ca.h

小型ca.命令行方式.可以生成ca .请求,发放证书,crl等.

#ifndef _CA_H
#define _CA_H
#include <time.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#define DER			    1 //FORMAT_ASN1
#define PEM			    3	
#define NET				4
#define P12				5
#define peding 0
#define CT_REVOKED -1
#define CT_REGISTERED 0
#define CT_PUBLISHED 1
typedef unsigned int UINT;
typedef  unsigned char UCHAR;
//typedef unsigned short wchar_t;
typedef char * (* PNewCrlMem)(UINT len);
struct stuSUBJECT
{
	UCHAR C[24+peding];
	UCHAR ST[24+peding];
	UCHAR L[24+peding];
	UCHAR O[48+peding];
	UCHAR OU[24+peding];
	UCHAR CN[24+peding];
	UCHAR MAIL[24+peding];
	UCHAR PMAIL[24+peding];
	UCHAR T[12+peding];
	UCHAR D[12+peding];
	UCHAR G[12+peding];
	UCHAR I[12+peding];
	UCHAR NAME[12+peding];
	UCHAR S[12+peding];
	UCHAR QUAL[12+peding];
	UCHAR STN[12+peding];
	UCHAR PW[12+peding];
	UCHAR ADD[12+peding];

};

struct stuKEYUSAGE//key usage
{
	long DS;//Digital Signature
	long NR;//Non-Repudiation
	long KE;//Key Encipherment
	long DE;//Data Encipherment
	long KA;//keyAgreement
	long KC;//keyCertSign 
	long CS;//cRLSign
	long EO;//Encipher Only
	long DO;//Decipher Only


};

struct stuEKEYUSAGE//ext key usage
{
	long SA;//server auth
	long CA;//client auth
	long CS;//code sign
	long EP;//secu email
	long TS;//time stamp
	long msCC;//code interity
	long msCTLS;//sign list
	long msSGC;//
	long msEFS;//enc data
	long msSC;//smart ic card login
	long IP;//Internet

};

struct stuCERT
{
	unsigned int serial;
	unsigned int days;
	unsigned int keylen;
	
	stuSUBJECT SUBJECT;
	stuKEYUSAGE KUSAGE;
	stuEKEYUSAGE EKUSAGE;
	time_t reg_time;
	time_t pub_time;
	time_t rev_time;
	int state;

};

struct stuREVOKE//certificate revoked list 
{
	int Index;//certificate serialno;
	time_t time;//revoked time
	stuREVOKE * Link;

};


int AddRevoke(stuREVOKE *& Head,int index,time_t time);


long CertFormatConver(char * buf,int len,
			  char * pwd,char * pem,int outformat);


long MakeRoot(stuSUBJECT * rootInfo,int bits, int serial, 
			  int days,char * certFile,char * priFile,
			  int type,char *pwd);


long MakeReq(stuSUBJECT * reqInfo,int bits, char * reqFile,
			 char * priFile,int type=PEM);


long MakeCert(char *certfile,int certlen,
			  char *keyfile,int keylen,int serial,char *enddate,
			  int days, char *reqfile,stuKEYUSAGE * KUSAGE,
			  stuEKEYUSAGE * EKUSAGE,char *outfile,
			  int type);


long DirectCert(char *certfile,int certlen,
			 char *keyfile,int keylen,int serial,char *enddate,
			 int days,stuCERT * sCERT,int bits,char * cert,int * certl,
			 char * key,int * keyl, char * pwd, char *enc_key/*,int typeDER,PEM*/);

long MakeCrl(char *certfile,int certlen,
			  char *keyfile ,int keylen,
			  stuREVOKE * Head,PNewCrlMem NewCrlMem,char *& outCrl,int * crll,char * outfile,char * pwd,int days)
;

long ParseDB(char * strP12,char * strPwd,char * strCert,
			 char * strkey,int outformat)
;
long CreateDB(char * strP12,char * strPwd,char * strCert,
			  char * strkey);

long ChangePB(char * strP12,char * strPwd,char * strPwd2,
			  char * strOutP12);


long CertPairCheck(char * cert,char * key);

int newroot();

#endif