关于CryptAPI进行的数字签名和认证中hash处理问题
// 计算输入数据的哈希值

if(CryptHashData(
hHash,
pbBuffer,
dwBufferLen,
0))
{
printf("缓冲区中的数据已经进行了哈希处理.\n");
if(!(pbHashSize =(BYTE *) malloc(dwHashLen)))
HandleError("Memory allocation failed.");

// if(CryptGetHashParam(
// hHash,
// HP_HASHSIZE,
// pbHashSize,
// &dwHashLen,
// 0))
// {
// // It worked. Do nothing.
// printf("pbHashSize = %d.\n",*pbHashSize);
// }
// else
// {
// printf("CryptGetHashParam failed to get size.\n");
// exit(1);
// }

if(CryptGetHashParam(
hHash,
HP_HASHVAL,
NULL,
&dwHashLen,
0))
{
// It worked. Do nothing.
}
else
{
printf("CryptGetHashParam failed to get length.\n");
exit(1);
}

//dwHashLen = *pbHashSize;
if(pbHashData = (BYTE*)malloc(dwHashLen))
{
// It worked. Do nothing.
}
else
{
printf("Allocation failed.\n");
exit(1);
}
1.if(CryptGetHashParam(
hHash,
HP_HASHVAL,
pbHashData,
&dwHashLen,
0))
{
// Print the hash value.
printf("The hash is: ");
int i;
for(i = 0 ; i < dwHashLen ; i++)
{
printf("%2.2X ",pbHashData[i]);
}
printf("\n");
}
else
{

printf("Error during reading hash value.\n");
exit(1);

}

//---------------------------------------------------


//---------------------------------------------------

}
else
{
HandleError("Error during CryptHashData.");
}
//-------------------------------------------------------------------
// 确定签名信息的长度
dwSigLen= 0;
if(CryptSignHash(
hHash,
AT_SIGNATURE,
szDescription,
0,
NULL,
&dwSigLen))
{
printf("签名信息的长度 %d 找到.\n",dwSigLen);
}
else
{
HandleError("Error during CryptSignHash.");
}
//-------------------------------------------------------------------
// 分配空间
if(pbSignature = (BYTE *)malloc(dwSigLen))
{
printf("给此签名消息分配了内存空间.\n");

}
else
{
HandleError("所需内存不够.");
}
//-------------------------------------------------------------------
// 对哈希数据进行数字签名
2.if(CryptSignHash(
hHash,
AT_SIGNATURE,
szDescription,
0,
pbSignature,
&dwSigLen))
{
{
// Print the hash value.
printf("The sign is: ");
int i;
for(i = 0 ; i < dwSigLen ; i++)
{
printf("%2.2X ",pbSignature[i]);
}
printf("\n");
}

CryptGetProvParam(hProv, PP_CONTAINER, (BYTE *)cUserName, &dwUserNameLen, 0);
printf("对哈希数据已经进行了数字签名.签名者：%s\n",cUserName);
}
else
{
HandleError("Error during CryptSignHash.");
}
////////////////////////////////////////////////////////////////////////////////
以上代码中，在标号为1处之前进行对数据的摘要处理，然后在1处获取处理后的摘要数据，然后2处对摘要进行签名就出错（8009000C
NTE_BAD_HASH_STATE
Hash not valid for use in specified state.），如果去除1处获取摘要数据，就正常。刚用这个接口，不清楚什么问题，求解决，先谢了。 数字签名，Crypt
[解决办法]
该回复于2013-11-20 16:32:43被管理员删除