| ||||
| ||||
| Подписываю сообщение следующим образом: DWORD cbContent; HCRYPTPROV hCryptProv; HCERTSTORE hStoreHandle; PCCERT_CONTEXT pSignerCert; CMSG_SIGNER_ENCODE_INFO SignerEncodeInfo; CMSG_SIGNER_ENCODE_INFO SignerEncodeInfoArray[1]; CERT_BLOB SignerCertBlob; CERT_BLOB SignerCertBlobArray[1]; CMSG_SIGNED_ENCODE_INFO SignedMsgEncodeInfo; DWORD cbEncodedBlob; BYTE* pbEncodedBlob; HCRYPTMSG hMsg; HCRYPTMSG cryptMsg; DWORD dwKeySpec; CRYPT_VERIFY_MESSAGE_PARA msgPara; const BYTE* pbContent = (BYTE*)"Test Message."; cbContent = strlen((char *) pbContent)+1; //îòêðûâàåì õðàíèëèùå MY hStoreHandle = CertOpenStore( CERT_STORE_PROV_SYSTEM, 0, NULL, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if(!hStoreHandle) { MyHandleError( "Could not open the MY system store."); } //ïîëó÷àåì êîíòåêñò ñåðòèôèêàòà êîòîðûì áóäåì ïîäïèñûâàòü pSignerCert = CertFindCertificateInStore( hStoreHandle, MY_ENCODING_TYPE, 0, CERT_FIND_SUBJECT_STR, SIGNER_NAME, NULL); if (!pSignerCert) { MyHandleError("Cert not found.\n"); } //ïîëó÷åíèå äåñêðèïòîðà çàêðûòîãî êëþ÷à if(!(CryptAcquireCertificatePrivateKey( pSignerCert, 0, NULL, &hCryptProv, &dwKeySpec, NULL))) { MyHandleError("CryptAcquireContext failed"); } memset(&SignerEncodeInfo, 0, sizeof(CMSG_SIGNER_ENCODE_INFO)); SignerEncodeInfo.cbSize = sizeof(CMSG_SIGNER_ENCODE_INFO); SignerEncodeInfo.pCertInfo = pSignerCert->pCertInfo; SignerEncodeInfo.hCryptProv = hCryptProv; SignerEncodeInfo.dwKeySpec = dwKeySpec; SignerEncodeInfo.HashAlgorithm.pszObjId = szOID_RSA_MD5; SignerEncodeInfo.pvHashAuxInfo = NULL; SignerEncodeInfoArray[0] = SignerEncodeInfo; SignerCertBlob.cbData = pSignerCert->cbCertEncoded; SignerCertBlob.pbData = pSignerCert->pbCertEncoded; SignerCertBlobArray[0] = SignerCertBlob; memset(&SignedMsgEncodeInfo, 0, sizeof(CMSG_SIGNED_ENCODE_INFO)); SignedMsgEncodeInfo.cbSize = sizeof(CMSG_SIGNED_ENCODE_INFO); SignedMsgEncodeInfo.cSigners = 1; SignedMsgEncodeInfo.rgSigners = SignerEncodeInfoArray; SignedMsgEncodeInfo.cCertEncoded = 1; SignedMsgEncodeInfo.rgCertEncoded = SignerCertBlobArray; if(!(cbEncodedBlob = CryptMsgCalculateEncodedLength( MY_ENCODING_TYPE, // Message encoding type 0, // Flags CMSG_SIGNED, // Message type &SignedMsgEncodeInfo, // Pointer to structure NULL, // Inner content OID cbContent))) // Size of content { MyHandleError("Getting cbEncodedBlob length failed."); } if(!(pbEncodedBlob = (BYTE *) malloc(cbEncodedBlob))) { MyHandleError("Malloc operation failed."); } if(!(hMsg = CryptMsgOpenToEncode( MY_ENCODING_TYPE, // Encoding type CMSG_DETACHED_FLAG, // Flags CMSG_SIGNED, // Message type &SignedMsgEncodeInfo, // Pointer to structure NULL, // Inner content OID NULL))) // Stream information (not used) { MyHandleError("OpenToEncode failed"); } if(!(CryptMsgUpdate( hMsg, // Handle to the message pbContent, // Pointer to the content cbContent, // Size of the content TRUE))) // Last call { MyHandleError("MsgUpdate failed"); } if(!CryptMsgGetParam( hMsg, // Handle to the message CMSG_CONTENT_PARAM, // Parameter type 0, // Index pbEncodedBlob, // Pointer to the BLOB &cbEncodedBlob)) // Size of the BLOB { MyHandleError("MsgGetParam failed."); } Подскажите последовательность действий поподробнее, чтоб доподписывать данное сообщение другим сертификатом? буду признателен | ||||
| Ответы: | ||||
| ||||
| Hello! Good Site! Thanks you! xposgyjfrsen | ||||
Волков