📄 scert.h
字号:
#if defined(__cplusplus)
extern "C"
{
#endif
/* certificate version defines */
#ifndef _SCERT_H
#define _SCERT_H
#define CERT_V0 0
#define CERT_V1 1
#define CERT_V2 2
#define MAX_MODULE_LEN 512
#define MAX_OID_NUM 512
#define MAX_NAME_NUM 64
#define MAX_X500_NAME_LEN 256
#define MAX_SERIAL_LEN 128
#define MAX_ALGO_PARA_LEN 1024
#define MAX_UNIQUE_ID_LEN 128
#define MAX_PUBLIC_KEY_LEN 1024
#define MAX_ERROR_NUM 16
#define MAX_ERROR_LEN 128
#define MAX_EXT_LEN 4096
#define MAX_UNKNOWN_EXT 8
#define MAX_OID_SIZE 32
#define MAX_EXT_VAL_SIZE 256
#define MAX_CERT_SIZE 8192
#define MAX_PKIX_DISPLAY_TEXT 200
/*证书扩展项extensionsFlag各比特位的含义(异或结果)*/
#define X509_EXT_authorityKeyIdentifier 0x0001
#define X509_EXT_keyUsage 0x0002
#define X509_EXT_privateKeyUsagePeriod 0x0004
#define X509_EXT_certificatePolicies 0x0008
#define X509_EXT_basicConstraints 0x0010
#define X509_EXT_cRLDistributionPoints 0x0020
#define X509_EXT_netscape_cert_type 0x0040
#define X509_EXT_set_hashedRootKey 0x0080
#define X509_EXT_set_certificateType 0x0100
#define X509_EXT_self_class 0x0200
#define X509_EXT_crlReason 0x0400
#define X509_EXT_crlInvalidityDate 0x0800
#define X509_EXT_crlNumber 0x1000
/*密钥用途KeyUsage各比特位的含义(异或结果)*/
#define KEYUSAGE_digitalSignature 0x0001 /*(0)*/
#define KEYUSAGE_nonRepudiation 0x0002 /*(1)*/
#define KEYUSAGE_keyEncipherment 0x0004 /*(2)*/
#define KEYUSAGE_dataEncipherment 0x0008 /*(3)*/
#define KEYUSAGE_keyAgreement 0x0010 /*(4)*/
#define KEYUSAGE_keyCertSign 0x0020 /*(5)*/
#define KEYUSAGE_crlSign 0x0040 /*(6)*/
#define KEYUSAGE_encipherOnly 0x0080 /*(7)*/
#define KEYUSAGE_decipherOnly 0x0100 /*(8)*/
/*netscape 证书类型netscapeCertType各比特位的含义(异或结果)*/
#define NE_CERTYPE_SSL_Client 0x0001 /*(0)*/ //SSL客户端
#define NE_CERTYPE_SSL_Server 0x0002 /*(1)*/ //SSL服务端
#define NE_CERTYPE_SMIME 0x0004 /*(2)*/ //安全的多用途的网际邮件扩充协议
#define NE_CERTYPE_Object_Signing 0x0008 /*(3)*/ //用于对象签名的证书
#define NE_CERTYPE_Reserved 0x0010 /*(4)*/
#define NE_CERTYPE_SSL_CA 0x0020 /*(5)*/ //SSL的CA证书
#define NE_CERTYPE_SMIME_CA 0x0040 /*(6)*/ //SMIME的CA证书
#define NE_CERTYPE_Object_Signing_CA 0x0080 /*(7)*/ //用于对象签名的CA证书
/*SET的证书类型setCertType各比特位的含义(异或结果)----原来没有,根据说明自己添加*/
#define SET_CERT_TYPE_card 0x0001
#define SET_CERT_TYPE_mer 0x0002
#define SET_CERT_TYPE_pgwy 0x0004
#define SET_CERT_TYPE_cca 0x0008
#define SET_CERT_TYPE_mca 0x0010
#define SET_CERT_TYPE_pca 0x0020
#define SET_CERT_TYPE_gca 0x0040
#define SET_CERT_TYPE_bca 0x0080
#define SET_CERT_TYPE_rca 0x0100
#define SET_CERT_TYPE_acq 0x0200
/*证书吊销原因各比特位的含义:*/
#define REASON_unspecified 0x0001 /*(0)*/
#define REASON_keyCompromise 0x0002 /*(1)*/
#define REASON_caCompromise 0x0004 /*(2)*/
#define REASON_affiliationChanged 0x0008 /*(3)*/
