Load an X509 PEM file into Windows CryptoApi
http://stackoverflow.com/questions/1231178/load-an-x509-pem-file-into-windows-cryptoapi
I discovered the "magic" sequence of calls to import a RSA public key in PEM format. Here you go:
- decode the key into a binary blob with CryptStringToBinary; pass CRYPT_STRING_BASE64HEADER in dwFlags
- decode the binary key blob into a CERT_PUBLIC_KEY_INFO with CryptDecodeObjectEx; pass X509_ASN_ENCODING in dwCertEncodingType and X509_PUBLIC_KEY_INFO in lpszStructType
- decode the PublicKey blob from the CERT_PUBLIC_KEY_INFO into a RSA key blob with CryptDecodeObjectEx; pass X509_ASN_ENCODING in dwCertEncodingType and RSA_CSP_PUBLICKEYBLOB in lpszStructType
- import the RSA key blob with CryptImportKey
This sequence really helped me understand what's going on, but it didn't work for me as-is. The second call to
CryptDecodeObjectExgave me an error: "ASN.1 bad tag value met". After many attempts at understanding Microsoft documentation, I finally realized that the output of the fist decode cannot be decoded as ASN again, and that it is actually ready for import. With this understanding I found the answer in the following link:http://www.ms-news.net/f2748/problem-importing-public-key-4052577.html
int main()
{
char pemPubKey[2048];
int readLen;
char derPubKey[2048];
size_t derPubKeyLen = 2048;
CERT_PUBLIC_KEY_INFO *publicKeyInfo;
int publicKeyInfoLen;
HANDLE hFile;
HCRYPTPROV hProv = 0;
HCRYPTKEY hKey = 0; /*
* Read the public key cert from the file
*/
hFile = CreateFileA( "c:\\pub.pem", GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL );
if ( hFile == INVALID_HANDLE_VALUE )
{
fprintf( stderr, "Failed to open file. error: %d\n", GetLastError() );
} if ( !ReadFile( hFile, pemPubKey, 2048, &readLen, NULL ) )
{
fprintf( stderr, "Failed to read file. error: %d\n", GetLastError() );
} /*
* Convert from PEM format to DER format - removes header and footer and decodes from base64
*/
if ( !CryptStringToBinaryA( pemPubKey, 0, CRYPT_STRING_BASE64HEADER, derPubKey, &derPubKeyLen, NULL, NULL ) )
{
fprintf( stderr, "CryptStringToBinary failed. Err: %d\n", GetLastError() );
} /*
* Decode from DER format to CERT_PUBLIC_KEY_INFO
*/
if ( !CryptDecodeObjectEx( X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, derPubKey, derPubKeyLen,
CRYPT_ENCODE_ALLOC_FLAG, NULL, &publicKeyInfo, &publicKeyInfoLen ) )
{
fprintf( stderr, "CryptDecodeObjectEx 1 failed. Err: %p\n", GetLastError() );
return -1;
} /*
* Acquire context
*/
if( !CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) )
{
{
printf( "CryptAcquireContext failed - err=0x%x.\n", GetLastError() );
return -1;
}
} /*
* Import the public key using the context
*/
if ( !CryptImportPublicKeyInfo( hProv, X509_ASN_ENCODING, publicKeyInfo, &hKey ) )
{
fprintf( stderr, "CryptImportPublicKeyInfo failed. error: %d\n", GetLastError() );
return -1;
}
LocalFree( publicKeyInfo ); /*
* Now use hKey to encrypt whatever you need.
*/ return 0;
}
Load an X509 PEM file into Windows CryptoApi的更多相关文章
- No redirect found in host configuration file (C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet.config).
Configuration Error Description: An error occurred during the processing of a configuration file req ...
- pk8和x509.pem转换成keystore
转自:http://www.cnblogs.com/platte/p/3511814.html 一 在github上下载工具 https://github.com/getfatday/keytool- ...
