英文:
How do i verify the png file with publickey using cryptopp?
问题
I understand your request to only translate the code portion. Here is the code you provided without translation:
int main(int argc, char* argv[])
{
// Scratch result
bool result = false;
string signature;
// Private and Public keys
ECDSA<ECP, SHA256>::PrivateKey privateKey;
ECDSA<ECP, SHA256>::PublicKey publicKey;
/////////////////////////////////////////////
// Load key in PKCS#9 and X.509 format
LoadPrivateKey( "ec.private.key", privateKey );
LoadPublicKey( "ec.public.key", publicKey );
/////////////////////////////////////////////
// Sign and Verify a message
string message ;
loadFile2base64("hello.png", message);
result = SignMessage( privateKey, message, signature );
assert( true == result );
string image;
StringSource (message,true,new Base64Decoder(new StringSink(image)));
StringSource (image+signature,true , new FileSink( "md5.png", true /*binary*/ ));
return 0;
}
void loadFile2base64(const std::string& filename, string& mess) {
FileSource file(filename.c_str(), true, new Base64Encoder(new StringSink(mess)));
file.PumpAll();
}
bool SignMessage( const ECDSA<ECP, SHA1>::PrivateKey& key, const string& message, string& signature )
{
AutoSeededRandomPool prng;
signature.erase();
StringSource( message, true,
new SignerFilter( prng,
ECDSA<ECP,SHA1>::Signer(key),
new StringSink( signature )
) // SignerFilter
); // StringSource
return !signature.empty();
}
bool VerifyMessage( const ECDSA<ECP, SHA1>::PublicKey& key, const string& message, const string& signature )
{
bool result = false;
StringSource( signature+message, true,
new SignatureVerificationFilter(
ECDSA<ECP,SHA1>::Verifier(key),
new ArraySink( (byte*)&result, sizeof(result) )
) // SignatureVerificationFilter
);
return result;
}
Please let me know if you need any further assistance.
英文:
My teacher gives me PublicKey, hello.png(original file) and five md5.png file(image+signature). And ask me which md5.png file has the signature correct with the original file.
And this is the code c++ my teacher use crptopp libabry to load the png file to base64 and then sign them. After that sum image and signature to the new file name md5.png:
int main(int argc, char* argv[])
{
// Scratch result
bool result = false;
string signature;
// Private and Public keys
ECDSA<ECP, SHA256>::PrivateKey privateKey;
ECDSA<ECP, SHA256>::PublicKey publicKey;
/////////////////////////////////////////////
// Load key in PKCS#9 and X.509 format
LoadPrivateKey( "ec.private.key", privateKey );
LoadPublicKey( "ec.public.key", publicKey );
/////////////////////////////////////////////
// Sign and Verify a message
string message ;
loadFile2base64("hello.png", message);
result = SignMessage( privateKey, message, signature );
assert( true == result );
string image;
StringSource (message,true,new Base64Decoder(new StringSink(image)));
StringSource (image+signature,true , new FileSink( "md5.png", true /*binary*/ ));
return 0;
}
void loadFile2base64(const std::string& filename, string& mess) {
FileSource file(filename.c_str(), true, new Base64Encoder(new StringSink(mess)));
file.PumpAll();
}
bool SignMessage( const ECDSA<ECP, SHA1>::PrivateKey& key, const string& message, string& signature )
{
AutoSeededRandomPool prng;
signature.erase();
StringSource( message, true,
new SignerFilter( prng,
ECDSA<ECP,SHA1>::Signer(key),
new StringSink( signature )
) // SignerFilter
); // StringSource
return !signature.empty();
}
bool VerifyMessage( const ECDSA<ECP, SHA1>::PublicKey& key, const string& message, const string& signature )
{
bool result = false;
StringSource( signature+message, true,
new SignatureVerificationFilter(
ECDSA<ECP,SHA1>::Verifier(key),
new ArraySink( (byte*)&result, sizeof(result) )
) // SignatureVerificationFilter
);
return result;
}
I have try to load the md5.png and the orginal file hello.png to base 64 to check what different between 2 files:
hello.png: [a lot thing here]=
md5.png: [a lot thing here]ATeFuHi2CQaZXGpXM s2L2M7UMaAoAdsID8O301sI8hDWJbR2IsQ5DjM4=
Because the md5.png was make with hello.png+signature so i think the string after [a lot thing here] is the base64 of signature but it doesn't.
Anyway else to get the signature from md5.png or any way to verify that md5.png file.
答案1
得分: 1
PNG格式由一个标头和若干个数据块组成。每个数据块都有一个类型标签、大小和数据。您的签名可以在IEND数据块之后找到。
因此,您可以从文件的开头开始阅读,跳过标头,然后只需读取足够多的数据块以了解要跳过多少字节。
或者,您可以从文件末尾向后查找,直到看到IEND标记(字节序列00 00 00 00 73 69 78 68 ?? ?? ?? ??
),稍有可能您的签名也包含这样的字节序列。
英文:
The PNG format consists of a header plus a number of chunks. Each chunk has a type tag, a size, and data. Your signature can be found right after the IEND chunk.
You can thus read the file from start to finish, skip over the header, and then read just enough of a chunk to know how many bytes to skip.
Alternatively, you could seek backwards from the end of the file until you see an IEND marker (the byte sequence 00 00 00 00 73 69 78 68 ?? ?? ?? ??
) with a slight possibility that your signature also happens to contain such a byte sequence.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论