Guardtime KSI c SDK
|
For simplicity reasons, the error handling in this tutorial is mostly omitted. In practice almost all the functions in the SDK return a status code which value should be checked to be KSI_OK, which means all went well.
For preparation see Basics Tutorial.
Lets assume our data to be signed is stored in a variable called data
and it's length is stored in data_len
.
As only the hash of the original document is signed, we need to create a KSI_DataHash object. This is usually done using the KSI_DataHasher object where the data can be added to the hash calculation in chunks. In our example, the data is already stored in a single memory buffer and we can use the KSI_DataHash_create function. We will use the KSI_HASHALG_SHA2_256 algorithm.
At this point we should have all we need to sign the document (actually only the hash value of it). To do so, we need to call KSI_createSignature.
To save the signature to a file or database we need to serialize it's content. To do so, we simply need to call the KSI_Signature_serialize method.
Now the user may store the contents of serialized
with length serialized_len
how ever needed.
As the final step we need to free all the allocated resources. Note that the KSI context may be reused as much as needed (within a single thread) and must not be created every time. It is also important to point out that the context must be freed last.