CryptVerifySignature

Aus API-Wiki
Wechseln zu: Navigation, Suche

Mit der Funktion CryptVerifySignature kann die Gültigkeit einer Signatur überprüft werden.

<<syntaxhighlight lang="vb">>Declare Function CryptVerifySignature Lib "advapi32.dll" _

                Alias "CryptVerifySignatureA" ( _
                ByVal hHash As Long, _
                ByRef pbSignature As Any, _
                ByVal dwSigLen As Long, _
                ByVal hPubKey As Long, _
                ByVal sDescription As Long, _
                ByVal dwFlags As Long) As Long</<syntaxhighlight lang="vb">>

Parameter

hHash

[in] Handle eines mit CryptCreateHash erstellten Hash Objekts in welches die signierten Daten mit CryptHashData geschrieben wurden.

pbSignature

[in] Zeiger auf die Signaturdaten die mittels CryptSignHash erstellt wurden.

pdwSigLen

[in] Grösse des in pbSignature bereitgestellten Daten in Bytes.

hPubKey

[in] Handle des öffentlichen Schlüssels mit dem die Daten signiert wurden.

sDescription

[in] Dieser Parameter wird nicht mehr verwendet und muss auf NULL gesetzt werden.

dwFlags

[in] Optionale Parameter:
CRYPT_NOHASHOID
CRYPT_TYPE2_FORMAT
CRYPT_X931_FORMAT

Rückgabe(n)

Bei Erfolg (d.h. die Signatur war gültig) wird ein Wert ungleich 0 zurückgegeben.

Beispiel

<<syntaxhighlight lang="vb">>Option Explicit

Private Declare Function CryptAcquireContext Lib "advapi32.dll" _

                Alias "CryptAcquireContextA" ( _
                ByRef phProv As Long, _
                ByVal pszContainer As String, _
                ByVal pszProvider As String, _
                ByVal dwProvType As Long, _
                ByVal dwFlags As Long) As Long

Private Declare Function CryptReleaseContext Lib "advapi32.dll" ( _

                ByVal hProv As Long, _
                ByVal dwFlags As Long) As Long
                

Private Declare Function CryptCreateHash Lib "advapi32.dll" ( _

                ByVal hProv As Long, _
                ByVal AlgID As Long, _
                ByVal hKey As Long, _
                ByVal dwFlags As Long, _
                ByRef phHash As Long) As Long

Private Declare Function CryptDestroyHash Lib "advapi32.dll" ( _

                ByVal hHash As Long) As Long

Private Declare Function CryptDestroyKey Lib "advapi32.dll" ( _

                ByVal hKey As Long) As Long

Private Declare Function CryptHashData Lib "advapi32.dll" ( _

                ByVal hHash As Long, _
                ByVal pbData As Long, _
                ByVal dwDataLen As Long, _
                ByVal dwFlags As Long) As Long

Private Declare Function CryptSignHash Lib "advapi32.dll" _

                Alias "CryptSignHashA" ( _
                ByVal hHash As Long, _
                ByVal dwKeySpec As Long, _
                ByVal sDescription As Long, _
                ByVal dwFlags As Long, _
                ByRef pbSignature As Any, _
                ByRef pdwSigLen As Long) As Long
                

Private Declare Function CryptGenKey Lib "advapi32.dll" ( _

                ByVal hProv As Long, _
                ByVal AlgID As Long, _
                ByVal dwFlags As Long, _
                ByRef phKey As Long) As Long

Private Declare Function CryptGetUserKey Lib "advapi32.dll" ( _

                ByVal hProv As Long, _
                ByVal dwKeySpec As Long, _
                ByRef phUserKey As Long) As Long
                

Private Declare Function CryptExportKey Lib "advapi32.dll" ( _

                ByVal hKey As Long, _
                ByVal hExhKey As Long, _
                ByVal dwBlobType As Long, _
                ByVal dwFlags As Long, _
                ByRef pbData As Any, _
                ByRef pdwDataLen As Long) As Long

Private Declare Function CryptImportKey Lib "advapi32.dll" ( _

                ByVal hProv As Long, _
                ByRef pbData As Any, _
                ByVal dwDataLen As Long, _
                ByVal hPubKey As Long, _
                ByVal dwFlags As Long, _
                ByRef phKey As Long) As Long

