当前位置:首页 -> 基础 -> c++编程基础

openssl主要流程程序代码(七)

2014-11-24 00:33:28 · 作者: · 浏览: 52
标签: openssl 主要 流程 程序 代码
ipherment"); if(KUSAGE->KA) if(strlen(kusage))//添加 strcat(kusage, ",keyAgreement"); else strcpy(kusage,"keyAgreement"); if(KUSAGE->KC) if(strlen(kusage))//添加 strcat(kusage, ",keyCertSign"); else strcpy(kusage,"keyCertSign"); if(KUSAGE->CS) if(strlen(kusage))//添加 strcat(kusage, ",cRLSign"); else strcpy(kusage,"cRLSign"); if(KUSAGE->EO) if(strlen(kusage))//添加 strcat(kusage, ",encipherOnly"); else strcpy(kusage,"encipherOnly"); if(KUSAGE->DO) if(strlen(kusage))//添加 strcat(kusage, ",decipherOnly"); else strcpy(kusage,"decipherOnly"); if(strlen(kusage)) Add_ExtCert(ret,ret, NID_key_usage, kusage); //增强型密钥用法--一般只用于末端证书RFC3280 //增强用法 证书目的 //-------------------------------------------------------------------------------------------------------------- //服务器验证 保证远程计算机的身份 //客户端验证 向远程计算机证明您的身份 //代码签名 确保软件来自软件发行商 //安全电子邮件 保护软件在发行后不被改动 //时间戳 保护电子邮件消息 //-------------------------------------------------------------------------------------------------------------- // 保证软件来自一个软件发行商 // 保护软件在发行后不被改动。 // 保证软件来自商业软件发行商 // 允许您用数字签名证书信任列表 // 允许联机事务处理/通讯的严格加密 // 允许加密磁盘上的数据 // 智能卡登录 //IP安全终端系统 允许 Internet 上的安全通讯 //IP安全隧道终止 //IP 安全用户 //-------------------------------------------------------------------------------------------------------------- if(EKUSAGE->SA) strcpy(ekusage,"serverAuth"); if(EKUSAGE->CA) if(strlen(ekusage))//添加 strcat(ekusage,",clientAuth"); else strcpy(ekusage,"clientAuth"); if(EKUSAGE->
CS) if(strlen(ekusage))//添加 strcat(ekusage,",codeSigning"); else strcpy(ekusage,"codeSigning"); if(EKUSAGE->EP) if(strlen(ekusage))//添加 strcat(ekusage,",emailProtection"); else strcpy(ekusage,"emailProtection"); if(EKUSAGE->TS) if(strlen(ekusage))//添加 strcat(ekusage,",timeStamping"); else strcpy(ekusage,"timeStamping"); if(EKUSAGE->msCC) if(strlen(ekusage))//添加 strcat(ekusage,",msCodeCom"); else strcpy(ekusage,"msCodeCom"); if(EKUSAGE->msCTLS) if(strlen(ekusage))//添加 strcat(ekusage,",msCTLSign"); else strcpy(ekusage,"msCTLSign"); if(EKUSAGE->msSGC) if(strlen(ekusage))//添加 strcat(ekusage,",msSGC"); else strcpy(ekusage,"msSGC"); if(EKUSAGE->msEFS) if(strlen(ekusage))//添加 strcat(ekusage,",msEFS"); else strcpy(ekusage,"msEFS"); if(EKUSAGE->msSC) if(strlen(ekusage))//添加 strcat(ekusage,",msSmartcardLogin"); else strcpy(ekusage,"msSmartcardLogin"); if(EKUSAGE->IP) if(strlen(ekusage))//添加 strcat(ekusage,",ipsecEndSystem,ipsecTunnel,ipsecUser"); else strcpy(ekusage,"ipsecEndSystem,ipsecTunnel,ipsecUser"); if(strlen(ekusage)) Add_ExtCert(ret,ret,NID_ext_key_usage,ekusage); /* Application keyUsage Values SSL Client digitalSignature SSL Server keyEncipherment S/MIME Signing digitalSignature S/MIME Encryption keyEncipherment Certificate Signing keyCertSign Object Signing digitalSignature */ //颁发者备用名称,URL:http://my.url.here/、不支持email copy Add_ExtCert(ret,ret, NID_issuer_alt_name, "DNS:hpxs,email:hpxs@hotmail.com,RID:1.2.3.4,URI:https://hpxs,IP:192.168.0.22"); //证书策略 Add_ExtCert(ret,ret,NID_certificate_poli