Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The following example shows code to receive and verify a signed message. The example receives the signature buffer and its size in SignatureBuffer and SignatureBufferSize and the message buffer and its size in MessageBuffer and MessageBufferSize.
The example assumes that a SecHandle variable named phContext and a SOCKET structure named s are initialized. For the declarations and initiations of these variables, see Using SSPI with a Windows Sockets Client and Using SSPI with a Windows Sockets Server. This code includes calls to functions in Secur32.lib, which must be included among the link libraries.
//--------------------------------------------------------------------
// Declare and initialize local variables.
#include <windows.h>
#include <stdio.h>
#include <sspi.h>
#define SECURITY_WIN32
#define MaxMessageLength 1024
#define BUFSIZ 512
void main()
{
BYTE MessageBuffer[BUFSIZ];
BYTE SignatureBuffer[BUFSIZ];
DWORD MessageBufferSize;
DWORD SignatureBufferSize;
SECURITY_STATUS SecStatus;
SecBufferDesc InputBufferDescriptor;
SecBuffer InputSecurityToken[2];
ULONG fQOP;
//------------------------------------------------------------------
// Receive the message.
if(!(ReceiveMsg(
s,
MessageBuffer,
MaxMessageLength,
&MessageBufferSize)))
{
MyHandleError("Error. Message not received.");
}
//------------------------------------------------------------------
// Receive the signature.
if(!(ReceiveMsg(
s,
SignatureBuffer,
MaxMessageLength,
&SignatureBufferSize)))
{
MyHandleError("Error. Signature not received.");
}
//------------------------------------------------------------------
// Build the input buffer descriptor.
InputBufferDescriptor.cBuffers = 2;
InputBufferDescriptor.pBuffers = InputSecurityToken;
InputBufferDescriptor.ulVersion = SECBUFFER_VERSION;
//-------------------------------------------------------------------
// Build the security buffer for the message.
InputSecurityToken[0].BufferType = SECBUFFER_DATA;
InputSecurityToken[0].cbBuffer = MessageBufferSize;
InputSecurityToken[0].pvBuffer = MessageBuffer;
//-------------------------------------------------------------------
// Build the security buffer for the signature.
InputSecurityToken[1].BufferType = SECBUFFER_TOKEN;
InputSecurityToken[1].cbBuffer = SignatureBufferSize;
InputSecurityToken[1].pvBuffer = SignatureBuffer;
//--------------------------------------------------------------------
// Call VerifySignature.
SecStatus = VerifySignature(
&phContext,
&InputBufferDescriptor, // input message descriptor
0, // no sequence number
&fQOP // quality of protection
);
if(SecStatus == SEC_E_OK)
{
printf("The signature verified the message.\n");
}
else
if(SecStatus == SEC_E_MESSAGE_ALTERED)
{
printf("The message was altered in transit.\n");
}
else
if(SecStatus == SEC_E_OUT_OF_SEQUENCE )
{
printf("The message is out of sequence.\n");
}
else
{
printf("An unknown error occurred in VerifyMessage.\n");
}
}