Private Declare Function CryptVerifySignature Lib "advapi32.dll" _

                Alias "CryptVerifySignatureA" ( _
                ByVal hHash As Long, _
                ByRef pbSignature As Any, _
                ByVal dwSigLen As Long, _
                ByVal hPubKey As Long, _
                ByVal sDescription As Long, _
                ByVal dwFlags As Long) As Long
                

Private Const MS_DEF_PROV As String = _

                   "Microsoft Base Cryptographic Provider v1.0"

Private Const PROV_RSA_FULL As Long = 1

Private Const CRYPT_NEWKEYSET As Long = &H8

Private Const AT_SIGNATURE As Long = 2

Private Const PUBLICKEYBLOB As Long = &H6

Private Const CRYPT_EXPORTABLE As Long = &H1

Const ALG_CLASS_KEY_EXCHANGE As Long = &HA000& Const ALG_CLASS_HASH As Long = &H8000& Const ALG_CLASS_DATA_ENCRYPT As Long = &H6000& Const ALG_CLASS_SIGNATURE As Long = &H2000& Const ALG_TYPE_STREAM As Long = &H800& Const ALG_TYPE_BLOCK As Long = &H600& Const ALG_TYPE_RSA As Long = &H400& Const ALG_TYPE_ANY As Long = 0 Const ALG_SID_RSA_ANY As Long = 0 Const ALG_SID_MD2 As Long = 1 Const ALG_SID_MD4 As Long = 2 Const ALG_SID_MD5 As Long = 3 Const ALG_SID_SHA As Long = 4 Const ALG_SID_SHA_256 As Long = 12 Const ALG_SID_SHA_384 As Long = 13 Const ALG_SID_SHA_512 As Long = 14 Const ALG_SID_RC4 As Long = 1 Const ALG_SID_DES As Long = 1 Const ALG_SID_RC2 As Long = 2 Const ALG_SID_3DES As Long = 3 Const ALG_SID_3DES_112 As Long = 9 Const ALG_SID_AES_128 As Long = 14 Const ALG_SID_AES_192 As Long = 15 Const ALG_SID_AES_256 As Long = 16 Const ALG_SID_AES As Long = 17

'Hash Algorithmen: Enum EnmHashAlgo

   CALG_MD2 = (ALG_CLASS_HASH Or ALG_TYPE_ANY Or ALG_SID_MD2)
   CALG_MD4 = (ALG_CLASS_HASH Or ALG_TYPE_ANY Or ALG_SID_MD4)
   CALG_MD5 = (ALG_CLASS_HASH Or ALG_TYPE_ANY Or ALG_SID_MD5)
   CALG_SHA = (ALG_CLASS_HASH Or ALG_TYPE_ANY Or ALG_SID_SHA)
   CALG_SHA256 = (ALG_CLASS_HASH Or ALG_TYPE_ANY Or ALG_SID_SHA_256)
   CALG_SHA384 = (ALG_CLASS_HASH Or ALG_TYPE_ANY Or ALG_SID_SHA_384)
   CALG_SHA512 = (ALG_CLASS_HASH Or ALG_TYPE_ANY Or ALG_SID_SHA_512)

End Enum

'Rsa Keyexchange and Signature Algorithmen (asymmetrisch): Enum EnmRsaKeyTypes

   CALG_RSA_SIGN = (ALG_CLASS_SIGNATURE Or ALG_TYPE_RSA Or ALG_SID_RSA_ANY)
   CALG_RSA_KEYX = (ALG_CLASS_KEY_EXCHANGE Or ALG_TYPE_RSA Or ALG_SID_RSA_ANY)

End Enum

Private Sub Command1_Click()

   Dim sTestDaten As String
   Dim hCryptProv As Long
   Dim hPrivateKey As Long
   Dim hHash As Long
   Dim cbData As Long
   Dim btPublicKey() As Byte
   Dim btSignatureData() As Byte
   Dim hPublicKey As Long
   
   
   sTestDaten = "Hello World!"
   