#define REASON_superseded 0x0010 /*(4)*/
#define REASON_cessationOfOperation 0x0020 /*(5)*/
#define REASON_certificateHold 0x0040 /*(6)*/
#define REASON_removeFromCRL 0x0080 /*(7)*/
/* 证书中项的标识----使用Crypt_Get_Char_Info_FromCert函数提取*/
#define CERT_VERSION 1
#define CERT_SN 2
#define CERT_SA 3
#define ISS_C 4
#define ISS_O 5
#define ISS_OU 6
#define ISS_ST 7
#define ISS_CN 8
#define ISS_L 9
#define ISS_EMAIL 10
#define NOT_BEFORE 11
#define NOT_AFTER 12
#define SUBJ_C 13
#define SUBJ_O 14
#define SUBJ_OU 15
#define SUBJ_ST 16
#define SUBJ_CN 17
#define SUBJ_L 18
#define SUBJ_EMAIL 19
#define SUBJ_PK 20
#define SELF_CLASS 21
/*************************************
* type defines
**************************************/
typedef unsigned short uint16;
typedef uint16 USHORT;
typedef unsigned long uint32;
typedef uint32 ULONG;
typedef unsigned char uchar;
typedef uchar UCHAR;
typedef unsigned char uint8;
typedef signed long sint32;
typedef short int16;
#define CPTR *
#define CCPTR **
#define PUB_FUNC_RTN uint32
#define FUNC_OK 0
#define FUNC_ERR 1
//CA的签名算法
#define UID_md2WithRSAEncryption 1
#define UID_md5WithRSAEncryption 2
#define UID_sha1WithRSASignature 3
#define UID_rsa_rsaEncryption 4
#define UID_md5 5
#define UID_sha1 6
#define UID_md2 7
typedef struct{
uint8 oid[MAX_UNKNOWN_EXT][MAX_OID_SIZE]; //扩展标识ID,它一般从国际标准组织申请
uint32 oidSize[MAX_UNKNOWN_EXT]; //扩展标识ID字节长度
uint8 critical[MAX_UNKNOWN_EXT]; //是否critical(重要的)
uint8 value[MAX_UNKNOWN_EXT][MAX_EXT_VAL_SIZE]; //扩展值
uint32 valueSize[MAX_UNKNOWN_EXT]; //扩展值字节数
uint32 extSize; //定义的私有扩展总数
} USER_privateExt_INFO; //私有扩展项的具体含义由用户自己解释
/////////////证书等级和相应用法 cert class & usage /////////
#define CERT_CLASS_EMAIL 1 //EMAIL证书
#define CERT_CLASS_SSL_CLIENT 2 //SSL客户端证书
#define CERT_CLASS_SSL_SERVER 4 //SSL服务端证书
#define CERT_CLASS_EB_INDIVIDUAL_CRYPT 8 //电子商务个人加密证书
#define CERT_CLASS_EB_INDIVIDUAL_SIGNATURE 16 //电子商务个人签名证书
#define CERT_CLASS_EB_ENTERPRISE_CRYPT 32 //电子商务企业加密证书
#define CERT_CLASS_EB_ENTERPRISE_SIGNATURE 64 //电子商务企业签名证书
//RA向CA发送的请求包格式--申请签发证书请求
typedef struct comm_cert_request_{
char cr_count_no[11]; //RA请求流水号 [11]
char cr_subj_c[3]; //用户国家代码 [3]
char cr_subj_o[129]; //用户单位名称 [129]
char cr_subj_ou[129]; //用户部门名称 [129]
char cr_subj_st[65]; //用户省份名称 [65]
char cr_subj_cn[65]; //用户通用名称 [65]
char cr_subj_l[65]; //用户所在城市 [65]
char cr_subj_email[65]; //用户EMAIL [65]
char cr_subj_pa[129]; //用户通信地址 [64]
char cr_subj_pc[33]; //用户邮政编码 [64]
char cr_subj_tel[33]; //用户电话号码 [64]
char cr_subj_class[33]; //证书申请类型 [16]
char cr_subj_rev_pw[33]; // 证书注销口令 [16]
} COMM_CERT_REQUEST;
//CA向RA返回的响应包格式--申请签发证书请求响应
typedef struct comm_cert_request_resp_{
char crp_count_no[11]; //RA申请流水号 [11]
char crp_result[2]; //结果标志 [1] 成功 : 0 失败 : 1
} COMM_CERT_REQUEST_RESP;
//RA向CA发送的请求包格式--吊销证书请求
typedef struct comm_cert_revoke_request_{
char cvr_count_no[11]; //RA请求流水号 [10]
char cvr_sn[11]; //证书序列号 [10]
char cvr_rev_pw[33]; //注销密码 [16]
char cvr_rev_reason[33]; //注销原因 [1]
} COMM_CERT_REVOKE_REQUEST;
//CA向RA返回的响应包格式--吊销证书请求响应
typedef struct comm_cert_revoke_resp_{
char cvp_count_no[11]; //RA申请流水号[10]
char cvp_result[2]; //结果标志 [1] 成功 : 0 失败 : 1
} COMM_CERT_REVOKE_RESP;
//RA向CA发送的请求包格式--下载证书请求
typedef struct comm_cert_download_request_ {
char cdr_count_no[11]; //RA请求流水号 [10]
char cdr_request_no[11]; //RA证书请求流水号[10]
char cdr_subj_rev_pw[33]; //证书注销口令 [16]
} COMM_CERT_DOWNLOAD_REQUEST;
//CA向RA返回的响应包格式--下载证书请求响应
typedef struct comm_cert_download_resp_{
char cdp_count_no[11]; //RA申请流水号 [10]
char cdp_result[2]; //结果标志 [1] 成功 : 0 失败 : 1 //
char cdp_user_cert[4096]; //用户证书 [2048]
char cdp_user_sk[2048]; //用户密钥 [1024]
} COMM_CERT_DOWNLOAD_RESP;
//RA向CA发送的请求包格式--下载CRL请求
typedef struct comm_crl_download_request_ {
char cdr_count_no[11]; //RA请求流水号 [10]
} COMM_CRL_DOWNLOAD_REQUEST;
//CA向RA返回的响应包格式--下载CRL请求响应
typedef struct comm_crl_download_resp_{
char cdp_count_no[11]; //RA申请流水号 [10]
char cdp_result[2]; //结果标志 [1] 成功 : 0 失败 : 1 //
char cdp_user_crl[4096]; //crl [2048]
} COMM_CRL_DOWNLOAD_RESP;
typedef COMM_CERT_DOWNLOAD_REQUEST COMM_CERT_RECOVER_REQUEST ;
typedef COMM_CERT_DOWNLOAD_RESP COMM_CERT_RECOVER_RESP ;
int Crypt_Get_Soft_Version(int *main_ver,int*sub_ver);
int Crypt_InitEnvironment(void);
int Crypt_ClearEnvironment(void);
int Crypt_Gen_Hash(
int uid_algorithm,
unsigned char *msg,
int msgSize,
unsigned char *hash,
int *hashSize);
int Crypt_Gen_Encoded_Hash(
int uid_algorithm,
unsigned char *msg,
int msgSize,
unsigned char *hash,
int *hashSize);
int Crypt_GenRSAKeyPair(
char *keyName,
char *password,
unsigned char *DerPubkey,
int *DerPubkeyLen,
unsigned char *DerPrikey,
int *DerPrikeyLen);
int Crypt_GetRSAPublicKey(
char *keyName,
char *password,
unsigned char *rsaPublicKey,
int *rsaPublicKeySize);
int Crypt_GetPubkey_From_Prikey(unsigned char *rsaPrivateKeyDERString,
int rsaPrivateKeyDERStringLen,
unsigned char *rsaPublicKeyDERString,
int *rsaPublicKeyDERStringLen );
int Crypt_Gen_Signature(
int uid_algorithm,
char *keyName,
char *password,
unsigned char *msg,
int msgSize,
unsigned char *sig,
int *sigSize);
int Crypt_Gen_Signature_By_Prikey(
int uid_algorithm,
unsigned char *DerPrikey,
int DerPrikeyLen,
unsigned char *msg,
int msgSize,
unsigned char *sig,
int *sigSize);
int Crypt_Ver_Signature(
int uid_algorithm,
unsigned char *rsaPublicKey,
int rsaPublicKeySize,
unsigned char *msg,
int msgSize,
unsigned char *sig,
int sigSize);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -