulSignAlgo));
		return 0;
	}
}
Пример #3
0
CByteArray CReader::Sign(const tPrivKey & key, unsigned long algo,
    CHash & oHash)
{
    if (m_poCard == NULL)
        throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);

	unsigned long ulSupportedAlgos = m_poCard->GetSupportedAlgorithms();
	if ((algo & ulSupportedAlgos & SIGN_ALGO_MD5_RSA_PKCS) ||
		(algo & ulSupportedAlgos & SIGN_ALGO_SHA1_RSA_PKCS) ||
		(algo & ulSupportedAlgos & SIGN_ALGO_SHA256_RSA_PKCS) ||
		(algo & ulSupportedAlgos & SIGN_ALGO_SHA384_RSA_PKCS) ||
		(algo & ulSupportedAlgos & SIGN_ALGO_SHA512_RSA_PKCS) ||
		(algo & ulSupportedAlgos & SIGN_ALGO_RIPEMD160_RSA_PKCS))
	{
	    return m_poCard->Sign(key, GetPinByID(key.ulAuthID), algo, oHash);
	}
	else
	{
		CByteArray oHashResult = oHash.GetHash();
		return Sign(key, algo, oHashResult);
	}
}