/* * LicenseSigner.cpp (Windows) * * Created on: Apr 6, 2014 * */ #include #include #include #include #pragma comment(lib, "crypt32.lib") #include #include #include #define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING) #include "../private-key.h" #include "../LicenseSigner.h" #include "../../library/base/logger.h" namespace license { using namespace std; LicenseSigner::LicenseSigner() { os_initialize(); if (CryptAcquireContext( &hProv, "license-manager2++", MS_ENHANCED_PROV, PROV_RSA_FULL, //CRYPT_NEWKEYSET 0)) { LOG_DEBUG("CSP context acquired."); } else { LOG_ERROR("Error during CryptAcquireContextc %d.",GetLastError()); throw exception(); } if (CryptImportKey( hProv, PRIVATE_KEY, sizeof(PRIVATE_KEY), 0, 0, &hPubKey)) { LOG_DEBUG("The key has been imported.\n"); } else { LOG_ERROR("Private key import failed.\n"); throw exception(); } } LicenseSigner::LicenseSigner(const std::string& alternatePrimaryKey) { os_initialize(); } string LicenseSigner::Opensslb64Encode(size_t slen, unsigned char* signature) { return NULL; } string LicenseSigner::signString(const string& license) { //------------------------------------------------------------------- // Declare and initialize variables. BYTE *pbBuffer = (BYTE *)license.c_str(); DWORD dwBufferLen = strlen((char *)pbBuffer) + 1; HCRYPTHASH hHash; HCRYPTKEY hKey; BYTE *pbKeyBlob; BYTE *pbSignature; DWORD dwSigLen; DWORD dwBlobLen; //------------------------------------------------------------------- // Acquire a cryptographic provider context handle. //------------------------------------------------------------------- // Get the public at signature key. This is the public key // that will be used by the receiver of the hash to verify // the signature. In situations where the receiver could obtain the // sender's public key from a certificate, this step would not be // needed. if (CryptGetUserKey( hProv, AT_SIGNATURE, &hKey)) { printf("The signature key has been acquired. \n"); } else { printf("Error during CryptGetUserKey for signkey. %d", GetLastError()); } //------------------------------------------------------------------- // Create the hash object. if (CryptCreateHash( hProv, CALG_SHA1, 0, 0, &hHash)) { printf("Hash object created. \n"); } else { LOG_ERROR("Error during CryptCreateHash."); } //------------------------------------------------------------------- // Compute the cryptographic hash of the buffer. if (CryptHashData( hHash, pbBuffer, dwBufferLen, 0)) { printf("The data buffer has been hashed.\n"); } else { LOG_ERROR("Error during CryptHashData."); } //------------------------------------------------------------------- // Determine the size of the signature and allocate memory. dwSigLen = 0; if (CryptSignHash( hHash, AT_SIGNATURE, NULL, 0, NULL, &dwSigLen)) { printf("Signature length %d found.\n", dwSigLen); } else { LOG_ERROR("Error during CryptSignHash."); } //------------------------------------------------------------------- // Allocate memory for the signature buffer. if (pbSignature = (BYTE *)malloc(dwSigLen)) { printf("Memory allocated for the signature.\n"); } else { LOG_ERROR("Out of memory."); } //------------------------------------------------------------------- // Sign the hash object. if (CryptSignHash( hHash, AT_SIGNATURE, NULL, 0, pbSignature, &dwSigLen)) { printf("pbSignature is the hash signature.\n"); } else { LOG_ERROR("Error during CryptSignHash."); } //------------------------------------------------------------------- // Destroy the hash object. if (hHash) CryptDestroyHash(hHash); printf("The hash object has been destroyed.\n"); printf("The signing phase of this program is completed.\n\n"); //------------------------------------------------------------------- // In the second phase, the hash signature is verified. // This would most often be done by a different user in a // separate program. The hash, signature, and the PUBLICKEYBLOB // would be read from a file, an email message, // or some other source. // Here, the original pbBuffer, pbSignature, szDescription. // pbKeyBlob, and their lengths are used. // The contents of the pbBuffer must be the same data // that was originally signed. //------------------------------------------------------------------- // Get the public key of the user who created the digital signature // and import it into the CSP by using CryptImportKey. This returns // a handle to the public key in hPubKey. /*if (CryptImportKey( hProv, pbKeyBlob, dwBlobLen, 0, 0, &hPubKey)) { printf("The key has been imported.\n"); } else { MyHandleError("Public key import failed."); } //------------------------------------------------------------------- // Create a new hash object. if (CryptCreateHash( hProv, CALG_MD5, 0, 0, &hHash)) { printf("The hash object has been recreated. \n"); } else { MyHandleError("Error during CryptCreateHash."); } //------------------------------------------------------------------- // Compute the cryptographic hash of the buffer. if (CryptHashData( hHash, pbBuffer, dwBufferLen, 0)) { printf("The new hash has been created.\n"); } else { MyHandleError("Error during CryptHashData."); } //------------------------------------------------------------------- // Validate the digital signature. if (CryptVerifySignature( hHash, pbSignature, dwSigLen, hPubKey, NULL, 0)) { printf("The signature has been verified.\n"); } else { printf("Signature not validated!\n"); } //------------------------------------------------------------------- // Free memory to be used to store signature. if (pbSignature) free(pbSignature); //------------------------------------------------------------------- // Destroy the hash object. if (hHash) CryptDestroyHash(hHash);*/ //------------------------------------------------------------------- // Release the provider handle. if (hProv) CryptReleaseContext(hProv, 0); return string(""); } // End of main void LicenseSigner::signLicense(FullLicenseInfo& licenseInfo) { string license = licenseInfo.printForSign(); string signature = signString(license); licenseInfo.license_signature = signature; } LicenseSigner::~LicenseSigner() { } } /* namespace license */