如何用C使用OpenSSL生成RSA SHA签名 [英] How to generate RSA SHA signature using OpenSSL in C

问题描述

我需要一些帮助使用OpenSSL生成使用C（Windows和Linux）的数据块的签名。该应用程序与谷歌认证做。从谷歌的文档的说明是：

I need some help using OpenSSL to generate a signature of a block of data using C (Windows and Linux). The application has to do with Google authentication. The instructions from Google's documentation are:

登录使用SHA256withRSA（也称为RSASSA-PKCS1-v1_5中-SIGN输入的UTF-8再presentation
与SHA-256散列函数）从谷歌开发者控制台获得的私钥。该
输出将是一个字节数组。

"Sign the UTF-8 representation of the input using SHA256withRSA (also known as RSASSA-PKCS1-V1_5-SIGN with the SHA-256 hash function) with the private key obtained from the Google Developers Console. The output will be a byte array."

私有密钥是一个包含1660个字节的二进制数据的.p12文件。

The private key is a .p12 file containing 1660 bytes of binary data.

我使用这个RSA_sign（）API？如果是的话我应该先散列数据？使用的是什么
核心价值？我假设RSA *参数应该保持私钥？它是如何获得
装？我已经使用了HMAC函数生成一个SHA哈希码，但我有点丢在这里 - 任何帮助
或样品code将AP preciated。 （是的，我知道谷歌有库，做到这一点，但没有
对于C，我需要使用）。

Do I use the RSA_sign() API for this? If so am I supposed to hash the data first? Using what key value? I assume the RSA * parameter is supposed to hold the private key? How does it get loaded? I have used the HMAC function to generate a SHA hash, but I'm a bit lost here - any help or sample code would be appreciated. (And yes, I know Google has libraries to do this, but none for C, which I need to use).

推荐答案

您可以使用 RSA_sign 签署与SHA256散列数据。您可以拨打这个

You can use RSA_sign to sign the data with SHA256 hash. You can call this

RSA_sign(NID_sha256, digest, digest_len, &sign_buffer, sign_len, rsa_key);

您必须计算数据的哈希SHA256到消化缓冲区。 rsa_key 应该被初始化。

You have calculate SHA256 hash of the data into digest buffer. rsa_key should be initialized.

一直以来，你已经的.p12 文件，你需要做到以下几点。

Since, you have .p12 file, you need to do the following.

从的.p12 文件创建 PKCS12 结构。

PKCS12 * p12 = d2i_PKCS12_fp(fp_to_p12_file, NULL);

解析 P12 结构，证书和密钥。

PKCS12_parse(p12, passphrase, &evp_pkey, &x509_cert, NULL);

这会给 EVP_PKEY 结构，从中可以使用get RSA 结构 EVP_PKEY_get1_RSA 或访问 evp_pkey-方式＆gt; pkey.rsa 结构成员

It will give EVP_PKEY structure from which you can get RSA structure using EVP_PKEY_get1_RSA or access evp_pkey->pkey.rsa member of the structure.

这应该可以帮助您开始。

This should help you to start.

这篇关于如何用C使用OpenSSL生成RSA SHA签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！