📄 certcreate.cpp.bak
字号:
NULL, NULL, &dwSize);
if (!bResult)
{
dwError = GetLastError();
break;
}
// Allocate memory for encoded certificate
bpEncodedCert = (LPBYTE)HeapAlloc(hHeap, 0, dwSize);
if (!bpEncodedCert)
{
dwError = GetLastError();
break;
}
// Sign and Encode certificate
bResult = CryptSignAndEncodeCertificate(hIssuerProv, dwIssuerKeyType,
MYCODING_TYPE, X509_CERT_TO_BE_SIGNED,
(LPVOID)&CertInfo,
&(pIssuerCert->pCertInfo->SignatureAlgorithm),
NULL, bpEncodedCert, &dwSize);
if (!bResult)
{
dwError = GetLastError();
break;
}
// Write encoded Certificate to file
/*
nRtn = WriteToFile((char *)bpEncodedCert, dwSize,"signp10.cer");
if (nRtn < 0)
{
dwError = GetLastError();
__leave;
}
*/
if(dwSize > *cbSize)
{
dwError = GetLastError();
break;
}
*cbSize = dwSize;
memcpy(pbCert,bpEncodedCert,dwSize);
dwError = 0;
break;
} //end while
{
// Clean up
if (pbNameBlob) HeapFree(hHeap, 0, pbNameBlob);
if (CertEnhKeyUsage.rgpszUsageIdentifier)
HeapFree(hHeap, 0, CertEnhKeyUsage.rgpszUsageIdentifier);
if (PublicKeyInfo) HeapFree(hHeap, 0, PublicKeyInfo);
if (pbKeyIdentifier) HeapFree(hHeap, 0, pbKeyIdentifier);
if (SubjectKeyIdentifier) HeapFree(hHeap, 0, SubjectKeyIdentifier);
if (pbKeyUsage) HeapFree(hHeap, 0, pbKeyUsage);
if (pbEnhKeyUsage) HeapFree(hHeap, 0, pbEnhKeyUsage);
if (pbBasicConstraints) HeapFree(hHeap, 0, pbBasicConstraints);
if (KeyId) HeapFree(hHeap, 0, KeyId);
if (pbCertSerialNum) HeapFree(hHeap,0,pbCertSerialNum);
if (pbAuthorityKeyId) HeapFree(hHeap, 0, pbAuthorityKeyId);
if (bpEncodedCert) HeapFree(hHeap, 0, bpEncodedCert);
if (pbExportedKey) HeapFree(hHeap, 0, pbExportedKey);
// if (szContainer) RpcStringFree((unsigned char **)&szContainer);
if (hCertFile) CloseHandle(hCertFile);
if (hKeyFile) CloseHandle(hKeyFile);
if (hPubKey) CryptDestroyKey(hPubKey);
if (hSessionKey) CryptDestroyKey(hSessionKey);
if (hHash) CryptDestroyHash(hHash);
if (hCryptProv) CryptReleaseContext(hCryptProv, 0);
if (hIssuerProv) CryptReleaseContext(hIssuerProv, 0);
if (pIssuerCert) CertFreeCertificateContext(pIssuerCert);
if (pCertContext) CertFreeCertificateContext(pCertContext);
if (hStore) CertCloseStore(hStore, 0);
if (pvCertReqInfo) HeapFree(hHeap, 0, pvCertReqInfo);
}
return dwError;
}
int GenP7(BYTE* pbCert, //in 用户证书
DWORD cbSize, //in 用户证书长度
BYTE* pbData, //out base64编码后的p7内容
DWORD* cbData) //in/out pbData缓冲区长度/返回长度
{
BOOL bRtn;
DWORD dwError;
DWORD dwKeyType;
DWORD dwSize;
HANDLE hHeap = GetProcessHeap();
LPSTR szStore="MyPkcs7Store";
WCHAR szwStore[260];
PCCERT_CONTEXT pCertContext = NULL;
PCCERT_CONTEXT pIssuerCertContext = NULL;
HCERTSTORE hStore = NULL;
HCRYPTPROV hCryptProv = NULL;
PCRYPT_DATA_BLOB KeyId = NULL;
HCRYPTPROV hIssuerProv = 0;
while(1)
{
