Load an X509 PEM file into Windows CryptoApi
http://stackoverflow.com/questions/1231178/load-an-x509-pem-file-into-windows-cryptoapi
I discovered the "magic" sequence of calls to import a RSA public key in PEM format. Here you go:
- decode the key into a binary blob with CryptStringToBinary; pass CRYPT_STRING_BASE64HEADER in dwFlags
- decode the binary key blob into a CERT_PUBLIC_KEY_INFO with CryptDecodeObjectEx; pass X509_ASN_ENCODING in dwCertEncodingType and X509_PUBLIC_KEY_INFO in lpszStructType
- decode the PublicKey blob from the CERT_PUBLIC_KEY_INFO into a RSA key blob with CryptDecodeObjectEx; pass X509_ASN_ENCODING in dwCertEncodingType and RSA_CSP_PUBLICKEYBLOB in lpszStructType
- import the RSA key blob with CryptImportKey
This sequence really helped me understand what's going on, but it didn't work for me as-is. The second call to
CryptDecodeObjectExgave me an error: "ASN.1 bad tag value met". After many attempts at understanding Microsoft documentation, I finally realized that the output of the fist decode cannot be decoded as ASN again, and that it is actually ready for import. With this understanding I found the answer in the following link:http://www.ms-news.net/f2748/problem-importing-public-key-4052577.html
int main()
{
char pemPubKey[2048];
int readLen;
char derPubKey[2048];
size_t derPubKeyLen = 2048;
CERT_PUBLIC_KEY_INFO *publicKeyInfo;
int publicKeyInfoLen;
HANDLE hFile;
HCRYPTPROV hProv = 0;
HCRYPTKEY hKey = 0; /*
* Read the public key cert from the file
*/
hFile = CreateFileA( "c:\\pub.pem", GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL );
if ( hFile == INVALID_HANDLE_VALUE )
{
fprintf( stderr, "Failed to open file. error: %d\n", GetLastError() );
} if ( !ReadFile( hFile, pemPubKey, 2048, &readLen, NULL ) )
{
fprintf( stderr, "Failed to read file. error: %d\n", GetLastError() );
} /*
* Convert from PEM format to DER format - removes header and footer and decodes from base64
*/
if ( !CryptStringToBinaryA( pemPubKey, 0, CRYPT_STRING_BASE64HEADER, derPubKey, &derPubKeyLen, NULL, NULL ) )
{
fprintf( stderr, "CryptStringToBinary failed. Err: %d\n", GetLastError() );
} /*
* Decode from DER format to CERT_PUBLIC_KEY_INFO
*/
if ( !CryptDecodeObjectEx( X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, derPubKey, derPubKeyLen,
CRYPT_ENCODE_ALLOC_FLAG, NULL, &publicKeyInfo, &publicKeyInfoLen ) )
{
fprintf( stderr, "CryptDecodeObjectEx 1 failed. Err: %p\n", GetLastError() );
return -1;
} /*
* Acquire context
*/
if( !CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) )
{
{
printf( "CryptAcquireContext failed - err=0x%x.\n", GetLastError() );
return -1;
}
} /*
* Import the public key using the context
*/
if ( !CryptImportPublicKeyInfo( hProv, X509_ASN_ENCODING, publicKeyInfo, &hKey ) )
{
fprintf( stderr, "CryptImportPublicKeyInfo failed. error: %d\n", GetLastError() );
return -1;
}
LocalFree( publicKeyInfo ); /*
* Now use hKey to encrypt whatever you need.
*/ return 0;
}
Load an X509 PEM file into Windows CryptoApi的更多相关文章
- No redirect found in host configuration file (C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet.config).
Configuration Error Description: An error occurred during the processing of a configuration file req ...
- pk8和x509.pem转换成keystore
转自:http://www.cnblogs.com/platte/p/3511814.html 一 在github上下载工具 https://github.com/getfatday/keytool- ...
- android初级篇之apk签名key keystore格式转pk8+x509.pem
转自:http://www.jianshu.com/p/3bd5c68cc44d 常用的android的签名工具有两个即jarsigner 和apksigner.这两种使用的key格式不一样,keys ...
