//
//
#if !defined(AFX_X509_CERT_CLASS_H__CFDD9091_CC06_404A_9EDD_41382A23D44A__INCLUDED_)
#define AFX_X509_CERT_CLASS_H__CFDD9091_CC06_404A_9EDD_41382A23D44A__INCLUDED_
#if _MSC_VER > 1000
#pragma once
#endif // _MSC_VER > 1000
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/asn1.h>
#include "MYStruct.h"
#include "RSA_Class.h"
#include "EC_Class.h"
#include "X509_REQ_Class.h"
class X509_Cert_Class
{
public:
//**********得到主题名字结构指针*********//
X509_NAME *GetNamePoint();
//*************得到序列号**************//
long GetSerial();
//************得到名字结构中的信息(设置实体证书)************//
int GetName(stuNAMEINFO *nameinfo);
//**************验证证书************//
int VerifyX509(char *FP);
//************读取证书***********//
int ReadX509(char *FP);
//***************甚至证书主体**************//
int SetX509(stuCLIENTCERTINFO *ClientCertInfo);
//***********向文件中写入证书并编码********//
int WriteX509(char *mode,char *FP,char *num=NULL);
//***************重载设置证书(设置根证书)***************//
int SetX509(stuNAMEINFO *NameInfo,stuCERTINFO *CertInfo);
X509_Cert_Class();
virtual ~X509_Cert_Class();
private:
void Utf82Ansi(const LPSTR lpsrc, const int srclen, LPSTR lpdst, int &dstlen);
X509_NAME *GetNamePoint(X509* x509_Cert);
int ReadX509(X509* x509_Cert,char *FP);
RSA_Class *m_CA_Rsa;
X509 *m_x509_CA_Cert;
X509 *m_x509_Cert;
X509_REQ_Class *m_x509_Req;
X509_NAME *m_x509_Name;
EC_Class *m_CA_EC;
};
#endif // !defined(AFX_X509_CERT_CLASS_H__CFDD9091_CC06_404A_9EDD_41382A23D44A__INCLUDED_)
// X509_Cert_Class.cpp: implementation of the X509_Cert_Class class.
//
//
#include "stdafx.h"
#include "MYCA.h"
#include "X509_Cert_Class.h"
#ifdef _DEBUG
#undef THIS_FILE
static char THIS_FILE[]=__FILE__;
#define new DEBUG_NEW
#endif
//
// Construction/Destruction
//
X509_Cert_Class::X509_Cert_Class()
{
//m_EvpKey=NULL;
//m_EvpKey2=NULL;
m_CA_Rsa=NULL;
m_x509_CA_Cert=NULL;
m_x509_Cert=NULL;
m_x509_Req=NULL;
m_x509_Name=NULL;
m_CA_EC=NULL;
//m_x509_Name2=NULL;
}
X509_Cert_Class::~X509_Cert_Class()
{
delete m_CA_Rsa;
delete m_x509_Req;
if(m_CA_EC!=NULL)
delete m_CA_EC;
X509_free(m_x509_Cert);
X509_free(m_x509_CA_Cert);
}
/*设置自签名证书主体信息*/
int X509_Cert_Class::SetX509(stuNAMEINFO *NameInfo,stuCERTINFO *CertInfo)
{
//*********初始化机构体********//
if((m_x509_Cert=X509_new())==NULL)
{
return 0;
}
//*************设置版本号************//
if(!X509_set_version(m_x509_Cert,2))
{
return 0;
}
//************设置序列号************//
if(!ASN1_INTEGER_set(X509_get_serialNumber(m_x509_Cert),CertInfo->CertNum))
{
return 0;
}
//****************设置主题***************//
m_x509_Req=new X509_REQ_Class;
if(!m_x509_Req->AddName(NameInfo))
{
return 0;
}
X509_NAME *x509_Name;
if((x509_Name=m_x509_Req->GetNamePoint())==NULL)
{
return 0;
}
if(!X509_set_subject_name(m_x509_Cert,x509_Name))
{
return 0;
}
//************设置证书有效期*************//
if(!X509_gmtime_adj(X509_get_notBefore(m_x509_Cert),0))//设置时间
{
return 0;
}
if(!X509_gmtime_adj(X509_get_notAfter(m_x509_Cert), (long)60*60*24*CertInfo->CertDate))
{
return 0;
}
//**********设置证书公钥信息*********//
int keykind=0;
EVP_PKEY *EvpKey;
m_CA_Rsa=new RSA_Class;
if(m_CA_Rsa->ReadRSA((LPSTR)(LPCTSTR)CertInfo->CAPriKeyPath))
{
keykind=1;
if((EvpKey=m_CA_Rsa->GetEvpKeyPoint())==NULL)
{
AfxMessageBox("读取CA秘钥错误");
return 0;
}
}
if(!keykind)
{
m_CA_EC=new EC_Class;
