briefmng.cpp

实现证书的生成和验证

#include "stdafx.h"
#include "briefmng.h"

CBrief::CBrief()
{
}

int CBrief::Encript_brief(conv_tool::OPERATORS_MAP mapOpts, xmlChar ** ppszXML, int * pnLen )
{
	std::string sbrief, scontent, senc, skey;
	BIO * bio = NULL;
	EVP_PKEY * pkey = NULL;
	int ret = -1, type = FILE_TYPE;
	conv_tool::OPERATORS_MAP mapret;
	conv_tool::OPERATORS_MAP::iterator it;

	if ((it = mapOpts.find (PASSWORD)) != mapOpts.end())
		spass = it->second;
	if((it=mapOpts.find(CONTENT))!=mapOpts.end())
		scontent = it->second;
	if((it=mapOpts.find(KEY))!=mapOpts.end())
		skey = it->second;
	if((it=mapOpts.find(IN_TYPE))!=mapOpts.end())
		type = atoi(it->second.c_str());

	sbrief = Gen_brief(scontent.c_str());
	if ( sbrief.length() == 0 ) goto end;
	if( (bio = CCertMng::Interface()->Bio_Read(type, skey.c_str(), skey.length())) == NULL )
	{
		CError::Interface()->Handle_Error(0, "读取KEY失败:%s", skey.c_str());
		goto end;
	}
	pkey = PEM_read_bio_PrivateKey ( bio, NULL, (pem_password_cb*)pass_callback, this );
	if((senc = Encript(sbrief.c_str(), pkey)).length() == 0 )
		goto end;
	mapret.insert ( std::make_pair ( std::string ( BRIEF ), sbrief ) );
	mapret.insert ( std::make_pair ( std::string ( ENC_BRIEF ), senc ) );
	if ( conv_tool::Map2XML ( mapret, ppszXML, pnLen ) == -1 )
	{
		CError::Interface()->Handle_Error ( 0, "转换成XML失败" );
		goto end;
	}
	if (bio) BIO_free(bio);
	if ( pkey )EVP_PKEY_free(pkey);
	ret = 0;
end:
	return ret;
}

int CBrief::Decript_brief(conv_tool::OPERATORS_MAP mapOpts, xmlChar **ppszXML, int * pnLen )
{
	std::string sdec, scert, ssrc;
	BIO * bio = NULL;
	EVP_PKEY * pkey = NULL;
	X509     * x    = NULL;
	int ret = -1, type=FILE_TYPE;
	conv_tool::OPERATORS_MAP mapret;
	conv_tool::OPERATORS_MAP::iterator it;

	if ((it = mapOpts.find (PASSWORD)) != mapOpts.end())
		spass = it->second;
	if ((it = mapOpts.find (CERT_FILE)) != mapOpts.end())
		scert = it->second;
	if ((it = mapOpts.find (ENC_BRIEF)) != mapOpts.end())
		ssrc = it->second;
	if((it=mapOpts.find(IN_TYPE))!=mapOpts.end())
		type = atoi(it->second.c_str());

	if( (bio = CCertMng::Interface()->Bio_Read(type, scert.c_str(), scert.length())) == NULL )
	{
		CError::Interface()->Handle_Error(0, "读取证书失败:%s", scert.c_str());
		goto end;
	}
	if((x = PEM_read_bio_X509_AUX (bio, NULL, (pem_password_cb*)pass_callback, this )) == NULL )
		goto end;
	pkey = X509_get_pubkey(x);
	if((sdec = Decript(ssrc.c_str(), pkey)).length() == 0 )
		goto end;
	mapret.insert ( std::make_pair ( std::string ( DEC_BRIEF ), sdec ) );
	if ( conv_tool::Map2XML ( mapret, ppszXML, pnLen ) == -1 )
	{
		CError::Interface()->Handle_Error ( 0, "转换成XML失败" );
		goto end;
	}
	if (bio) BIO_free(bio);
	if ( pkey )EVP_PKEY_free(pkey);
	ret = 0;
end:
	return ret;
}

int CBrief::Verify_brief(const char * cmp1, const char * cmp2)
{
	return strcmp(cmp1, cmp2) == 0 ? 1 : 0;
}

std::string 
CBrief::Gen_brief( const char * src )
{
	std::string sret;
	unsigned char md[MD5_DIGEST_LENGTH] = {NULL};
	if ( src )
	{
		EVP_Digest((char*)src, strlen(src), md, NULL, EVP_md5(), NULL );
		sret = Change_bin2x((const char*)md, MD5_DIGEST_LENGTH);
	}
	return sret;
}
std::string 
CBrief::Encript(const char * src, EVP_PKEY * pkey)
{
	if ( pkey == NULL )
		return "";
	char en_text[256] = {NULL};
	RSA * rsa  = NULL;
	int  src_len = strlen(src);
	int  enc_len = 0;
	
	rsa = EVP_PKEY_get1_RSA(pkey);
	if ( rsa )
	{
		enc_len = RSA_private_encrypt( src_len, (unsigned char*)src, (unsigned char*)en_text, rsa, RSA_PKCS1_PADDING);
		return Change_bin2x( en_text, enc_len);
	}
	if( rsa )RSA_free(rsa);
	return "";
}
std::string 
CBrief::Decript(const char * src, EVP_PKEY * pkey )
{
	if( pkey == NULL )
		return "";

	char bin_buf[1024] = {NULL};
	char de_buf[256] = {NULL};
	RSA * rsa  = NULL;
	int src_len = strlen(src);
	int dec_len = 0;
	int bin_len = 0;

	rsa = EVP_PKEY_get1_RSA(pkey);
	if(rsa)
	{
		Change_x2bin(src, bin_buf, &bin_len);
		dec_len = RSA_public_decrypt( bin_len, (unsigned char*)bin_buf, (unsigned char*)de_buf, rsa, RSA_PKCS1_PADDING);
		return std::string(de_buf);
	}
	return "";
}
std::string 
CBrief::Change_bin2x(const char * p, int len)
{
	char buf[1024] = {NULL};
	for ( int i = 0,j=0; i < len; i++,j+=2 )
	{
		sprintf(&buf[j], "%x", (p[i]>>4)&0x0f);
		sprintf(&buf[j+1], "%x", p[i]&0x0f);
	}
	return std::string(buf);
}

void CBrief::Change_x2bin ( const char * src, char * buf, int *pnlen)
{
	*pnlen = 0;
	for ( int i = 0; i < strlen(src); i+=2, (*pnlen)++ )
		sscanf(&src[i], "%02x", &buf[*pnlen]);
}

int CBrief::pass_callback(char * buf, int bufsiz, int verify, void * pVoid )
{
	CBrief * pb = (CBrief*)pVoid;
	memset (buf, 0, bufsiz);
	if(pb)
		strncpy ( buf, pb->spass.c_str(), bufsiz );
	return strlen(buf);
}