if(!CryptAcquireContext(&hCryptProv, // 返回CSP句柄
szContainer, // 密码容器名
szProvider, // NULL时使用默认CSP名(微软RSA Base Provider)
PROV_RSA_FULL, // CSP类型
0)) // Flag values
{
if(!CryptAcquireContext(&hCryptProv,
szContainer,
szProvider,
PROV_RSA_FULL,
CRYPT_NEWKEYSET)) //创建以UserName为名的密钥容器
{
dwError = GetLastError();
break;
}
}
// Open Certificate Store
if (mbstowcs(szwStore, szStore, strlen(szStore)+1) == (size_t)-1)
{
dwError = GetLastError();
break;
}
hStore = CertOpenStore(CERT_STORE_PROV_MEMORY,//CERT_STORE_PROV_SYSTEM,
MYCODING_TYPE,
hCryptProv,
CERT_SYSTEM_STORE_CURRENT_USER,
szwStore);
if (!hStore)
{
dwError = GetLastError();
break;
}
// Add User Certificate to store
bRtn = CertAddEncodedCertificateToStore(hStore,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
(BYTE *)pbCert,
cbSize,
CERT_STORE_ADD_REPLACE_EXISTING,
&pCertContext);
if (!bRtn)
{
dwError = GetLastError();
break;
}
pIssuerCertContext = FindCertificate( ISSUERNAME,
szIssuerStore,
CERT_SYSTEM_STORE_LOCAL_MACHINE,
&KeyId,
&hIssuerProv,
&dwKeyType);
if(!pIssuerCertContext)
{
dwError = GetLastError();
break;
}
// Add CA Certificate to store
bRtn = CertAddEncodedCertificateToStore(hStore,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
(BYTE *)pIssuerCertContext->pbCertEncoded,
pIssuerCertContext->cbCertEncoded,
CERT_STORE_ADD_REPLACE_EXISTING,
&pCertContext);
if (!bRtn)
{
dwError = GetLastError();
break;
}
bRtn = CertSaveStore(
hStore,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
CERT_STORE_SAVE_AS_PKCS7,
CERT_STORE_SAVE_TO_FILENAME_A,
"file3.p7b",
0);
unsigned char pTmpBuf[5000];
DWORD pTmpBufLen = 5000;
dwSize = ReadFromFile(pTmpBuf,pTmpBufLen,"file3.p7b");
if(dwSize < 0)
{
dwError = GetLastError();
break;
}
if(dwSize == pTmpBufLen)
{
dwError = -12342;
break;
}
XFBase64encode(pTmpBuf,dwSize,pbData, FALSE);
*cbData = strlen((char *)pbData);
//write file
//dwSize = WriteToFile(pbData,*cbData,"file4.p7b");
/*
bRtn = CertSaveStore(
hStore,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
CERT_STORE_SAVE_AS_PKCS7,
CERT_STORE_SAVE_TO_MEMORY,
pbData,
0);
*/
if (!bRtn)
{
dwError = GetLastError();
break;
}
dwError = 0;
break;
} //end while
{
if (pCertContext) CertFreeCertificateContext(pCertContext);
if (pIssuerCertContext) CertFreeCertificateContext(pIssuerCertContext);
if (hStore) CertCloseStore(hStore, 0);
if (hCryptProv) CryptReleaseContext(hCryptProv, 0);
if (hIssuerProv) CryptReleaseContext(hIssuerProv, 0);
if (KeyId) HeapFree(hHeap, 0, KeyId);
}
return dwError;
}
int VerifySign(unsigned char * pUserCert, //in 用户证书,base64编码
LPSTR szSign,//in 签名值
LPSTR szRandom) //in 随机数
{
BOOL bRtn;
DWORD dwError=0;
DWORD dwSize;
HANDLE hHeap = GetProcessHeap();
LPSTR szStore="MyVerifyStore";