if(m_CA_EC->ReadEC((LPSTR)(LPCTSTR)CertInfo->CAPriKeyPath))
{
keykind=2;
if((EvpKey=m_CA_EC->GetEvpKeyPoint())==NULL)
{
AfxMessageBox("读取CA秘钥错误");
return 0;
}
}
}
if(keykind==0)
{
return 0;
}
if(!X509_set_pubkey(m_x509_Cert,EvpKey))
{
return 0;
}
//***********设置发行者***********//
if(!X509_set_issuer_name(m_x509_Cert,x509_Name))
{
return 0;
}
//***********签名**********//
if(keykind==1)
{
if(!X509_sign(m_x509_Cert,EvpKey,EVP_md5()))
/*
//设置签名值
// EVP_sha1 是否可以设置成别的,如EVP_md5
// 这样一份X509证书就生成了,下面的任务就是对它进行编码保存。
X509_sign(m_pClientCert, m_pCAKey, EVP_sha1());
*/
{
return 0;
}
}
else if(keykind==2)
{
if(!X509_sign(m_x509_Cert,EvpKey,EVP_ecdsa()))
{
return 0;
}
}
return 1;
}
int X509_Cert_Class::WriteX509(char *mode,char *FP,char *num)
{
BIO * bCert;
CString path=FP;
path=path+"\\"+num+"Cert.cer";
if((bCert = BIO_new_file(path, "wb"))== NULL)
{
AfxMessageBox("open CACert.pem fail");
return 0;
}
if(strcmp(mode,"der")==0)
/*
功能:比较字符串s1和s2。
一般形式:strcmp(字符串1,字符串2)
说明:
当s1<s2时,返回值<0
当s1=s2时,返回值=0
当s1>s2时,返回值>0
*/
{
if (!i2d_X509_bio(bCert,m_x509_Cert))
{
AfxMessageBox("X509 DER write bio fail");
return 0;
}
}
else
{
if (!PEM_write_bio_X509(bCert,m_x509_Cert))
{
AfxMessageBox("X509 PEM write bio fail");
return 0;
}
}
BIO_free(bCert);
return 1;
}
int X509_Cert_Class::ReadX509(char *FP)
{
BIO * bCert;
CString path=FP;
int cert=0;
if((m_x509_Cert=X509_new())==NULL)
{
return 0;
}
if((bCert = BIO_new_file(path, "rb"))== NULL)
{
AfxMessageBox("open "+path+" fail");
return 0;
}
if((d2i_X509_bio(bCert,&m_x509_Cert))!=NULL)
{
cert=1;
}
BIO_free(bCert);
if(!cert)
{
if((bCert = BIO_new_file(path, "r"))== NULL)
{
AfxMessageBox("open "+path+" fail");
return 0;
}
if (PEM_read_bio_X509(bCert,&m_x509_Cert,NULL,NULL))
{
cert=1;
}
BIO_free(bCert);
}
return cert;
}
/*******设置实体证书主体信息*******/
int X509_Cert_Class::SetX509(stuCLIENTCERTINFO *ClientCertInfo)
{
//*********初始化机构体********//
if((m_x509_Cert=X509_new())==NULL)
{
return 0;
}
//*************设置版本号************//
if(!X509_set_version(m_x509_Cert,2))
{
return 0;
}
//************设置序列号************//
if(!ASN1_INTEGER_set(X509_get_serialNumber(m_x509_Cert),(long)ClientCertInfo->CertNum))
{
return 0;
}
//****************设置主题***************//
m_x509_Req=new X509_REQ_Class;
if((m_x509_Req->ReadReq((LPSTR)(LPCTSTR)ClientCertInfo->ReqFile))==NULL)
{
return 0;
}
X509_NAME *x509_Name;
if((x509_Name=m_x509_Req->GetNamePoint())==NULL)
{
return 0;
}
if(!X509_set_subject_name(m_x509_Cert,x509_Name))
{
return 0;
}
//************设置证书有效期*************//
if(!X509_gmtime_adj(X509_get_notBefore(m_x509_Cert),0))//设置时间
{
return 0;
}
if(!X509_gmtime_adj(X509_get_notAfter(m_x509_Cert), (long)60*60*24*ClientCertInfo->CertDate))
{
return 0;
}
//**********设置证书公钥信息*********//
EVP_PKEY *EvpKey;
if((EvpKey=m_x509_Req->GetEvpKeyPoint())==NULL)
{
return 0;
}
EVP_PKEY_free(EvpKey);
if(!X509_set_pubkey(m_x509_Cert,EvpKey))
{
return 0;
}
//***********设置发行者***********//
if(!ReadX509(m_x509_CA_Cert, (LPSTR)(LPCTSTR)ClientCertInfo->CACertFile))
{
return 0;
}
if((x509_Name=GetNamePoint(m_x509_CA_Cert))==NULL)
{
return 0;
}
if(!X509_set_issuer_name(m_x509_Cert,x509_Name))
{
return 0;
}
//************签名************//
int keykind=0;
m_CA_Rsa=new RSA_Class;
if(m_CA_Rsa->ReadRSA((LPSTR)(LPCTSTR)ClientCertInfo->CAPriKeyFile))