- android初级篇之apk签名key keystore格式转pk8+x509.pem
转自:http://www.jianshu.com/p/3bd5c68cc44d 常用的android的签名工具有两个即jarsigner 和apksigner.这两种使用的key格式不一样,keys ...
- wordpress无法安装这个包。: PCLZIP_ERR_MISSING_FILE (-4) : Missing archive file 'C:\WINDOWS\TEMP/wordpress-4.tmp'
朋友的wp博客好久没管理了,让ytkah帮忙打理一下,进到后台发现版本还是3.9的,那是比较早以前的版本了,早该升级了. 在升级wordpress时出现以下错误: 无法安装这个包: PCLZIP_ER ...
- server error in '/' applecation----Compiler Error Message: CS0016: Could not write to output file 'c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\xx' -- 'Access is denied
今天在阿里云虚拟机上部署新站点后出现下面的错误:server error in '/' applecation Compiler Error Message: CS0016: Could not wr ...
- How to create .gitignore file in Windows Explorer
How to create .gitignore file I need to add some rules to my .gitignore file, however, I can't find ...
- Unreal: Dynamic load map from Pak file
Unreal: Dynamic load map from Pak file 目标:在程序运行时加载自定义 Pak 文件,并打开指定关卡,显示其中的完整 map 内容 Unreal 的 Pak 文件内 ...
- How to load a local .CSS file & JavaScript resources using iPhone UIWebView Class
This post will cover the basic setup and creation of an application with web content for iPhone that ...
- Launch a Batch File With Windows Installer
Quote from: http://flexerasoftware.force.com/articles/en_US/HOWTO/Q111515 Synopsis This article desc ...
随机推荐
- git不能提交jar的设置
项目目录下 文件:.gitignore ,里面设置: *.class # Package Files # *.jar *.war *.ear 删除*.jar
- 实战网卡bond
一.什么是网卡bond 所谓bond,就是把多个物理网卡绑定成一个逻辑上的网卡,使用同一个IP工作,在增加带宽的同时也可以提高冗余性,一般使用较多的就是来提高冗余,分别和不同交换机相连,提高可靠性,但 ...
- linux信号处理及libcurl的坑
前言: 最近有个项目, 需要访问第三方服务. 该服务是通过http的形式访问的, 为了安全和加密, 对方提供了一个加密用的C/C++库, 用于对参数进行处理. 鉴于此, 选用了C/C++语言 ...
- DB2中的ROW_NUMBER() OVER()函数用法
ROW_NUMBER() OVER()大概有俩方面的作用 1,分页, 并返回分页结果集.2,是对数据进行处理 分组 db2的分页: select tmp.* from ( SELECT rownu ...
- iOS平台网络类型检测
老大新增个需求,连接服务器时要区分内外网,需求理解了,现实很骨感啊,没办法,干. #import <Foundation/Foundation.h> /* 依赖于以下Framework S ...
- WebApp远程调试工具
针对存在内嵌在客户端的webview项目中,在开发过程中我们希望能像PC上一下直接进行调试,提高我们平时的开发效率,这时候我们可以使用webApp远程调试工具-weinre. 安装: 本工具需要nod ...
- java日期类型转换总结date timestamp calendar string
用Timestamp来记录日期时间还是很方便的,但有时候显示的时候是不需要小数位后面的毫秒的,这样就需要在转换为String时重新定义格式. Timestamp转化为String: S ...
- JavaWeb学习记录(十九)——jsp标签库
1.out标签 <% //局部变量 String name="zsf>&<zz"; pageContext.se ...
- spark Streaming的Receiver和Direct的优化对比
Direct 1.简化并行读取:如果要读取多个partition,不需要创建多个输入DStream然后对它们进行union操作.Spark会创建跟Kafka partition一样多的RDD part ...
- 黑马程序员——JAVA基础之包,权限
------- android培训.java培训.期待与您交流! ---------- 包(package) 对类文件进行分类管理. 给类提供多层命名空间. 写在程序文件的第一行. 类名的全称的是:包 ...