- wordpress无法安装这个包。: PCLZIP_ERR_MISSING_FILE (-4) : Missing archive file 'C:\WINDOWS\TEMP/wordpress-4.tmp'
朋友的wp博客好久没管理了,让ytkah帮忙打理一下,进到后台发现版本还是3.9的,那是比较早以前的版本了,早该升级了. 在升级wordpress时出现以下错误: 无法安装这个包: PCLZIP_ER ...
- server error in '/' applecation----Compiler Error Message: CS0016: Could not write to output file 'c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\xx' -- 'Access is denied
今天在阿里云虚拟机上部署新站点后出现下面的错误:server error in '/' applecation Compiler Error Message: CS0016: Could not wr ...
- How to create .gitignore file in Windows Explorer
How to create .gitignore file I need to add some rules to my .gitignore file, however, I can't find ...
- Unreal: Dynamic load map from Pak file
Unreal: Dynamic load map from Pak file 目标:在程序运行时加载自定义 Pak 文件,并打开指定关卡,显示其中的完整 map 内容 Unreal 的 Pak 文件内 ...
- How to load a local .CSS file & JavaScript resources using iPhone UIWebView Class
This post will cover the basic setup and creation of an application with web content for iPhone that ...
- Launch a Batch File With Windows Installer
Quote from: http://flexerasoftware.force.com/articles/en_US/HOWTO/Q111515 Synopsis This article desc ...
随机推荐
- 【转】How-To-Ask-Questions-The-Smart-Way
提问的智慧 How To Ask Questions The Smart Way Copyright © 2001,2006,2014 Eric S. Raymond, Rick Moen 本指南英文 ...
- iOS学习笔记---oc语言第三天
继承.初始化方法 一.继承 继承的上层:父类 继承的下层:子类 继承是单向的,不能相互继承 继承具有传递性:A继承于B,B继承于C,A具有B和C的特征和行为 子类能继承父类全部的特征和行为(私有变量 ...
- Java-->一个只能运行十次的程序
--> 感觉没什么营养的样子啊... package com.dragon.java.tensoftware; import java.io.BufferedReader; import jav ...
- 弹出层是iframe引入的页面,如果用js进行隐藏呢?
<script> $(document).ready(function(){ $('.bjfh').click(function(){ parent.document.getElement ...
- NOIP2016 D1T1 玩具迷題(toy)
题目描述 小南有一套可爱的玩具小人, 它们各有不同的职业. 有一天, 这些玩具小人把小南的眼镜藏了起来. 小南发现玩具小人们围成了一个圈,它们有的面朝圈内,有的面朝圈外.如下图: 这时singer告诉 ...
- ntpdate:no server suitable for synchronization found
Question: 在使用ntpdate同步时间时,出现了no server suitable for synchronization found的报错. 通过ntpdate -d s2m.time. ...
- POJ-2486 Apple Tree (树形DP)
题目大意:一棵点带权有根树,根节点为1.从根节点出发,走k步,求能收集的最大权值和. 题目分析:从一个点向其某棵子树出发有三种可能的情况: 1.停留在那棵子树上: 2.再回到这个点: 3.经过这个点走 ...
- [原创]cocos2d-x研习录—前言
我认为很多开发者面对层出不穷的新技术.新思想和新理念,最为之苦恼的是找不到行之有效的学习方法,对于知识的本质缺乏认识,虽阅读了大量教材,却无法将其融入自己的知识体系,并搭建自己的知识树.不可否认,教材 ...
- jquery插件参数传递
当传递的参数在函数中未定义时,不会报错,但也不会发生作用,这会造成怎么传递参数不起作用的困惑.
- 开源App之MyHearts(二)
前言 小弟技术有限,有的地方也是自己摸索出来的,可能和大神们写的好的代码没法比,但是我会努力的.要对自己说下,加油!! 此次更新 1.集成QQ登录完成 集成QQ登录网上写的介绍已经很多了,这里就不详细 ...