如何用C使用OpenSSL生成RSA SHA签名 [英] How to generate RSA SHA signature using OpenSSL in C
问题描述
我需要一些帮助使用OpenSSL生成使用C(Windows和Linux)的数据块的签名。该应用程序与谷歌认证做。从谷歌的文档的说明是:
I need some help using OpenSSL to generate a signature of a block of data using C (Windows and Linux). The application has to do with Google authentication. The instructions from Google's documentation are:
登录使用SHA256withRSA(也称为RSASSA-PKCS1-v1_5中-SIGN输入的UTF-8再presentation
与SHA-256散列函数)从谷歌开发者控制台获得的私钥。该
输出将是一个字节数组。
"Sign the UTF-8 representation of the input using SHA256withRSA (also known as RSASSA-PKCS1-V1_5-SIGN with the SHA-256 hash function) with the private key obtained from the Google Developers Console. The output will be a byte array."
私有密钥是一个包含1660个字节的二进制数据的.p12文件。
The private key is a .p12 file containing 1660 bytes of binary data.
我使用这个RSA_sign()API?如果是的话我应该先散列数据?使用的是什么
核心价值?我假设RSA *参数应该保持私钥?它是如何获得
装?我已经使用了HMAC函数生成一个SHA哈希码,但我有点丢在这里 - 任何帮助
或样品code将AP preciated。 (是的,我知道谷歌有库,做到这一点,但没有
对于C,我需要使用)。
Do I use the RSA_sign() API for this? If so am I supposed to hash the data first? Using what key value? I assume the RSA * parameter is supposed to hold the private key? How does it get loaded? I have used the HMAC function to generate a SHA hash, but I'm a bit lost here - any help or sample code would be appreciated. (And yes, I know Google has libraries to do this, but none for C, which I need to use).
推荐答案
您可以使用 RSA_sign
签署与SHA256散列数据。您可以拨打这个
You can use RSA_sign
to sign the data with SHA256 hash. You can call this
RSA_sign(NID_sha256, digest, digest_len, &sign_buffer, sign_len, rsa_key);
您必须计算数据的哈希SHA256到消化
缓冲区。 rsa_key
应该被初始化。
You have calculate SHA256 hash of the data into digest
buffer. rsa_key
should be initialized.
一直以来,你已经的.p12
文件,你需要做到以下几点。
Since, you have .p12
file, you need to do the following.
从的.p12
文件创建 PKCS12
结构。
PKCS12 * p12 = d2i_PKCS12_fp(fp_to_p12_file, NULL);
解析 P12
结构,证书和密钥。
PKCS12_parse(p12, passphrase, &evp_pkey, &x509_cert, NULL);
这会给 EVP_PKEY
结构,从中可以使用get RSA
结构 EVP_PKEY_get1_RSA
或访问 evp_pkey-方式> pkey.rsa
结构成员
It will give EVP_PKEY
structure from which you can get RSA
structure using EVP_PKEY_get1_RSA
or access evp_pkey->pkey.rsa
member of the structure.
这应该可以帮助您开始。
This should help you to start.
这篇关于如何用C使用OpenSSL生成RSA SHA签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!