>From: owner-openssl-us...@openssl.org On Behalf Of Pedro Alexandre
>Sent: Friday, 05 July, 2013 10:56
>I' m Looking for a solution to create a hash key type Sha1 signed and
encoded Base64.
>In openssl is done by executing in CMD:
>'openssl dgst sha1-sign Fileprivatekey.pem out Filemessage.sha1 message'
[YM -sha1 (not run together) -sign and -out. And no quotemarks around.]
>and thain [YM then]
>'Openssl enc -base64 -in Filemessage.sha1 -out FileMsgb64 -A'
That signs (and base64's) a hash, specifically a SHA1 hash.
There is no "hash key"; there is a concept of a "keyed hash"
in modern crypto but that's not what you're doing here.
>I can do runshell() openssl but I wanted to avoid using external
>exes and not install openssl on customers PCs.
>Any body can show a small sample that does this type of commands
>and obtain the some result, from Libeay32.dll?
runshell() is not a standard C (or C++) function, nor a WinAPI
call; what/where is it? The only two plausible hits google finds
for me are winbatch and xbase, and I don't know if those can
call C functions. You can call C functions in a library like
openssl if you are programming in C, or C++, or (perhaps less
easily) in a language that can make C (not "managed" C# or VBD)
calls, sometimes called "foreign".
libeay32.dll (and ssleay32.dll) is part of openssl just as much
as openssl.exe is. Perhaps you want to link with a static lib
(not a dll) and then you don't need to install openssl but you do
need to update & reinstall your program(s) if you need any fixes
or features in a new openssl (likely never for this limited use).
On Windows (and most(?) other OSes) openssl can be built either
to link dynamically (dll, so, sl, etc) or statically; the
convenient ShiningLight package does both for (MS)VC.
If your goal is avoid a separate exe (and launches of it) and
you can call C, you can do the above with calls to functions
in libeay32 (equivalent to Unix -lcrypto), for most of which
man pages are available on Unix; if you have only Windows install
you can use the copy online under http://www.openssl.org/docs/
or you can try to make sense of the pod-format source (there's
probably several suitable perl modules out of the 2-zillion
floating about perlspace; try cpan.org if you have time to spend)
- (general setup) SSL_library_init or similar,
SSL_load_error_strings
- PEM_read_PrivateKey using stdio or file-BIO as convenient.
For Windows DLL you need applink in the exe; if you can't
or prefer not to do that, read into memory yourself and
then PEM_read from a mem-BIO.
- (the new preferred way) EVP_DigestSign{Init,Update,Final}
or (the older way works for SHA1withBlah but not all valid
hash+PK combinations) EVP_Sign{Init/Init_ex,Update,Final}
or even (the low-level way not recommended for most use)
SHA1_{Init,Update,Final} plus {RSA,DSA,ECDSA}_sign
- to base64 you can create and write to a BIO_f_base64
with FLAGS_BASE64_NO_NL (equivalent of commandline enc -A)
pushed on either a BIO_s_mem or BIO_s_file as convenient;
or for this minimal case you can just call the undocumented
but long-stable EVP_EncodeBlock; or you can write your own
just-base64 encoder in about 10 lines of C (or pretty much
any sane programming language, even(?) javascript).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