   '--------------------------------------------------------------------------------------
   'Provider Kontext anfordern und gegebenenfalls RSA Signatur Schlüssel erstellen:
   If CryptAcquireContext(hCryptProv, "Mein Container", MS_DEF_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET) = 0 Then
       'Fehler->Existiert der Container bereits?
       If CryptAcquireContext(hCryptProv, "Mein Container", MS_DEF_PROV, PROV_RSA_FULL, 0) = 0 Then
           MsgBox "Kann MS Base Provider nicht finden!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
       
       'bestehenden RSA Signaturschlüssel ermitteln:
       ElseIf CryptGetUserKey(hCryptProv, AT_SIGNATURE, hPrivateKey) = 0 Then
           MsgBox "Kann auf bestehenden Schlüssel nicht zugreifen!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
       End If
   Else
       'neuen RSA Signaturschlüssel erzeugen:
       If CryptGenKey(hCryptProv, CALG_RSA_SIGN, CRYPT_EXPORTABLE, hPrivateKey) = 0 Then
           MsgBox "Kann Schlüssel nicht erstellen!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
       End If
   End If
   
   
   '--------------------------------------------------------------------------------------
   'Hash Objekt erstellen:
   If CryptCreateHash(hCryptProv, CALG_SHA, 0, 0, hHash) = 0 Then
       MsgBox "Kann Hash Objekt nicht erstellen!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
   
   'Die zu signierenden Daten ins Hash Objekt schreiben:
   ElseIf CryptHashData(hHash, StrPtr(sTestDaten), LenB(sTestDaten), 0) = 0 Then
       MsgBox "Kann Daten nicht in Hash schreiben!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
   
   'Länge der Signatur Daten ermitteln:
   ElseIf CryptSignHash(hHash, AT_SIGNATURE, 0, 0, ByVal 0, cbData) = 0 Then
       MsgBox "Kann Signatur Länge nicht ermitteln!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
   Else
       'Speicher reservieren und Signatur abholen:
       ReDim Preserve btSignatureData(cbData - 1)
       If CryptSignHash(hHash, AT_SIGNATURE, 0, 0, btSignatureData(0), cbData) = 0 Then
           MsgBox "Kann Daten nicht signieren!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
       End If
   End If
   '--------------------------------------------------------------------------------------
   'Öffentlichen Teil des Signaturschlüssels exportieren:
   If CryptExportKey(hPrivateKey, 0, PUBLICKEYBLOB, 0, ByVal 0, cbData) = 0 Then
       MsgBox "Kann Schlüssel Länge nicht ermitteln!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
   Else
       'Speicher reservieren und Schlüsseldaten abholen:
       ReDim Preserve btPublicKey(cbData - 1)
       If CryptExportKey(hPrivateKey, 0, PUBLICKEYBLOB, 0, btPublicKey(0), cbData) = 0 Then
           MsgBox "Kann Schlüssel nicht exportieren!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
       End If
   End If
   
   If hPrivateKey <> 0 Then CryptDestroyKey hPrivateKey
   If hHash <> 0 Then CryptDestroyHash hHash 
   
   '<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
   'Die Signaturdaten und die Daten des öffentlichen Schlüssels werden nun weitergegeben
   'und können mit dem folgenden Code überprüft werden:    
   
   '--------------------------------------------------------------------------------------
   'Öffentlichen Schlüssel importieren:
   If CryptImportKey(hCryptProv, btPublicKey(0), UBound(btPublicKey) + 1, 0, 0, hPublicKey) = 0 Then
       MsgBox "Kann Schlüssel nicht importieren!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
   
   'Hash Objekt erstellen:
   ElseIf CryptCreateHash(hCryptProv, CALG_SHA, 0, 0, hHash) = 0 Then
       MsgBox "Kann Hash Objekt nicht erstellen!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
   
   'Die signierten Daten ins Hash Objekt schreiben:
   ElseIf CryptHashData(hHash, StrPtr(sTestDaten), LenB(sTestDaten), 0) = 0 Then
       MsgBox "Kann Daten nicht in Hash schreiben!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
   
   'Signatur überprüfen:
   ElseIf CryptVerifySignature(hHash, btSignatureData(0), UBound(btSignatureData) + 1, hPublicKey, 0, 0) = 0 Then
       MsgBox "Fehler beim überprüfen der Signatur!", <syntaxhighlight lang="vb">Exclamation, "Fehler:"
   Else
       MsgBox "Signatur ist gültig!", <syntaxhighlight lang="vb">Information, "Erfolg:"
   End If
   
   If hPublicKey <> 0 Then CryptDestroyKey hPublicKey
   If hHash <> 0 Then CryptDestroyHash hHash
   If hCryptProv <> 0 Then CryptReleaseContext hCryptProv, 0

End Sub</<syntaxhighlight lang="vb">>