#include
void tX509_Verify() {
unsigned char usrCertificate1[4096]; //DER证书缓冲区数组 unsigned long usrCertificate1Len; //证书长度 unsigned char usrCertificate2[4096]; unsigned long usrCertificate2Len;
unsigned char derCrl[4096]; //CRL缓冲区数组 unsigned long derCrlLen; //CRL长度
unsigned char derRootCert[4096]; //根证书缓冲区数组 unsigned long derRootCertLen; //根证书长度 int i,rv;
X509_STORE_CTX *ctx = NULL; //证书存储区句柄
X509 *usrCert1 = NULL; //X509证书结构体,保存用户证书 X509 *usrCert2 = NULL;
X509 *caCert = NULL; //X509证书结构体,保存CA证书 X509 *rootCert = NULL; //X509证书结构体,保存根证书 X509_CRL *Crl = NULL; //X509_CRL结构体,保存CRL STACK_OF(X509) *caCertStack = NULL;
X509_STORE *rootCertStore = NULL; //证书存储区
int j = 0;
unsigned char *pTmp = NULL; FILE *fp; //读取根证书
fp=fopen(\if(fp==NULL) {
printf(\ return ; }
derRootCertLen = fread(derRootCert,1,4096,fp); fclose(fp); //读取CRL文件
fp=fopen(\if(fp==NULL) {
printf(\ return ; }
derCrlLen = fread(derCrl,1,4096,fp); fclose(fp);
//读取待验证的用户证书1 fp=fopen(\郭靖.cer\if(fp==NULL) {
printf(\ return ; }
usrCertificate1Len = fread(usrCertificate1,1,4096,fp); fclose(fp);
//读取待验证的用户证书2
fp=fopen(\黄飞洪.cer\if(fp==NULL) {
printf(\ return ; }
usrCertificate2Len = fread(usrCertificate2,1,4096,fp); fclose(fp);
//把DER编码的根证书转化为X509结构体 pTmp=derRootCert;
rootCert = d2i_X509(NULL,&pTmp,derRootCertLen); if(rootCert==NULL) {
printf(\ return; }
//把DER编码的用户证书转化为X509结构体 pTmp=usrCertificate1;
usrCert1 = d2i_X509(NULL,&pTmp,usrCertificate1Len); if(usrCert1==NULL) {
printf(\ return; }
//把DER编码的用户证书转化为X509结构体 pTmp=usrCertificate2;
usrCert2 = d2i_X509(NULL,&pTmp,usrCertificate2Len); if(usrCert2==NULL) {
printf(\ return; }
//把DER编码的CRL转化为X509_CRL结构体 pTmp=derCrl;
Crl = d2i_X509_CRL(NULL,&pTmp,derCrlLen); if(usrCert2==NULL) {
printf(\ return; }
//新建X509证书存储区
rootCertStore = X509_STORE_new(); //添加根证书到证书存储区
X509_STORE_add_cert(rootCertStore,rootCert);
//设置检查CRL标志位,如果设置此标志位,则检查CRL,否则不检查CRL。 X509_STORE_set_flags(rootCertStore,X509_V_FLAG_CRL_CHECK); //添加CRL到证书存储区
X509_STORE_add_crl(rootCertStore,Crl); //新建证书存储区句柄
ctx = X509_STORE_CTX_new();
//初始化根证书存储区、用户证书1
rv = X509_STORE_CTX_init(ctx,rootCertStore,usrCert1,caCertStack); if(rv != 1) {
printf(\ X509_free(usrCert1); X509_free(usrCert2);
X509_free(rootCert);
X509_STORE_CTX_cleanup(ctx); X509_STORE_CTX_free(ctx);
X509_STORE_free(rootCertStore); return; }
//验证用户证书1
rv = X509_verify_cert(ctx); if(rv != 1) {
printf(\郭靖.cer err.error= %d,info:%s\\n\ } else {
printf(\郭靖.cer OK\\n\ }
//初始化根证书存储区、用户证书2
rv = X509_STORE_CTX_init(ctx,rootCertStore,usrCert2,caCertStack); if(rv != 1) {
printf(\ X509_free(usrCert1); X509_free(usrCert2); X509_free(rootCert);
X509_STORE_CTX_cleanup(ctx); X509_STORE_CTX_free(ctx);
X509_STORE_free(rootCertStore); return; }
//验证用户证书2
rv = X509_verify_cert(ctx); if(rv != 1) {
printf(\黄飞洪.cer err.error= %d,info:%s\\n\ } else {
printf(\黄飞洪.cer OK\\n\ }
//释放内存
X509_free(usrCert1);
X509_free(usrCert2); X509_free(rootCert);
X509_STORE_CTX_cleanup(ctx); X509_STORE_CTX_free(ctx);
X509_STORE_free(rootCertStore); return; }
void tGetX509Info() {
unsigned char usrCertificate[4096]; //DER证书缓冲区数组 unsigned long usrCertificateLen; //证书长度
X509 *x509Cert = NULL; //X509证书结构体 unsigned char *pTmp = NULL;
X509_NAME *issuer = NULL; //X509_NAME结构体,保存证书颁发者信息 X509_NAME *subject = NULL; //X509_NAME结构体,保存证书拥有者信息 int i;
int entriesNum;
X509_NAME_ENTRY *name_entry; //
ASN1_INTEGER *Serial = NULL; //保存证书序列号 long Nid;
ASN1_TIME *time; //保存证书有效期时间 EVP_PKEY *pubKey; //保存证书公钥 long Version; //保存证书版本 FILE *fp;
unsigned char derpubkey[1024]; int derpubkeyLen;
unsigned char msginfo[1024]; int msginfoLen;
unsigned short *pUtf8 = NULL; int nUtf8; int rv;
//打开用户证书文件
fp=fopen(\黄飞洪.cer\ if(fp==NULL) {
printf(\ return ; }
usrCertificateLen = fread(usrCertificate,1,4096,fp); fclose(fp);
//把DER证书转化为X509结构体 pTmp=usrCertificate;
x509Cert = d2i_X509(NULL,&pTmp,usrCertificateLen);
百度搜索“77cn”或“免费范文网”即可找到本站免费阅读全部范文。收藏本站方便下次阅读,免费范文网,提供经典小说综合文库证书操作在线全文阅读。
相关推荐: