(MFC) DSA R,S Signature Values

See more DSA Examples

Creates a DSA signature. Gets r,s values from the signature. Re-creates the DSA signature ASN.1 from the r,s values. Then verifies the signature using the re-created ASN.1 DSA signature.

Chilkat C/C++ Library Downloads MS Visual C/C++ Libs

See Also: Using MFC CString in Chilkat

#include <CkCrypt2.h>
#include <CkDsa.h>
#include <CkAsn.h>
#include <CkXml.h>

void ChilkatSample(void)
    {
    CkString strOut;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkCrypt2 crypt;

    crypt.put_EncodingMode("hex");
    crypt.put_HashAlgorithm("sha-1");

    const char *hashStr = crypt.hashFileENC("qa_data/hamlet.xml");
    strOut.append("hash to sign: ");
    strOut.append(hashStr);
    strOut.append("\r\n");

    CkDsa dsa;

    const char *pemPrivateKey = 0;
    pemPrivateKey = dsa.loadText("qa_data/dsa/dsaPrivKey2.pem");
    bool success = dsa.FromPem(pemPrivateKey);
    if (success == false) {
        strOut.append(dsa.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Load the hash to be signed into the DSA object:
    success = dsa.SetEncodedHash("hex",hashStr);
    if (success == false) {
        strOut.append(dsa.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Sign the hash.
    success = dsa.SignHash();
    if (success == false) {
        strOut.append(dsa.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Get the ASN.1 signature.
    const char *asnSig = dsa.getEncodedSignature("base64");
    strOut.append("Signature: ");
    strOut.append(asnSig);
    strOut.append("\r\n");

    // Examine the details of the ASN.1 signature.
    // We want to get the r,s values as hex strings..
    CkAsn asn;
    success = asn.LoadEncoded(asnSig,"base64");
    if (success == false) {
        strOut.append(asn.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Get the ASN.1 as XML.
    CkXml xml;
    success = xml.LoadXml(asn.asnToXml());
    strOut.append("Signature as XML: ");
    strOut.append("\r\n");
    strOut.append(xml.getXml());
    strOut.append("\r\n");

    // Sample XML shown here.
    // The r and s values are the two hex strings in the XML.

    // <?xml version="1.0" encoding="utf-8"?>
    // <sequence>
    //     <int>2C187F3AB6E47A66497B86CE97BB39E2133810F5</int>
    //     <int>588E53D3F7B69636B48FD7175E99A3961BD7D775</int>
    // </sequence>

    // Pretend we're starting with r,s
    const char *r = "2C187F3AB6E47A66497B86CE97BB39E2133810F5";
    const char *s = "588E53D3F7B69636B48FD7175E99A3961BD7D775";

    // Build the XML that will be converted to ASN.1
    xml.Clear();
    xml.put_Tag("sequence");
    xml.NewChild2("int",r);
    xml.NewChild2("int",s);

    // Convert the XML to ASN.1
    success = asn.LoadAsnXml(xml.getXml());

    // Emit the signature as DER encoded ASN.1 (base64)
    asnSig = asn.getEncodedDer("base64");

    // --------------------------------------------------------------------
    // Verify the signature using the asnSig we built from the r,s values
    // --------------------------------------------------------------------

    CkDsa dsa2;

    // Load the DSA public key to be used for verification:
    const char *pemPublicKey = 0;
    pemPublicKey = dsa2.loadText("qa_data/dsa/dsaPubKey2.pem");
    success = dsa2.FromPublicPem(pemPublicKey);
    if (success == false) {
        strOut.append(dsa2.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Load the hash to be verified.
    success = dsa2.SetEncodedHash("hex",hashStr);
    if (success == false) {
        strOut.append(dsa2.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Load the ASN.1 signature:
    success = dsa2.SetEncodedSignature("base64",asnSig);
    if (success == false) {
        strOut.append(dsa2.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Verify:
    success = dsa2.Verify();
    if (success == false) {
        strOut.append(dsa2.lastErrorText());
        strOut.append("\r\n");
    }
    else {
        strOut.append("DSA Signature Verified!");
        strOut.append("\r\n");
    }



    SetDlgItemText(IDC_EDIT1,strOut.getUnicode());

    }