- 论坛徽章:
- 0
|
回复 10# dorodaloo
不好意思,回复晚了。下面是验签的代码
int verify(char *data, char *resp)
{
char *signBuf= malloc(BUFFER_SIZE);
char *timeBuf = malloc(BUFFER_SIZE);
char *contentLenBuf = malloc(BUFFER_SIZE);
memcpy(signBuf, data, strlen(data));
memcpy(timeBuf, data, strlen(data));
memcpy(contentLenBuf, data, strlen(data));
int r,headnum,m, contentnum;
char sign[500];
char *timestamp = malloc(100);
char contentLen[5];
while (1)
{
r=sscanf(contentLenBuf, "Content-Length: %[^\n]%n", contentLen, &contentnum);
if (1==r) {
contentLenBuf+=contentnum;
} else if (0==r) contentLenBuf++;
else break;
r=sscanf(signBuf,"Signature: %[^\n]%n",sign,&headnum);
if (1==r) {
signBuf+=headnum;
} else if (0==r) signBuf++;
else break;
r=sscanf(timeBuf,"Timestamp: %[^\n]%n",timestamp,&m);
if (1==r) {
timeBuf+=m;
} else if (0==r) timeBuf++;
else break;
}
char *body = malloc(BUFFER_SIZE);
memcpy(body, data+(strlen(data)-atoi(contentLen)), atoi(contentLen));
// 在这一步之前body如果是图片内容,打印出来是空的,下一步验证就失败;如果body是文本内容就验证成功
verifyByRSA(pubKey, body, strlen(body), sign);
strcpy(resp, body);
}
int verifyByRSA(char* publicKey, const unsigned char * pData, size_t dataLength, unsigned char * sign)
{
RSA* rsa_pub_key = createPublicRSA(publicKey);
if (rsa_pub_key == NULL)
{
printf("\n创建公钥内容失败\n");
return false;
}
unsigned char szSha1Data[SHA_DIGEST_LENGTH+1] = { 0 };
memset(szSha1Data, 0, sizeof(szSha1Data));
SHA_CTX c;
if (!SHA1_Init(&c))
{
printf("\n初始化sha1算法失败!\n");
return false;
}
SHA1_Update(&c, pData, strlen((char*)pData));
SHA1_Final(szSha1Data, &c);
OPENSSL_cleanse(&c, sizeof(c));
unsigned char *outstr = base64_decode(sign);
int r = RSA_verify(NID_sha1, szSha1Data, SHA_DIGEST_LENGTH, outstr, 256, rsa_pub_key);
RSA_free(rsa_pub_key);
if (1 == r)
{
printf("验签成功\n");
return 0;
}
else
{
printf("验签失败\n");
return 1;
}
}
|
|