当前位置:首页 -> 基础 -> c++编程基础

openssl主要流程程序代码(二)

2014-11-24 00:33:28 · 作者: · 浏览: 47
标签: openssl 主要 流程 程序 代码
oad_file(file, -1)) { if (RAND_status() == 0 && !dont_warn) { sprintf(outMsg,"unable to load 'random state'\n"); sprintf(outMsg,"This means that the random number generator has not been seeded\n"); if (consider_randfile) /* explanation does not apply when a file is explicitly named */ { sprintf(outMsg,"Consider setting the RANDFILE environment variable to point at a file that\n"); sprintf(outMsg,"'random' data can be kept in (the file will be overwritten).\n"); } } return 0; } return 1; } ///////////////////////// end //////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ///////////////////////// begin ////////////////////////////////////// /* Add extension using V3 code: we can set the config file as NULL * because we wont reference any other sections. */ int Add_ExtCert(X509 *cert/*正被添加的证书*/,X509 * root/*根证书(从中得到信息)*/, int nid, char *value) { X509_EXTENSION *ex; X509V3_CTX ctx; /* This sets the 'context' of the extensions. */ /* No configuration database */ // X509V3_set_ctx_nodb(&ctx); /* Issuer and subject certs: both the target since it is self signed, * no request and no CRL */ X509V3_set_ctx(&ctx,root, cert, NULL, NULL, 0); ex = X509V3_EXT_conf_nid(NULL, &ctx, nid, value); if (!ex) return 0; X509_add_ext(cert,ex,-1); X509_EXTENSION_free(ex); return 1; } bool Add_Name(X509_NAME * x509name,int type/*c\cn*/,char * iput/*中国*/, int ilen/*输入长度*/,char * outMsg)//支持中文名称 { wchar_t * ws,wc; ASN1_STRING stmp, *str = &stmp; UCHAR cbuf[256]={0}; int wslen, wcnt,i; char input[256]={0}; strncpy(input, iput, ilen); wslen = strlen(input) + 1; if(wslen==1) return true; ws =new unsigned short[sizeof(wchar_t) * wslen]; if ((wcnt = mbstowcs(ws, input, wslen)) == -1) { sprintf(outMsg,"mbstowcs convert error"); delete ws; return false; } for(i=0;i<(int)wcslen(ws);i++) { wc=ws[i]; cbuf[2*i]=wc/256; cbuf[2*i+1]=wc%256; } ASN1_mbstring_copy(&str, cbuf, 2*wslen, MBSTRING_BMP, B_ASN1_UTF8STRING); X509_NAME_add_entry_by_NID(x509name,type,V_ASN1_UTF8STRING,stmp.data,stmp.length, -1, 0); delete ws; return true; } bool mkRoot(stuSUBJECT * rootInfo,X509 **x509p/*out公钥*/, EVP_PKEY **pkeyp/*out私钥*/, int bits/*位数*/, int serial/*序列号*/, int days/*有效期*/,char * out/*操作结果*/) { X509 *x; EVP_PKEY *pk; RSA *rsa; X509_NAME *name=NULL; int i=0,len=0; if ((pkeyp == NULL) || (*pkeyp == NULL)) { if ((pk=EVP_PKEY_new()) == NULL) { abort(); return false; } } else pk= *pkeyp; if ((x509p == NULL) || (*x509p == NULL)) { if ((x=X509_new()) == NULL) goto err; } else x= *x509p; Rand(NULL,1,out);//产生随机数种子 rsa=RSA_generate_key(bits,RSA_F4,0/*回调函数callback*/,NULL);//产生密钥对,//RSA存储了公钥私钥 if (!EVP_PKEY_assign_RSA(pk,rsa))//完成RSA密钥的pkey结构初始工作,当pk不为NULL的时候,返回1,否则返回0 { abort(); goto err; } rsa=NULL; X509_set_version(x,2);//版本号,显示+1 ASN1_INTEGER_set(X509_get_serialNumber(x),serial);//序列号 X509_gmtime_adj(X509_get_notBefore(x),0);//起始时间 X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);//结束时间 X509_set_pubkey(x,pk);//公钥 name=X509_get_subject_name(x); /* This function creates and adds the entry, working out the * correct string type and performing checks on its length. * Normally we'd check the return value for errors */ //C-国家,ST-省,L-城市,O-组织,OU-部门,CN-个体,T-title,D-description,G-givenName,I-initials, //Email-emailAddress,S-surname,SN-serialNumber,dnQualifier-dnQualifier,unstructuredName,challengePassword,unstructuredAddress, setlocale(LC_CTYPE, ""); Add_Name(name,NID_countryName,(char *)rootInfo->
C,sizeof(rootInfo->C),out); Add_Name(name,NID_stateOrProvinceName,(char *)rootInfo->ST,sizeof(rootInfo->ST),out); Add_Name(name,NID_localityName,(char *)rootInfo->L,sizeof(rootInfo->L),out); Add_Name(name,NID_organizationName,(char *)rootInfo->O,sizeof(rootInfo->O),out); Add_Name(name,NID_organizationalUnitName,(char *)rootInfo->OU,sizeof(rootInfo->OU),out); Add_Name(name,NID_commonName,(char *)rootInfo->CN,sizeof(rootInfo->CN),out); Add_Name(name,NID_pkcs9_emailAddress,(char *)rootInfo->MAIL,sizeof(rootInfo->MAIL),out); Add_Name(name,NID_email_protect,(char *)rootInfo->PMAIL,sizeof(rootInfo->PMAIL),out); Add_Name(name,NID_title,(char *)rootInfo->T,sizeof(rootInfo->T),out); Add_Name(name,NID_description,(char *)rootInfo->D,sizeof(rootInfo->D),out); Add_Name(name,NID_givenName,(char *)rootInfo->G,sizeof(rootInfo->G),out); Add_Name(name,NID_initials,(char *)rootInfo->I,sizeof(rootInfo->I),out); Add_Name(name,NID_name,(char *)rootInfo->NAME,sizeof(rootInfo->NAME),out); Add_Name(name,NID_surname,(char *)rootInfo->S,sizeof(rootInfo->S),out); Add_Name(name,NID_dnQualifier,(char *)rootInfo->QUAL,sizeof(rootInfo->QUAL),out); Add_Name(name,NID_pkcs9_unstructuredName,(char *)rootInfo->STN,sizeof(rootInfo->STN),out); Add_Name(name,NID_pkcs9_challengePassword,(char *)rootIn