c语言制作证书
制作證書
// MakeCert.cpp : Defines the entry point for the console application. //#include "stdafx.h" #include <windows.h>DWORD MakeCert(); void log(char *error_msg,int error_num);int _tmain(int argc, _TCHAR* argv[]) {int t ;if( t= MakeCert() != 0)printf("Error Num:%d",t);return 0; }DWORD MakeCert() {HCRYPTPROV hProv;HCRYPTKEY hKey;BOOL cret = CryptAcquireContext(&hProv,"LiContainer",MS_ENHANCED_PROV,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT );if( cret == FALSE){cret = CryptAcquireContext(&hProv,"LiContainer",MS_ENHANCED_PROV,PROV_RSA_FULL,CRYPT_DELETEKEYSET );cret = CryptAcquireContext(&hProv,"LiContainer",MS_ENHANCED_PROV,PROV_RSA_FULL,CRYPT_NEWKEYSET );if(cret == FALSE)return GetLastError();}cret = CryptGenKey( hProv,AT_SIGNATURE, CRYPT_EXPORTABLE , &hKey) ; //|CRYPT_USER_PROTECTEDif(cret == FALSE)return GetLastError();CERT_INFO Cert;memset( (void*)&Cert , 0 ,sizeof( CERT_INFO));// 1.versionCert.dwVersion = 2;// 2.SerialNumberBYTE SerialNum[] = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F";Cert.SerialNumber.cbData = 16;Cert.SerialNumber.pbData = SerialNum;// 3.AlgorithmCert.SignatureAlgorithm.pszObjId = szOID_RSA_SHA1RSA;Cert.SignatureAlgorithm.Parameters.cbData = 0;// 4.Issuer. Encode the Issuer name with ASN.1 ,reference MSDN sourcechar *Cert_Issuer_Name ="My Name is LI";CERT_RDN_ATTR rgNameAttr = {szOID_COMMON_NAME, // the OIDCERT_RDN_PRINTABLE_STRING, // type of string(DWORD)strlen(Cert_Issuer_Name)+1, // string length including(BYTE *)Cert_Issuer_Name // pointer to the string};CERT_RDN rgRDN[] = {1, // the number of elements in the array&rgNameAttr // pointer to the array};CERT_NAME_INFO CertName = {1, // number of elements in the CERT_RND's arrayrgRDN};DWORD cbEncoded; // variable to hold theBYTE *pbEncoded; // variable to hold a pointer to the cret = CryptEncodeObjectEx( X509_ASN_ENCODING, X509_NAME, &CertName, 0, NULL, NULL,&cbEncoded) ;if( cret == NULL)return GetLastError();pbEncoded = (BYTE*)malloc(cbEncoded);if(pbEncoded == NULL)return GetLastError();cret =CryptEncodeObjectEx( X509_ASN_ENCODING, X509_NAME,&CertName, 0, NULL, pbEncoded, &cbEncoded);if( cret == NULL)return GetLastError();Cert.Issuer.cbData = cbEncoded;Cert.Issuer.pbData = pbEncoded;// 5.UTCTime .Process the Time of cert. SystemTimeToFileTimeSYSTEMTIME SysTime;GetSystemTime(&SysTime);SystemTimeToFileTime( &SysTime , &Cert.NotBefore);SysTime.wYear += 10;SystemTimeToFileTime( &SysTime , &Cert.NotAfter);// 6.subjectchar *Cert_Subject_Name ="A Good Day";rgNameAttr.pszObjId = szOID_COMMON_NAME;rgNameAttr.dwValueType = CERT_RDN_PRINTABLE_STRING;rgNameAttr.Value.cbData = (DWORD)strlen(Cert_Subject_Name) +1;rgNameAttr.Value.pbData = (PBYTE)Cert_Subject_Name;cret = CryptEncodeObjectEx( X509_ASN_ENCODING, X509_NAME, &CertName, 0, NULL, NULL,&cbEncoded) ;if( cret == NULL)return GetLastError();pbEncoded = (BYTE*)malloc(cbEncoded);if(pbEncoded == NULL)return GetLastError();cret =CryptEncodeObjectEx( X509_ASN_ENCODING, X509_NAME,&CertName, 0, NULL, pbEncoded, &cbEncoded);if( cret == NULL)return GetLastError();Cert.Subject.cbData = cbEncoded;Cert.Subject.pbData = pbEncoded;// 7.PublicKey PCERT_PUBLIC_KEY_INFO PubKeyBuf; //reference RACrypt.cpp .Don't know why DWORD PubKeyLen;cret = CryptExportPublicKeyInfo( hProv, AT_SIGNATURE, X509_ASN_ENCODING ,NULL,&PubKeyLen );if(cret == FALSE )return GetLastError();PubKeyBuf = (PCERT_PUBLIC_KEY_INFO) malloc( PubKeyLen);if( PubKeyBuf == NULL)return GetLastError();cret = CryptExportPublicKeyInfo( hProv, AT_SIGNATURE, X509_ASN_ENCODING ,PubKeyBuf,&PubKeyLen );if(cret == FALSE )return GetLastError();Cert.SubjectPublicKeyInfo = *PubKeyBuf;// ExtendsionCert.cExtension = 0;Cert.rgExtension = NULL;Cert.IssuerUniqueId.cbData = 0 ;Cert.SubjectUniqueId.cbData = 0;//Make CertificateCRYPT_ALGORITHM_IDENTIFIER algId;BYTE paraData[16];paraData[0] = 0x05; paraData[1] = 0x00;algId.pszObjId = szOID_RSA_SHA1RSA;algId.Parameters.cbData = 2;algId.Parameters.pbData = paraData;/*-------------------------------------------------------------CryptSignAndEncodeCertificateThe CryptSignAndEncodeCertificate function encodes and signs a certificate, CRL, CTL or certificate request. This function performs the following operations:1-> Calls CryptEncodeObject using lpszStructType to encode the "to be signed" information. 2-> Calls CryptSignCertificate to sign this encoded information. 3-> Calls CryptEncodeObject again, with lpszStructType set to X509_CERT, to further encode the resulting signed, encoded information. -------------------------------------------------------------*/// Export As X.509 certificatePBYTE pCertOut;DWORD CertLen;cret = CryptSignAndEncodeCertificate(hProv, AT_SIGNATURE, X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED, (void*)&Cert, &algId,NULL,NULL, &CertLen);if(cret == FALSE){printf("CryptSignAndEncodeCertificate Error\n ");return GetLastError();}pCertOut = (PBYTE)malloc(CertLen);if(CertLen == NULL)return GetLastError();cret = CryptSignAndEncodeCertificate(hProv, AT_SIGNATURE, X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED, (void*)&Cert, &algId,NULL,pCertOut, &CertLen);if(cret == FALSE)return GetLastError();char file[128] = "C:\\Li-X509.cer";DWORD len;HANDLE hFile = CreateFile(file ,GENERIC_READ |GENERIC_WRITE,FILE_SHARE_READ| FILE_SHARE_WRITE,NULL, CREATE_ALWAYS ,NULL, NULL);if(hFile == NULL)return GetLastError();cret = WriteFile( hFile,pCertOut,( DWORD)CertLen , &len,NULL);if( cret == FALSE )return GetLastError();cret = CloseHandle( hFile);if( cret == FALSE)return GetLastError();//Export as PKCS#7 certificatestrcpy( file,"C:\\Li-PKCS#7.cer");hFile = CreateFile(file ,GENERIC_READ |GENERIC_WRITE,FILE_SHARE_READ| FILE_SHARE_WRITE,NULL, CREATE_ALWAYS ,NULL, NULL);if(hFile == NULL)return GetLastError();HCERTSTORE hStore = CertOpenStore( CERT_STORE_PROV_MEMORY, PKCS_7_ASN_ENCODING,hProv,CERT_STORE_OPEN_EXISTING_FLAG, NULL);if( hStore == NULL)return GetLastError(); void *pvData = NULL;DWORD cbData = 0;cret = CertGetStoreProperty( hStore,CERT_STORE_LOCALIZED_NAME_PROP_ID, NULL, &cbData);if(cret == FALSE)return GetLastError();pvData = malloc(cbData);if( pvData == NULL)return GetLastError();cret = CertGetStoreProperty( hStore, CERT_STORE_LOCALIZED_NAME_PROP_ID,pvData,&cbData) ;if( cret == FALSE)return GetLastError();cret = CertSaveStore( hStore,X509_ASN_ENCODING, CERT_STORE_SAVE_AS_PKCS7, CERT_STORE_SAVE_TO_FILE, hFile,0);if( cret == FALSE)return GetLastError();cret = CloseHandle( hFile);if( cret == FALSE)return GetLastError();free( pCertOut);free(pbEncoded);free(PubKeyBuf);cret = CryptReleaseContext(hProv,0);if( cret == FALSE)return GetLastError();return 0; }void log(char *error_msg,int error_num) {DWORD dwWrite;char file[] = "C:\\log.txt";DWORD FileLen;char buf[128];if( error_msg != NULL )printf("%s ",error_msg);if( error_num != 0)printf("Error Num:%d\n",error_num);HANDLE hFile = CreateFile(file ,GENERIC_READ |GENERIC_WRITE,FILE_SHARE_READ| FILE_SHARE_WRITE,NULL, OPEN_EXISTING ,NULL, NULL);FileLen = GetFileSize(hFile,NULL);SetFilePointer( hFile,FileLen , FILE_BEGIN, NULL);sprintf( buf,"Error Num:%d \r\n",error_num );WriteFile( hFile,buf,( DWORD)strlen(buf) ,&dwWrite,NULL);CloseHandle( hFile) ;}總結
- 上一篇: CA证书制作实战
- 下一篇: openssl制作证书全过程