cacore.h

运行debug下的cisoca.exe即可。 由于在vc6.0下开发的

// CACore.h: interface for the CCACore class.
//
//////////////////////////////////////////////////////////////////////

#if !defined(AFX_CACORE_H__DA4FC3FF_64E5_4AE0_8F29_4F46A45056A7__INCLUDED_)
#define AFX_CACORE_H__DA4FC3FF_64E5_4AE0_8F29_4F46A45056A7__INCLUDED_

#include "CAInfo.h"

#if _MSC_VER > 1000
#pragma once
#endif // _MSC_VER > 1000

#define MAX_ENTRY_LENGTH	128
#define CA_OK				1		// 功能标志
#define CA_FAIL				0		// 失败标志
#define EXT_COUNT			5
#define DER					1
#define PEM					0

#define REQ_COUNTRY_NAME			"countryName"
#define REQ_STATA_OR_PROVINCE_NAME	"stateOrProvinceName"
#define REQ_LOCALITE_NAME			"localityName"
#define REQ_ORG_NAME				"organizationName"
#define REQ_DEPT_NAME				"organizationalUnitName"
#define REQ_COMMON_NAME				"commonName"
#define REQ_SUBJECT_ALT_NAME		"subjectAltName"
#define REQ_BASIC_CONSTRAINS        "basicConstraints"
#define BASIC_CONSTRAIN(isCA) isCA?"CA:TRUE":"CA:FALSE"
// reference forword
class CRevokeCertList;

class AFX_EXT_CLASS CCACore : public CObject  
{
public:
	CCACore();
	DECLARE_DYNCREATE(CCACore)
	
// Attributes
public:
	CCAInfo m_CaInfo;
	// set entry's Name
	void SetCountryName(CString strCNN);
	void SetProvinceName(CString strPRN);
	void SetCityName(CString strCTN);
	void SetOrgName(CString strORGN);
	void SetDeptName(CString strDPN);
	void SetCommonName(CString strCMN);
	void SetSubjectAltName(CString strSAN);
	void SetCertValidate(CString strCertValidate);
	void SetKeyLength(CString strLength);
	void SetEmail(CString strEmail);

private:
	// entry names
	char szCountryName[MAX_ENTRY_LENGTH];
	char szProvinceName[MAX_ENTRY_LENGTH];
	char szCityName[MAX_ENTRY_LENGTH];
	char szOrgName[MAX_ENTRY_LENGTH];
	char szDeptName[MAX_ENTRY_LENGTH];
	char szCommonName[MAX_ENTRY_LENGTH];
	char szSubjectAltName[MAX_ENTRY_LENGTH];
	char szEmail[MAX_ENTRY_LENGTH];
	char szKeyLength[MAX_ENTRY_LENGTH];
	char szCertValidate[MAX_ENTRY_LENGTH];

	// 用于证书请求对象
	
	X509_REQ *req;
	EVP_PKEY *pNewRsaKey;
	X509_NAME *pSubjectName;
	X509_EXTENSION *ext;
	STACK_OF(X509_EXTENSION) *extlist;
	EVP_MD *digest;
	
	// 客户证书和私钥

	EVP_PKEY	*m_pClientKey;
	X509		*m_pClientCert;
	CString		strClientPwd;

	// CA的证书和私钥

	EVP_PKEY	*m_pCAKey;
	X509		*m_pCACert;
	CString		strCAPwd;

	// CRL

	X509_CRL		*m_pCrl ;
	X509_CRL_INFO	*m_pCrlInfo	;

	// 错误原因(文本)

	char szErrorString[MAX_ENTRY_LENGTH];

public:
	BOOL HasValidCA();

	// 将证书转成pem字符串

	int CertificateToPEM(BOOL isCA,char *buf,int len);

	// 将私钥转成pem字符串

	int PrivateKeyToPEM (BOOL isCA,CString strPwd,char *buf,int len);

	void FreeCertificate(BOOL isCA);
	
	// 证书私钥接口函数

	int  MakeCRL(CString strFileName,CRevokeCertList *prev,long crldays,long crlhours);
	int  ToPKCS12(CString strPwd,CString strFileName,CString strFriendlyName);
	int  MakeV3Certificate(BOOL isCA,long sn,int days);
	int  GenerateREQ(BOOL isCA=FALSE);

	int  GetCertificate(CString strFileName,int FileFormat,BOOL isCA);
	int  SaveCertificate(CString strFileName,int FileFormat,BOOL isCA);

	int  GetPrivateKey(CString strFileName,CString strPwd,int FileFormat,BOOL isCA);
	int  SavePrivateKey(CString strFileName,CString strPwd,int FileFormat,BOOL isCA);
	int  GenerateRSAKeyPair();
	void FreeEvpKey(BOOL isCA=FALSE);

	void GetErrString(char *pErrStr);
	virtual ~CCACore();

private:
	
	int AddExtEntry(char *name,char *value);
	void AddPukToREQ();
	int AddSubjectToREQ();
	int AddSubjectEntry(char *key,char *value);
};

#endif // !defined(AFX_CACORE_H__DA4FC3FF_64E5_4AE0_8F29_4F46A45056A7__INCLUDED_)