WCHAR szwStore[260];
PCCERT_CONTEXT pCertContext = NULL;
HCERTSTORE hStore = NULL;
HCRYPTPROV hCryptProv = NULL;
HCRYPTPROV hProv = NULL;
HCRYPTHASH hHash = NULL;
HCRYPTKEY hPubKey = NULL;
unsigned char pbCert[MAXCERTLEN];
DWORD cbSize;
DWORD dwKeySpec = AT_SIGNATURE;
BOOL fFreeProv = TRUE;
ALG_ID HashAlgId = CALG_MD5;//CALG_SHA1;//
unsigned char szSignature[1000];
DWORD dwSignature=1000;
BOOL bSign = FALSE;
while(1)
{
XFBase64decode(pUserCert, pbCert, dwSize);
// Open Certificate Store
cbSize = dwSize;
if (mbstowcs(szwStore, szStore, strlen(szStore)+1) == (size_t)-1)
{
dwError = GetLastError();
break;
}
hStore = CertOpenStore(CERT_STORE_PROV_MEMORY,//CERT_STORE_PROV_SYSTEM,
MYCODING_TYPE,
NULL,
CERT_SYSTEM_STORE_CURRENT_USER,
szwStore);
if (!hStore)
{
dwError = GetLastError();
break;
}
// Add User Certificate to store
bRtn = CertAddEncodedCertificateToStore(hStore,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
(BYTE *)pbCert,
cbSize,
CERT_STORE_ADD_REPLACE_EXISTING,
&pCertContext);
if (!bRtn)
{
dwError = GetLastError();
break;
}
//get PUBKEY
bRtn = GetRSAKeyFromCert(pCertContext,
bSign,
&hProv,
&hPubKey,
&dwKeySpec,
&fFreeProv);
if (!bRtn)
{
dwError = -3200;
break;
}
// Create Hash
bRtn = CryptCreateHash(hProv, HashAlgId, 0, 0, &hHash);
if (!bRtn)
{
dwError = GetLastError();
break;
}
//Hash Data
bRtn = CryptHashData(hHash, (const unsigned char *)szRandom, strlen(szRandom), 0);
if (!bRtn)
{
dwError = GetLastError();
break;
}
XFBase64decode((const unsigned char * )szSign, szSignature, dwSignature);
// Verify Signature
bRtn = CryptVerifySignature(hHash, szSignature, dwSignature, hPubKey, NULL, 0);
if (!bRtn)
{
dwError = GetLastError();
break;
}
break;
} //end while
{
if (pCertContext) CertFreeCertificateContext(pCertContext);
if (hStore) CertCloseStore(hStore, 0);
if (hCryptProv) CryptReleaseContext(hCryptProv, 0);
if (hProv) CryptReleaseContext(hProv, 0);
if (hHash) CryptDestroyHash(hHash);
if (hPubKey) CryptDestroyKey(hPubKey);
}
if(dwError == 0) //验证成功
return 0;
else
return -3201;
}
int GenRSAKEY()
{
int nERR=0;
BOOL bRTN;
HCRYPTPROV hCryptProv = 0;
if(!CryptAcquireContext(&hCryptProv, // 返回CSP句柄
szContainer, // 密码容器名
szProvider, // NULL时使用默认CSP名(微软RSA Base Provider)
PROV_RSA_FULL, // CSP类型
0)) // Flag values
{
if(!CryptAcquireContext(&hCryptProv,
szContainer,
szProvider,
PROV_RSA_FULL,
CRYPT_NEWKEYSET)) //创建以szContainer为名的密钥容器
{
nERR = GetLastError();
return nERR;
}
}
bRTN = CryptGenKey(hCryptProv,
AT_SIGNATURE,
0x04000000,
NULL);
nERR = GetLastError();
if(bRTN)
{
return nERR;
}
bRTN = CryptGenKey(hCryptProv,
AT_KEYEXCHANGE,
0x04000000,
NULL);
nERR = GetLastError();
if(bRTN)
{
return nERR;
}
return 0;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -