Статус: Новичок
Группы: Участники
Зарегистрирован: 13.04.2018(UTC) Сообщений: 4 Откуда: Москва
|
Требуется Ваша помощь, подпись добавляется и первая подпись нормальная, но через dss.cryptopro.ru/verify вторая подпись выдает ошибку "Не удалось проверить подпись CAdES-BES. Ошибка: [Элемент не найден]. Код: [0x80070490].Сертификат, на ключе которого было подписано сообщение, не найден.", прилагаю файл с подписью( tempFile.txt и tempFile_sig.txt.sig, код и подпись после прохода программы (tempFile.txt.sig):
DWORD do_low_add_sign (const char *infile,const char *infilesig, const char *outfilesig) { PCCRYPT_OID_INFO pOIDInfo = NULL; int include = 1; HCRYPTPROV hCryptProv = 0; // CSP handle PCCERT_CONTEXT pUserCert = NULL; // User certificate to be used DWORD keytype = 0; CSP_BOOL should_release_ctx = FALSE; DWORD ret = 1; FILE *tbs = NULL; BYTE *mem_tbs = NULL; DWORD mem_len = 0; FILE *tbs_sig = NULL; BYTE *mem_tbs_sig = NULL; DWORD mem_len_sig = 0; HCRYPTMSG hMsg = 0; DWORD HashAlgSize; DWORD dwSize; CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm; CMSG_SIGNER_ENCODE_INFO SignerEncodeInfo; CERT_BLOB SignerCertBlob; CERT_BLOB SignerCertBlobArray[1]; DWORD cbEncodedBlob; BYTE *pbEncodedBlob = NULL; CMSG_SIGNER_ENCODE_INFO SignerEncodeInfoArray[1]; CMSG_SIGNED_ENCODE_INFO SignedMsgEncodeInfo; CSP_BOOL bResult = FALSE; CRYPT_KEY_PROV_INFO *pProvInfo = NULL; HCERTSTORE hCertStore = 0; hCertStore = CertOpenSystemStore(0, "My"); if(!hCertStore){ ret = CSP_GetLastError(); fprintf (stderr, "CertOpenSystemStore failed."); goto err; } while( !bResult){ pUserCert= CertEnumCertificatesInStore(hCertStore, pUserCert); if(!pUserCert){ break; } bResult = CertGetCertificateContextProperty( pUserCert, CERT_KEY_PROV_INFO_PROP_ID, NULL, &dwSize); if (bResult) { free(pProvInfo); pProvInfo = (CRYPT_KEY_PROV_INFO *)malloc(dwSize); if (pProvInfo) { bResult = CertGetCertificateContextProperty( pUserCert, CERT_KEY_PROV_INFO_PROP_ID, pProvInfo, &dwSize); } } } if(!bResult){ fprintf (stderr, "No certificates with private key link."); goto err; } if (! infile) { fprintf (stderr, "No input file was specified\n"); goto err; } if (CryptAcquireCertificatePrivateKey( pUserCert, 0, //DWORD dwFlags, NULL, &hCryptProv, &keytype, // returned key type AT_SIGNATURE ! AT_KEYEXCAHGE &should_release_ctx // if FALSE DO NOT Release CTX )) { printf("A CSP has been acquired. \n"); } else { ret = CSP_GetLastError(); fprintf (stderr, "Cryptographic context could not be acquired."); goto err; } pOIDInfo = CPCryptGetDefaultHashOIDInfo(pUserCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId); if (!pOIDInfo) { ret = CSP_GetLastError(); fprintf (stderr, "Cannot determine hash algorithm."); goto err; } tbs = fopen (infile, "rb"); if (!tbs) { fprintf (stderr, "Cannot open input file\n"); goto err; } mem_len = 0; while (!feof(tbs)) { int r = 0; BYTE tmp[1024]; BYTE *tmp_mem_tbs = NULL; r = fread (tmp, 1, 1024, tbs); tmp_mem_tbs = (BYTE *)realloc(mem_tbs, mem_len+r); if (!tmp_mem_tbs) { fprintf (stderr, "Allocation error\n"); free(mem_tbs); ret = CSP_GetLastError(); goto err; } mem_tbs = tmp_mem_tbs; memcpy (&mem_tbs[mem_len], tmp, r); mem_len += r; } fclose (tbs); tbs = NULL; //Добавим подпись tbs_sig = fopen (infilesig, "rb"); if (!tbs_sig) { fprintf (stderr, "Cannot open input file\n"); goto err; } mem_len_sig = 0; while (!feof(tbs_sig)) { int r = 0; BYTE tmp[1024]; BYTE *tmp_mem_tbs_sig = NULL; r = fread (tmp, 1, 1024, tbs_sig); tmp_mem_tbs_sig = (BYTE *)realloc(mem_tbs_sig, mem_len_sig+r); if (!tmp_mem_tbs_sig) { fprintf (stderr, "Allocation error\n"); free(mem_tbs_sig); ret = CSP_GetLastError(); goto err; } mem_tbs_sig = tmp_mem_tbs_sig; memcpy (&mem_tbs_sig[mem_len_sig], tmp, r); mem_len_sig += r; } fclose (tbs_sig); tbs_sig = NULL; //-------------------------------------------------------------------- // Initialize the algorithm identifier structure. HashAlgSize = sizeof(HashAlgorithm); memset(&HashAlgorithm, 0, HashAlgSize); // Init. to zero. HashAlgorithm.pszObjId = (LPSTR)(pOIDInfo->pszOID); // Initialize the necessary member. //-------------------------------------------------------------------- // Initialize the CMSG_SIGNER_ENCODE_INFO structure. memset(&SignerEncodeInfo, 0, sizeof(CMSG_SIGNER_ENCODE_INFO)); SignerEncodeInfo.cbSize = sizeof(CMSG_SIGNER_ENCODE_INFO); SignerEncodeInfo.pCertInfo = pUserCert->pCertInfo; SignerEncodeInfo.hCryptProv = hCryptProv; SignerEncodeInfo.dwKeySpec = keytype; SignerEncodeInfo.HashAlgorithm = HashAlgorithm; SignerEncodeInfo.pvHashAuxInfo = NULL; //-------------------------------------------------------------------- // Create an array of one. Note: Currently, there can be only one // signer. SignerEncodeInfoArray[0] = SignerEncodeInfo; //-------------------------------------------------------------------- // Initialize the CMSG_SIGNED_ENCODE_INFO structure. SignerCertBlob.cbData = pUserCert->cbCertEncoded; SignerCertBlob.pbData = pUserCert->pbCertEncoded; //-------------------------------------------------------------------- // Initialize the array of one CertBlob. SignerCertBlobArray[0] = SignerCertBlob; memset(&SignedMsgEncodeInfo, 0, sizeof(CMSG_SIGNED_ENCODE_INFO)); SignedMsgEncodeInfo.cbSize = sizeof(CMSG_SIGNED_ENCODE_INFO); SignedMsgEncodeInfo.cSigners = 1; SignedMsgEncodeInfo.rgSigners = SignerEncodeInfoArray; SignedMsgEncodeInfo.cCertEncoded = include; if (include) SignedMsgEncodeInfo.rgCertEncoded = SignerCertBlobArray; else SignedMsgEncodeInfo.rgCertEncoded = NULL; SignedMsgEncodeInfo.rgCrlEncoded = NULL; //-------------------------------------------------------------------- // Open a message to encode. if(hMsg = CryptMsgOpenToDecode( TYPE_DER, // Encoding type CMSG_DETACHED_FLAG, // Flags 0, // Message type 0, // Pointer to structure 0, // Inner content object ID 0)) // Stream information (not used) { printf("The message to be encoded has been opened. \n"); } else { ret = CSP_GetLastError(); fprintf (stderr, "OpenToEncode failed"); goto err; } //-------------------------------------------------------------------- // Update the message with the data. if(CryptMsgUpdate( hMsg, // Handle to the message mem_tbs_sig, // Pointer to the content mem_len_sig, // Size of the content FALSE)) // Last call { printf("Content has been added to the sig. \n"); } else { ret = CSP_GetLastError(); fprintf (stderr, "MsgUpdate sig failed"); goto err; } if(CryptMsgUpdate( hMsg, // Handle to the message mem_tbs, // Pointer to the content mem_len, // Size of the content TRUE)) // Last call { printf("Content has been added to the encoded message. \n"); } else { ret = CSP_GetLastError(); fprintf (stderr, "MsgUpdate failed"); goto err; } //-------------------------------------------------------------------- // Get the resulting message. CryptMsgControl( hMsg, 0, CMSG_CTRL_ADD_SIGNER, &SignerEncodeInfo); CryptMsgGetParam( hMsg, // Handle to the message CMSG_ENCODED_MESSAGE, // Parameter type 0, // Index 0, // Pointer to the blob &cbEncodedBlob); // Size of the blob if(cbEncodedBlob = CryptMsgCalculateEncodedLength( TYPE_DER, // Message encoding type 0, // Flags CMSG_SIGNED, // Message type &SignedMsgEncodeInfo, // Pointer to structure NULL, // Inner content object ID mem_len+mem_len_sig)) // Size of content */ { printf("The length of the data has been calculated. \n"); } else { ret = CSP_GetLastError(); fprintf (stderr, "Getting cbEncodedBlob length failed"); goto err; } pbEncodedBlob = (BYTE *) malloc(cbEncodedBlob); if (!pbEncodedBlob){ ret = CSP_GetLastError(); fprintf (stderr, "Memory allocation failed"); goto err; } CryptMsgGetParam( hMsg, // Handle to the message CMSG_ENCODED_MESSAGE, // Parameter type 0, // Index pbEncodedBlob, // Pointer to the blob &cbEncodedBlob); // Size of the blob //-------------------------------------------------------------------- // pbEncodedBlob now points to the encoded, signed content. //-------------------------------------------------------------------- if (outfilesig) { FILE *out = NULL; out = fopen (outfilesig, "wb"); if (out) { fwrite (pbEncodedBlob, cbEncodedBlob, 1, out); fclose (out); printf ("Output file (%s) has been saved\n", outfilesig); } else perror ("Cannot open out file\n"); } ret = 0; //-------------------------------------------------------------------- // Clean up. err: if(pbEncodedBlob) free(pbEncodedBlob); if(hMsg) CryptMsgClose(hMsg); if(hCryptProv) CryptReleaseContext(hCryptProv,0); if(hCertStore) CertCloseStore(hCertStore, 0); return ret; }
tempFile.txt (454kb) загружен 4 раз(а). tempFile_sig.txt.sig (3kb) загружен 4 раз(а). tempFile.txt.sig (4kb) загружен 3 раз(а).Плюс еще иногда вообще не удается подписать, возникает ошибка CSP_GetLastError() = 2148077570, лог: Цитата:capi20: 0x16f6ab000: :699 CryptMsgControl () Exception :'\316\370\350\341\352\340 0x80091002: Unknown cryptographic algorithm.' at file:'/dailybuildsbranches/CSP_4_0/CSPbuild/CSP/capilite/CMSSignedMessage.cpp' line:2307 The length of the data has been calculated. Output file (/var/mobile/Containers/Data/Application/3F7C98B9-9B85-4C23-9C86-1A59663BAD54/Documents/tempFile.pdf.sig) has been saved capi20: 0x16f6ab000: :1640 CryptDestroyHash () invalid argument(s)! cpcsp: 0x16f6ab000: :730 CPCReleaseContext (hProv=1035927670, dwFlags=0x0). Result=1, Err=0x80090020 Отредактировано пользователем 17 апреля 2018 г. 18:19:41(UTC)
| Причина: Не указана
|