{
keykind=1;
if((EvpKey=m_CA_Rsa->GetEvpKeyPoint())==NULL)
{
AfxMessageBox("读取CA秘钥错误");
return 0;
}
}
if(!keykind)
{
m_CA_EC=new EC_Class;
if(m_CA_EC->ReadEC((LPSTR)(LPCTSTR)ClientCertInfo->CAPriKeyFile))
{
keykind=2;
if((EvpKey=m_CA_EC->GetEvpKeyPoint())==NULL)
{
AfxMessageBox("读取CA秘钥错误");
return 0;
}
}
}
if(keykind==0)
{
return 0;
}
if(keykind==1)
{
if(!X509_sign(m_x509_Cert,EvpKey,EVP_md5()))
{
return 0;
}
}
else if(keykind==2)
{
if(!X509_sign(m_x509_Cert,EvpKey,EVP_ecdsa()))
{
return 0;
}
}
else
{
}
return 1;
}
int X509_Cert_Class::ReadX509(X509 *x509_Cert, char *FP)
{
BIO * bCert;
CString path=FP;
int cert=0;
if((m_x509_CA_Cert=X509_new())==NULL)
{
return 0;
}
if((bCert = BIO_new_file(path, "rb"))== NULL)
{
AfxMessageBox("open "+path+" fail");
return 0;
}
if((d2i_X509_bio(bCert,&m_x509_CA_Cert))!=NULL)
{
cert=1;
}
BIO_free(bCert);
if(!cert)
{
if((bCert = BIO_new_file(path, "r"))== NULL)
{
AfxMessageBox("open "+path+" fail");
return 0;
}
if (PEM_read_bio_X509(bCert,&m_x509_CA_Cert,NULL,NULL))
{
cert=1;
}
BIO_free(bCert);
}
return cert;
}
X509_NAME *X509_Cert_Class::GetNamePoint(X509* x509_Cert)
{
if(x509_Cert==NULL)
{
return NULL;
}
if ((m_x509_Name=X509_NAME_new()) == NULL)
{
return NULL;
}
if((m_x509_Name=X509_get_subject_name(x509_Cert))==NULL)
{
return NULL;
}
return m_x509_Name;
}
int X509_Cert_Class::VerifyX509(char *FP)
{
EVP_PKEY *EvpKey=NULL;
int keykind=0;
CString str=FP;
//********读入公钥********//
if(m_CA_Rsa==NULL)
{
m_CA_Rsa=new RSA_Class;
}
if(m_CA_Rsa->ReadPubRSA((LPSTR)(LPCTSTR)str))
{
keykind=1;
if((EvpKey=m_CA_Rsa->GetEvpKeyPoint())==NULL)
{
AfxMessageBox("读取公钥错误");
return 0;
}
}
if(!keykind)
{
if(m_CA_EC==NULL)
{
m_CA_EC=new EC_Class;
}
if(m_CA_EC->ReadPubEC((LPSTR)(LPCTSTR)str))
{
keykind=2;
if((EvpKey=m_CA_EC->GetEvpKeyPoint())==NULL)
{
AfxMessageBox("读取公钥错误");
return 0;
}
}
}
if(keykind==0)
{
AfxMessageBox("读取公钥错误");
return 0;
}
//*********验证********//
OpenSSL_add_all_digests();
int i=X509_verify(m_x509_Cert,EvpKey);
if(i<=0)
return 0;
else
return 1;
}
//*********得到主题信息********//
int X509_Cert_Class::GetName(stuNAMEINFO *nameinfo)
{
if(GetNamePoint(m_x509_Cert)==NULL)
return 0;
char a[100];
X509_NAME_get_text_by_NID(m_x509_Name, NID_commonName,a,100);
int len;
Utf82Ansi(a,strlen(a),(char *)nameinfo->CN,len);
return 1;
}
//************宽字符格式转换成窄字符格式***********//
void X509_Cert_Class::Utf82Ansi(const LPSTR lpsrc, const int srclen, LPSTR lpdst, int &dstlen)
{
WCHAR * Unicode;
int len = MultiByteToWideChar ( CP_UTF8 , 0 ,(char*) lpsrc ,-1 ,NULL,0);
Unicode = new WCHAR[len * sizeof(WCHAR)];
MultiByteToWideChar ( CP_UTF8 , 0 ,( char * ) lpsrc, -1, Unicode , len );
len = WideCharToMultiByte(CP_ACP,0,Unicode,-1,NULL,0,NULL,NULL);
dstlen = WideCharToMultiByte (CP_ACP,0,Unicode,-1,lpdst,len,NULL,NULL);
delete []Unicode;
}
long X509_Cert_Class::GetSerial()
{
if(m_x509_Cert==NULL)
{
return -1;
}
ASN1_INTEGER *serial;
serial=X509_get_serialNumber(m_x509_Cert);
if(serial==NULL)
return -1;
return ASN1_INTEGER_get(serial);
}
X509_NAME *X509_Cert_Class::GetNamePoint()
{
if(m_x509_Cert==NULL)
{
return NULL;
}
if((m_x509_Name=X509_get_subject_name(m_x509_Cert))==NULL)
{
return NULL;
}
return m_x509_Name;
}
773
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
