当前位置:首页 -> 基础 -> c++编程基础

openssl主要流程程序代码(五)

2014-11-24 00:33:28 · 作者: · 浏览: 51
标签: openssl 主要 流程 程序 代码
09_REQ_new()) == NULL) goto err; Rand(NULL,1,out);//产生随机数种子 rsa=RSA_generate_key(bits,RSA_F4,0/*回调函数callback*/,NULL);//产生密钥对 //PEM_write_bio_RSAPrivateKey if (!EVP_PKEY_assign_RSA(pk,rsa)) goto err; rsa=NULL; X509_REQ_set_pubkey(x,pk); name=X509_REQ_get_subject_name(x); /* This function creates and adds the entry, working out the * correct string type and performing checks on its length. * Normally we'd check the return value for errors */ setlocale(LC_CTYPE, ""); Add_Name(name,NID_countryName,(char *)reqInfo->C,sizeof(reqInfo->C),out); Add_Name(name,NID_stateOrProvinceName,(char *)reqInfo->ST,sizeof(reqInfo->ST),out); Add_Name(name,NID_localityName,(char *)reqInfo->L,sizeof(reqInfo->L),out); Add_Name(name,NID_organizationName,(char *)reqInfo->O,sizeof(reqInfo->O),out); Add_Name(name,NID_organizationalUnitName,(char *)reqInfo->OU,sizeof(reqInfo->OU),out); Add_Name(name,NID_commonName,(char *)reqInfo->CN,sizeof(reqInfo->CN),out); Add_Name(name,NID_pkcs9_emailAddress,(char *)reqInfo->MAIL,sizeof(reqInfo->MAIL),out); Add_Name(name,NID_email_protect,(char *)reqInfo->PMAIL,sizeof(reqInfo->PMAIL),out); Add_Name(name,NID_title,(char *)reqInfo->T,sizeof(reqInfo->T),out); Add_Name(name,NID_description,(char *)reqInfo->D,sizeof(reqInfo->D),out); Add_Name(name,NID_givenName,(char *)reqInfo->G,sizeof(reqInfo->G),out); Add_Name(name,NID_initials,(char *)reqInfo->I,sizeof(reqInfo->I),out); Add_Name(name,NID_name,(char *)reqInfo->NAME,sizeof(reqInfo->NAME),out); Add_Name(name,NID_surname,(char *)reqInfo->S,sizeof(reqInfo->S),out); Add_Name(name,NID_dnQualifier,(char *)reqInfo->
QUAL,sizeof(reqInfo->QUAL),out); Add_Name(name,NID_pkcs9_unstructuredName,(char *)reqInfo->STN,sizeof(reqInfo->STN),out); Add_Name(name,NID_pkcs9_challengePassword,(char *)reqInfo->PW,sizeof(reqInfo->PW),out); Add_Name(name,NID_pkcs9_unstructuredAddress,(char *)reqInfo->ADD,sizeof(reqInfo->ADD),out); /* Certificate requests can contain extensions, which can be used * to indicate the extensions the requestor would like added to * their certificate. CAs might ignore them however or even choke * if they are present. */ /* For request extensions they are all packed in a single attribute. * We save them in a STACK and add them all at once later */ exts = sk_X509_EXTENSION_new_null(); /* Standard extenions */ //主题备用名称,URL:http://my.url.here/、支持email copy Add_ExtReq(exts, NID_subject_alt_name, "DNS:localhost,email:hpxs@hotmail.com,RID:1.2.3.4,URI:192.168.2.22,IP:C0A80216"); //加入自定义扩展 int nid; nid = OBJ_create("1.3.6.1.4.1.5315.100.2.5", "UserID", "User ID Number"); X509V3_EXT_add_alias(nid, NID_netscape_comment); Add_ExtReq(exts, nid, "ID130203197703060618"); /* Now we've created the extensions we add them to the request */ X509_REQ_add_extensions(x, exts); sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); X509V3_EXT_cleanup();//cleanup the extension code if any custom extensions have been added if (!X509_REQ_sign(x,pk,EVP_sha1()))//用自己的公钥签名私钥 goto err; *req=x; *pkeyp=pk; return(1); err: return(0); } BOOL MakeReq(stuSUBJECT * reqInfo,/*请求信息*/int bits/