您的位置: 首页  >  技术问答  >  cryptlib cryptSignCert失败

cryptlib cryptSignCert失败

分类: 技术问答 2022-06-21 18:37:38
问题描述:

我实际上是编程和端到端加密日历。为此,我正在使用cryptlib。我已经或多或少地复制了manual的代码。但总是,当我尝试生成一个根约。它在cryptSignCert()时失败,错误代码为-2。 (这意味着,根据手册,第二个参数存在问题)
这里有一些代码来重现问题。
cryptlib cryptSignCert失败

#include <iostream> 
#include <cstring> 

#include "cryptlib.h" 

/*Generating a root ca*/ 
auto genRootCA(const char* commonName,const char* keyLabel,const char* country) -> int 
{ 
    int status; 
    CRYPT_CONTEXT cryptContext; 

    cryptCreateContext(&cryptContext, CRYPT_UNUSED, CRYPT_ALGO_RSA); 
    cryptSetAttributeString(cryptContext, CRYPT_CTXINFO_LABEL, keyLabel, strlen(keyLabel)); 
    cryptGenerateKey(cryptContext); 

    CRYPT_CERTIFICATE cryptCertificate; 
    cryptCreateCert(&cryptCertificate,CRYPT_UNUSED,CRYPT_CERTTYPE_CERTIFICATE); 
    cryptSetAttributeString(cryptCertificate,CRYPT_CERTINFO_COUNTRYNAME,country,strlen(country)); 
    cryptSetAttributeString(cryptCertificate,CRYPT_CERTINFO_COMMONNAME,commonName,strlen(commonName)); 

    //Set to self-signed 
    cryptSetAttribute(cryptCertificate,CRYPT_CERTINFO_SELFSIGNED,1); 
    cryptSetAttribute(cryptCertificate,CRYPT_CERTINFO_CA,1); 

    //Sign certificate 
    status = cryptSignCert(cryptCertificate,cryptContext); //This is, what is actually not working 
    if(cryptStatusError(status)) 
    { 
     cryptDestroyContext(cryptContext); 
     cryptDestroyCert(cryptCertificate); 
     return(status); 
    } 

    //Save data to disk....(cut out) 
} 

int main() 
{ 
    cryptInit(); 
    cryptAddRandom(NULL,CRYPT_RANDOM_FASTPOLL); 
    std::cout << "Generating root ca.\n"; 
    int r = genRootCA("[email protected]","Private key","DE"); 
    std::cout << "Returned value " << r << std::endl; 
    cryptEnd(); 
}

在此先感谢, 大卫。

+0

*“我已经或多或少复制了手册中的代码”*现在这意味着什么?我们是否应该通过您的代码和手册来发现任何差异?请[编辑]您的问题以提供[mcve]。 –

+0

另外,请尝试拿出一个更好的标题。 *“不工作”*是关于可能的最不实用的问题描述。 –

+0

对不起,但我没有看到你的观点。我从来没有使用cryptlib,所以不知道它会如何正常工作。如果你看看手册,你会注意到,没有可以复制和粘贴的代码。 –

我终于找到了解决方案。我忘记将公钥添加到证书中。这里是一个工作示例代码:

#include <iostream> 
#include <cstring> 

#include "cryptlib.h" 

/* generating the root ca */ 
auto genRootCA(const char* commonName,const char* keyLabel, const char* country,const char* path, const char* password) -> int 
{ 
    int status; 
    CRYPT_CONTEXT cryptContext; 

    cryptCreateContext(&cryptContext, CRYPT_UNUSED, CRYPT_ALGO_RSA); 

    cryptSetAttributeString(cryptContext, CRYPT_CTXINFO_LABEL, keyLabel, strlen(keyLabel)); 

    cryptGenerateKey(cryptContext); 

    CRYPT_CERTIFICATE cryptCertificate; 
    cryptCreateCert(&cryptCertificate,CRYPT_UNUSED,CRYPT_CERTTYPE_CERTIFICATE); 

    /* Add the public key */ 
    status = cryptSetAttribute(cryptCertificate, 
    CRYPT_CERTINFO_SUBJECTPUBLICKEYINFO, cryptContext); 

    cryptSetAttributeString(cryptCertificate,CRYPT_CERTINFO_COUNTRYNAME,country,strlen(country)); 

    cryptSetAttributeString(cryptCertificate,CRYPT_CERTINFO_COMMONNAME,commonName,strlen(commonName)); 

    //Set to self-signed 
    cryptSetAttribute(cryptCertificate,CRYPT_CERTINFO_SELFSIGNED,1); 
    cryptSetAttribute(cryptCertificate,CRYPT_CERTINFO_CA,1); 

    //Sign certificate 
    status = cryptSignCert(cryptCertificate,cryptContext); //Works now 
    if(cryptStatusError(status)) 
    { 
     cryptDestroyContext(cryptContext); 
     cryptDestroyCert(cryptCertificate); 
     return(status); 
    } 

    //Saving data to disk (cut out) 

    return CRYPT_OK; 
} 

int main() 
{ 
    cryptInit(); 
    cryptAddRandom(NULL,CRYPT_RANDOM_FASTPOLL); 
    std::cout << "Generating root ca.\n"; 
    int r = genRootCA("[email protected]","Private key","DE","key.pem","abc"); 
    std::cout << "Returned value " << r << std::endl; 
    cryptEnd(); 
}

我希望这可以帮助别人,谁都有同样的问题。

相关推荐